Upgrade just about everything

.docker/Dockerfile

@@ -1,14 +1,14 @@
-FROM php:7.2.15-apache
+FROM php:7.4.5-apache
 
 WORKDIR /var/www
 
-RUN apt-get -y update && apt-get -y upgrade && apt-get -y install libxml2-dev libpng-dev curl zlib1g-dev unzip locales
+RUN apt-get -y update && apt-get -y upgrade && apt-get -y install libxml2-dev libpng-dev curl zlib1g-dev unzip libzip-dev libonig-dev locales
 RUN echo "de_CH.UTF-8 UTF-8" >> /etc/locale.gen && echo "fr_CH.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen
 
 ENV COMPOSER_ALLOW_SUPERUSER=1
 RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
 
-RUN yes | pecl install xdebug-2.7.0 && docker-php-ext-enable xdebug
+RUN yes | pecl install xdebug-2.9.6 && docker-php-ext-enable xdebug
 ENV XDEBUG_CONFIG="remote_connect_back=1 remote_enable=1"
 
 RUN docker-php-ext-install pdo pdo_mysql mbstring xml bcmath zip gd

.docker/entrypoint.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-composer install --ignore-platform-reqs --no-interaction --no-plugins --no-scripts --prefer-dist
+composer install --no-interaction --no-plugins --no-scripts --prefer-dist
 
 if [[ ! -f .env ]]; then
     cp .env.example .env

.editorconfig

@@ -11,5 +11,14 @@ trim_trailing_whitespace = true
 [*.md]
 trim_trailing_whitespace = false
 
-[*.yml]
+[*.{yml,yaml,json}]
+indent_size = 2
+
+[resources/lang/**.php]
+insert_final_newline = false
+indent_style = tab
+tab_width = 4
+trim_trailing_whitespace = true
+
+[*.vue]
 indent_size = 2

.env.example

@@ -18,14 +18,18 @@ CACHE_DRIVER=file
 QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
 SESSION_LIFETIME=120
+# Set this to true if you use https (e.g. in production)
+SESSION_SECURE_COOKIE=false
 
-#MAIL_DRIVER=log
-MAIL_DRIVER=smtp
+#MAIL_MAILER=log
+MAIL_MAILER=smtp
 MAIL_HOST=mail
 MAIL_PORT=1025
-MAIL_USERNAME=
+MAIL_USERNAME=qualix@localhost
 MAIL_PASSWORD=
 MAIL_ENCRYPTION=
+MAIL_FROM_ADDRESS="${MAIL_USERNAME}"
+MAIL_FROM_NAME="${APP_NAME}"
 
 HITOBITO_BASE_URL=https://demo.hitobito.ch
 HITOBITO_CLIENT_UID=xxx

.env.testing

@@ -19,12 +19,14 @@ QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
 SESSION_LIFETIME=120
 
-MAIL_DRIVER=log
+MAIL_MAILER=log
 #MAIL_HOST=smtp.mailtrap.io
 #MAIL_PORT=2525
 #MAIL_USERNAME=null
 #MAIL_PASSWORD=null
 #MAIL_ENCRYPTION=null
+#MAIL_FROM_ADDRESS="${MAIL_USERNAME}"
+#MAIL_FROM_NAME="${APP_NAME}"
 
 HITOBITO_BASE_URL=https://demo.hitobito.ch
 HITOBITO_CLIENT_UID=xxx

.travis/deploy.sh

@@ -14,11 +14,14 @@ sed -ri "s~^DB_DATABASE=.*$~DB_DATABASE=${DB_DATABASE:-qualix}~" .env
 sed -ri "s~^DB_USERNAME=.*$~DB_USERNAME=$DB_USERNAME~" .env
 sed -ri "s~^DB_PASSWORD=.*$~DB_PASSWORD=$DB_PASSWORD~" .env
 
+sed -ri "s~^SESSION_SECURE_COOKIE=.*$~SESSION_SECURE_COOKIE=true~" .env
+
 sed -ri "s~^MAIL_HOST=.*$~MAIL_HOST=${MAIL_HOST:-localhost}~" .env
 sed -ri "s~^MAIL_PORT=.*$~MAIL_PORT=${MAIL_PORT:-1025}~" .env
 sed -ri "s~^MAIL_USERNAME=.*$~MAIL_USERNAME=$MAIL_USERNAME~" .env
 sed -ri "s~^MAIL_PASSWORD=.*$~MAIL_PASSWORD=$MAIL_PASSWORD~" .env
 sed -ri "s~^MAIL_ENCRYPTION=.*$~MAIL_ENCRYPTION=$MAIL_ENCRYPTION~" .env
+sed -ri "s~^MAIL_FROM_ADDRESS=.*$~MAIL_FROM_ADDRESS=$MAIL_FROM_ADDRESS~" .env
 
 sed -ri "s~^HITOBITO_BASE_URL=.*$~HITOBITO_BASE_URL=${HITOBITO_BASE_URL:-https://pbs.puzzle.ch}~" .env
 sed -ri "s~^HITOBITO_CLIENT_UID=.*$~HITOBITO_CLIENT_UID=$HITOBITO_CLIENT_UID~" .env
@@ -39,6 +42,22 @@ eval "$(ssh-agent -s)"
 chmod 600 .travis/id_rsa
 ssh-add .travis/id_rsa
 
+# Add fingerprint of server to known hosts
+echo "|1|JR7fpL0gLKe8icyVQtx89E3xKA0=|fWzxmKWZG+dr2Q+7aGePHZEYcgA= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlHpAA/T87DCjPTHb2o5nLuxfPDhj00cZB2lBlNjbbb" >> ~/.ssh/known_hosts
+echo "|1|kwYauc4WMSDAwXG/SfFoYNwYYnM=|xu3ceXG8okp44TfyR6h56godaLQ= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlHpAA/T87DCjPTHb2o5nLuxfPDhj00cZB2lBlNjbbb" >> ~/.ssh/known_hosts
+echo "|1|tkWQ7CJXd4LxeV0L/T6usElIEMk=|KPrqJZWpOb3tNR+nm4/u6KXSiFU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIKVCZ0dYk2R0cKd7/hDY4vOTkCm4vmdwtV9jhoWLff70uCAyVbYQ0qReRn/zQY15jbJmr7U84vYHwipUcndBc0=" >> ~/.ssh/known_hosts
+echo "|1|HkwzaiV9MewbGGd+CNmnUwShkD0=|w2gSII2hnyxvIX24RxdwXB94rhQ= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIKVCZ0dYk2R0cKd7/hDY4vOTkCm4vmdwtV9jhoWLff70uCAyVbYQ0qReRn/zQY15jbJmr7U84vYHwipUcndBc0=" >> ~/.ssh/known_hosts
+echo "|1|AKBTB7xthFG7AL4DDjk70zQc+Pg=|6pMFoR9FwtTtfDOmpP1Ziudngx0= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKSQ6V3VRAg8jxrM/LGkSQzCrhLa83DV3rYIIuUchzrhal8q12Ab0GERYy5Suaqmj11ydna7CkN8uSs757PTB6g=" >> ~/.ssh/known_hosts
+echo "|1|dfj9V26TOanb1MT539vM0ttx21s=|5bdR/2oxiaBU8Uh1CMVu/vwX5VA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKSQ6V3VRAg8jxrM/LGkSQzCrhLa83DV3rYIIuUchzrhal8q12Ab0GERYy5Suaqmj11ydna7CkN8uSs757PTB6g=" >> ~/.ssh/known_hosts
+
+echo "Checking PHP version"
+ssh -l $SSH_USERNAME -T $SSH_HOST <<EOF
+  set -e
+  php -v
+  cd $SSH_DIRECTORY
+  php -r "if((explode('.',PHP_VERSION)[0]*10000+explode('.',PHP_VERSION)[1]*100+explode('.',PHP_VERSION)[2])<${PHP_MIN_VERSION:-70205}){echo \"Your PHP version is too old\\n\";exit(1);}"
+EOF
+
 echo "Uploading files to the server..."
 lftp <<EOF
   set sftp:auto-confirm true

README.md

@@ -34,6 +34,8 @@ docker exec -it qualix-app php -v
 
 ## Produktive Installation
 
+> Qualix basiert auf Laravel 7 und benötigt deshalb eine PHP Version >= 7.2.5
+
 1. **Code herunterladen**: `git clone https://github.com/gloggi/qualix.git && cd qualix`
 2. **Server-Einstellungen**: Eine Kopie von .env.example namens .env erstellen und die Angaben darin ergänzen. Zum Beispiel so (kritische Angaben sind mit `<snip>` zensiert):
 ```
@@ -58,7 +60,7 @@ QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
 SESSION_LIFETIME=120
 
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=<snip>
 MAIL_PORT=<snip>
 MAIL_USERNAME=<snip>

app/Console/Commands/WaitForDb.php

@@ -42,7 +42,7 @@ public function __construct()
     /**
      * Execute the console command.
      *
-     * @return void
+     * @return int
      */
     public function handle()
     {
@@ -58,5 +58,7 @@ public function handle()
                 sleep($this->interval);
             }
         }
+
+        return 0;
     }
 }

app/Console/Kernel.php

@@ -24,8 +24,7 @@ class Kernel extends ConsoleKernel
      */
     protected function schedule(Schedule $schedule)
     {
-        // $schedule->command('inspire')
-        //          ->hourly();
+        // $schedule->command('inspire')->hourly();
     }
 
     /**

app/Exceptions/Handler.php

@@ -3,7 +3,7 @@
 namespace App\Exceptions;
 
 use App\Http\Middleware\RestoreFormDataFromExpiredSession;
-use Exception;
+use Throwable;
 use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use Illuminate\Http\UploadedFile;
@@ -33,11 +33,11 @@ class Handler extends ExceptionHandler
     /**
      * Report or log an exception.
      *
-     * @param Exception $exception
+     * @param Throwable $exception
      * @return void
-     * @throws Exception
+     * @throws Throwable
      */
-    public function report(Exception $exception) {
+    public function report(Throwable $exception) {
         if (!env('APP_DEBUG') && app()->bound('sentry') && $this->shouldReport($exception)) {
             app('sentry')->captureException($exception);
         }
@@ -48,11 +48,12 @@ public function report(Exception $exception) {
     /**
      * Render an exception into an HTTP response.
      *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Exception  $exception
-     * @return \Illuminate\Http\Response
+     * @param \Illuminate\Http\Request $request
+     * @param \Throwable $exception
+     * @return \Symfony\Component\HttpFoundation\Response
+     * @throws Throwable
      */
-    public function render($request, Exception $exception)
+    public function render($request, Throwable $exception)
     {
         if ($exception instanceof AuthenticationException && $request->method() != 'GET') {
             $this->preserveSubmittedFormData($request);

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -21,16 +21,6 @@ class ForgotPasswordController extends Controller
 
     use SendsPasswordResetEmails;
 
-    /**
-     * Create a new controller instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        $this->middleware('guest');
-    }
-
     public function broker() {
         return Password::broker('nativeUsers');
     }

app/Http/Controllers/ObservationController.php

@@ -9,7 +9,7 @@
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
-use Illuminate\Routing\RouteCollection;
+use Illuminate\Routing\RouteCollectionInterface;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -117,7 +117,7 @@ protected function redirectToPreviouslyActiveView(Request $request, Course $cour
      * @return string|object|null
      */
     protected function extractPathParameter($url, $routeName, $parameterName) {
-        /** @var RouteCollection $routes */
+        /** @var RouteCollectionInterface $routes */
         $routes = Route::getRoutes();
         return $routes->getByName($routeName)->bind(new Request([], [], [], [], [], ['REQUEST_URI' => $url]))->parameter($parameterName);
     }

app/Http/Kernel.php

@@ -17,11 +17,13 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middleware = [
+        // \App\Http\Middleware\TrustHosts::class,
+        \App\Http\Middleware\TrustProxies::class,
+        \Fruitcake\Cors\HandleCors::class,
         \App\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
         \App\Http\Middleware\TrimStrings::class,
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
-        \App\Http\Middleware\TrustProxies::class,
     ];
 
     /**
@@ -68,21 +70,4 @@ class Kernel extends HttpKernel
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
     ];
-
-    /**
-     * The priority-sorted list of middleware.
-     *
-     * This forces non-global middleware to always be in the given order.
-     *
-     * @var array
-     */
-    protected $middlewarePriority = [
-        \Illuminate\Session\Middleware\StartSession::class,
-        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
-        \App\Http\Middleware\Authenticate::class,
-        \Illuminate\Session\Middleware\AuthenticateSession::class,
-        \Illuminate\Routing\Middleware\SubstituteBindings::class,
-        \Illuminate\Auth\Middleware\Authorize::class,
-        \App\Http\Middleware\VerifyCsrfToken::class,
-    ];
 }

app/Http/Middleware/RedirectIfAuthenticated.php

@@ -22,7 +22,7 @@ public function handle($request, Closure $next, $guard = null)
         }
 
         if (Auth::guard($guard)->check()) {
-            return redirect('/');
+            return redirect(route('home'));
         }
 
         return $next($request);

app/Http/Middleware/TrustHosts.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Middleware\TrustHosts as Middleware;
+
+class TrustHosts extends Middleware
+{
+    /**
+     * Get the host patterns that should be trusted.
+     *
+     * @return array
+     */
+    public function hosts()
+    {
+        return [
+            $this->allSubdomainsOfApplicationUrl(),
+        ];
+    }
+}

app/Http/Middleware/TrustProxies.php

@@ -10,7 +10,7 @@ class TrustProxies extends Middleware
     /**
      * The trusted proxies for this application.
      *
-     * @var array
+     * @var array|string|null
      */
     protected $proxies;
 

app/Http/Middleware/VerifyCsrfToken.php

@@ -6,13 +6,6 @@
 
 class VerifyCsrfToken extends Middleware
 {
-    /**
-     * Indicates whether the XSRF-TOKEN cookie should be set on the response.
-     *
-     * @var bool
-     */
-    protected $addHttpCookie = true;
-
     /**
      * The URIs that should be excluded from CSRF verification.
      *

app/Models/Block.php

@@ -15,6 +15,7 @@
  * @property string $full_block_number
  * @property string $blockname_and_number
  * @property CarbonInterface $block_date
+ * @property Collection $requirement_ids
  * @property Course $course
  * @property Observation[] $observations
  * @property Collection $requirements
@@ -140,4 +141,13 @@ public function setFullBlockNumberAttribute($value) {
     public function getBlocknameAndNumberAttribute() {
         return implode(': ', array_filter([$this->full_block_number, $this->name]));
     }
+
+    /**
+     * Get the block date attribute in a localized format.
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function getRequirementIdsAttribute() {
+        return $this->requirements->pluck('id');
+    }
 }

app/Models/HitobitoUser.php

@@ -3,7 +3,7 @@
 namespace App\Models;
 
 use Carbon\Carbon;
-use Tightenco\Parental\HasParent;
+use Parental\HasParent;
 
 /**
  * @property int $id

app/Models/NativeUser.php

@@ -8,7 +8,7 @@
 use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
 use Illuminate\Contracts\Auth\MustVerifyEmail as MustVerifyEmailContract;
-use Tightenco\Parental\HasParent;
+use Parental\HasParent;
 
 /**
  * @property int $id

app/Models/User.php

@@ -13,7 +13,7 @@
 use Illuminate\Foundation\Auth\Access\Authorizable;
 use Illuminate\Notifications\Notifiable;
 use Illuminate\Support\Carbon;
-use Tightenco\Parental\HasChildren;
+use Parental\HasChildren;
 
 /**
  * @property int $id

app/Notifications/ResetPasswordNotification.php

@@ -18,10 +18,10 @@ class ResetPasswordNotification extends ResetPassword
     public function toMail($notifiable)
     {
         return (new MailMessage)
-            ->subject(Lang::getFromJson('Qualix password reset'))
-            ->line(Lang::getFromJson('You are receiving this email because we received a password reset request for your account.'))
-            ->action(Lang::getFromJson('Reset password'), url(config('app.url').route('password.reset', ['token' => $this->token], false)))
-            ->line(Lang::getFromJson('This password reset link will expire in :count minutes.', ['count' => config('auth.passwords.nativeUsers.expire')]))
-            ->line(Lang::getFromJson('If you did not request a password reset, no further action is required.'));
+            ->subject(Lang::get('Qualix password reset'))
+            ->line(Lang::get('You are receiving this email because we received a password reset request for your account.'))
+            ->action(Lang::get('Reset password'), url(config('app.url').route('password.reset', ['token' => $this->token], false)))
+            ->line(Lang::get('This password reset link will expire in :count minutes.', ['count' => config('auth.passwords.nativeUsers.expire')]))
+            ->line(Lang::get('If you did not request a password reset, no further action is required.'));
     }
 }