Release 4.6.4

.github/workflows/Build.yml

@@ -348,22 +348,22 @@ jobs:
     - name: Execute build
       run: php bakery build-assets
 
-  Asset-Build-Inspect:
+  # Asset-Build-Inspect:
 
-    name: Assets Build Inspection
-    runs-on: ubuntu-latest
+  #   name: Assets Build Inspection
+  #   runs-on: ubuntu-latest
 
-    steps:
-      - uses: actions/checkout@v2
+  #   steps:
+  #     - uses: actions/checkout@v2
 
-      - uses: actions/setup-node@v2
-        with:
-          node-version: ^14.0.0
+  #     - uses: actions/setup-node@v2
+  #       with:
+  #         node-version: ^14.0.0
 
-      - name: Install Dependencies
-        working-directory: build
-        run: npm i
+  #     - name: Install Dependencies
+  #       working-directory: build
+  #       run: npm i
 
-      - name: Type Validation
-        working-directory: build
-        run: node_modules/.bin/tsc -p ./tsconfig.json
+  #     - name: Type Validation
+  #       working-directory: build
+  #       run: node_modules/.bin/tsc -p ./tsconfig.json

CHANGELOG.md

@@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [v4.6.4](https://github.com/userfrosting/UserFrosting/compare/v4.6.3...v4.6.4)
+
+### Fix
+- Foreign Key constraint fails when an admin attempts to create a new user ([#1190](https://github.com/userfrosting/UserFrosting/pull/1190))
+- Fix for AccountControllerTest when registration is disabled ([#1192](https://github.com/userfrosting/UserFrosting/pull/1192))
+- Native install on PHP 8.* install fails due to eventdispatcher incompatibility between rockettheme and Symphony ([#1195](https://github.com/userfrosting/UserFrosting/issues/1195) & [#1196](https://github.com/userfrosting/UserFrosting/issues/1196))
+- Fix PHP7.4+ compatibility in Model findUnique ([#1193](https://github.com/userfrosting/UserFrosting/pull/1193))
+- Handle the case where all roles are removed from a user ([#1194](https://github.com/userfrosting/UserFrosting/pull/1194))
+
 ## [v4.6.3](https://github.com/userfrosting/UserFrosting/compare/v4.6.2...v4.6.3)
 
 ### Security

app/defines.php

@@ -11,7 +11,7 @@
 namespace UserFrosting;
 
 // Some standard defines
-define('UserFrosting\VERSION', '4.6.1');
+define('UserFrosting\VERSION', '4.6.4');
 define('UserFrosting\DS', '/');
 define('UserFrosting\PHP_MIN_VERSION', '^7.3 | ^8.0');
 define('UserFrosting\PHP_RECOMMENDED_VERSION', '^8.0');

app/sprinkles/account/tests/Integration/Controller/AccountControllerTest.php

@@ -111,6 +111,9 @@ public function testRegisterWithNoMasterUser(AccountController $controller)
      */
     public function testRegister()
     {
+        // Force Registration
+        $this->ci->config['site.registration.enabled'] = true;
+
         // Force locale config
         $this->ci->config['site.registration.user_defaults.locale'] = 'en_US';
         $this->ci->config['site.locales.available'] = [
@@ -146,6 +149,9 @@ public function testRegister()
      */
     public function testRegisterWithNoEmailVerification()
     {
+        // Force Registration
+        $this->ci->config['site.registration.enabled'] = true;
+
         // Delete previous attempt so we can reuse the same shared test code
         if ($user = User::where('email', 'testRegister@test.com')->first()) {
             $user->delete(true);
@@ -763,6 +769,12 @@ public function testpageForgotPassword(AccountController $controller)
      */
     public function testpageRegister(AccountController $controller)
     {
+        // Force Registration
+        $this->ci->config['site.registration.enabled'] = true;
+
+        // Recreate controller to use new config
+        $controller = $this->getController();
+
         $result = $controller->pageRegister($this->getRequest(), $this->getResponse(), []);
         $this->assertInstanceOf(\Psr\Http\Message\ResponseInterface::class, $result);
         $this->assertSame($result->getStatusCode(), 200);
@@ -793,6 +805,7 @@ public function testpageRegisterWithNoLocales()
     {
         // Force config
         $this->ci->config['site.locales.available'] = [];
+        $this->ci->config['site.registration.enabled'] = true;
 
         // Recreate controller to use new config
         $controller = $this->getController();
@@ -809,6 +822,9 @@ public function testpageRegisterWithNoLocales()
      */
     public function testpageRegisterWithLoggedInUser()
     {
+        // Force Config
+        $this->ci->config['site.registration.enabled'] = true;
+
         // Create a test user
         $testUser = $this->createTestUser(false, true);
 
@@ -1179,6 +1195,9 @@ public function testRegisterWithLoggedInUser()
      */
     public function testRegisterWithFailedThrottle()
     {
+        // Force config
+        $this->ci->config['site.registration.enabled'] = true;
+
         // Create fake throttler
         $throttler = m::mock(Throttler::class);
         $throttler->shouldReceive('getDelay')->once()->with('registration_attempt')->andReturn(90);
@@ -1211,6 +1230,12 @@ public function testRegisterWithFailedThrottle()
      */
     public function testRegisterWithFailedCaptcha(AccountController $controller)
     {
+        // Force config
+        $this->ci->config['site.registration.enabled'] = true;
+
+        // Recreate controller with new config
+        $controller = $this->getController();
+
         // Bypass security feature
         $fm = $this->ci->factory;
         $dummyUser = $fm->create(User::class);
@@ -1240,6 +1265,12 @@ public function testRegisterWithFailedCaptcha(AccountController $controller)
      */
     public function testRegisterWithFailedValidation(AccountController $controller)
     {
+        // Force config
+        $this->ci->config['site.registration.enabled'] = true;
+
+        // Recreate controller with new config
+        $controller = $this->getController();
+
         // Bypass security feature
         $fm = $this->ci->factory;
         $dummyUser = $fm->create(User::class);

app/sprinkles/admin/src/Controller/UserController.php

@@ -136,6 +136,11 @@ public function create(Request $request, Response $response, array $args)
             $data['group_id'] = $currentUser->group_id;
         }
 
+        // 0 maps to "No group", database requires a NULL to avoid issues with foreign keys
+        if (isset($data['group_id']) && $data['group_id'] == 0) {
+            $data['group_id'] = null;
+        }
+
         $data['flag_verified'] = 1;
         if (!isset($data['password'])) {
             // Set password as empty on initial creation.  We will then send email so new user can set it themselves via a verification token
@@ -1322,11 +1327,15 @@ public function updateField(Request $request, Response $response, array $args)
         // Get PUT parameters: value
         $put = $request->getParsedBody();
 
-        // Make sure data is part of $_PUT data
+        // Make sure data is part of $_PUT data, default to empty value if sensible, otherwise error
         if (isset($put[$fieldName])) {
             $fieldData = $put[$fieldName];
         } else {
-            throw new BadRequestException();
+            if ($fieldName == 'roles') {
+                $fieldData = [];
+            } else {
+                throw new BadRequestException();
+            }
         }
 
         // Create and validate key -> value pair

app/sprinkles/core/src/Database/Models/Model.php

@@ -70,7 +70,7 @@ public static function findUnique($value, $identifier, $checkDeleted = true)
     {
         $query = static::whereRaw("LOWER($identifier) = ?", [mb_strtolower($value)]);
 
-        if ($checkDeleted && method_exists($query, 'withTrashed')) {
+        if ($checkDeleted && $query->hasMacro('withTrashed')) {
             $query = $query->withTrashed();
         }