API Security has been reworked to check if request is secure, verifies
the API token created on site setup given to every member, and then
confirms the system is accepting API requests by way of the API enabled
toggle in settings
API usage is now only meant for backend use, so this needs to be noted
in the docs
removed all remaining API requests from the front end and removed the
FipamoAdminAPI js file, changing it to ContentRequest as it now handles
posting data to the system directly, authenticating it self by checking
the embedded CSRF token that regulary rotates
also renamed MaintenanceManager to Maintenance request and moved it to
the same dir as ContentRequest as they are both libraries that connect
to the backend
The first part of improving the API is removing all admin functions from
the front end so those no admin methods will be available client side.
The urls in the FipamoAdmin js file have been changed to post directly to the
system and they are handled from there. To account for this change
controller routes for every standard method have been created for better
organization and readability.
The FipamoAdmin js file will be integrated with the rest of the front
end code and will not be seperate library
the current restore process only restored images and not the additional
file types that are allowed, so that has been added
also tweaked the reset request to include the correct token so the
request does not fail API authorization
the current file backup included images, but the additional asset types
such as sound files, video and docs were not being added if they
existed, so those have been added.
also tweaked the front end script to include the correct token for the
API so the backup request doesn't fail the auth check
when creating new ui elements for uploaded files, the 'data-source'
attribute was being created to store the upload path for the file which
is used to save that info in the page doc.
that attribute should be 'data-id' as that is what sortablejs looks for
when sorting element data into arrays
regrouped api calls for better organization and to add a bit more
security. it now checks to make sure the incoming token matches the
current session to authorize requests
data sorting needed a new variable to differentiate between index page
rendering and standard page rendering, so that was added to the return
as well as updating the render script to include the variable that
wasn't being added for tags
also updated the git ignore file to ignore global images that are not
used by the base system. the script theme folder needs to be ignore as
well as that is going to updated by the theme itself for front end
coding and not used by the system
When testing themes, the script wasn't moving all assets that were in
subdirectories of the theme css folder, so that's been fixed so it moves
everything when testing a theme and rendering the site
there was also an issue with saving settings options because the script
was referencing email data that was no longer being provided from the
front end, so it was erroring out trying to save it. those references
have been removed so it's smooth sailing
Removed email settings from settings.json and moved them to the .env
file to use Laravel's mailer functionality.
references to the old mailer has been removed from settings.json,
data sorting class and the settings template file
the front end script has also been updated to accomodate different
message types, starting with a test message so members can make sure the
settings defined in the .env are working
the themes tab has been brought into alignment with the new design, so
the only thing that remains is redoing responsive styles for the
settings page
whew
setting sync is working but member data was not being updated in the
folks file or in the current active session, so that's been addressed
still need to turn on avatar updating as well, but that is tied to
updating the settings page, so that will be handled when image uploads
for that area are reactivated
conversion of markdown files to html works fine, but the coresponding
css, js and image assets were not being moved, so the class responsible
for moving them was edited so theme assets are moved to their
appropriate directories when the site is published.
also made some css and image edits, and removed a legacy css files that
were no longer in use
ported over the backup functionality from the old build to the new while
making few tweaks
instead of packaging up all files in the site to create massive zip
files, now a list of files is created for the user and blog directories
that the system will use to download and put them in the appropriate
directories, resulting in a such slimmer backup file.
archiving images my be added at a later date, but will be kept seperate
from the current back up process
the role attribute is being used incorrectly through out the site, which
is bad for screen reader, so they need to be removed and replaced with
the class attribute
the page editor was the biggest culprit, so that one has been converted
first
the last ui page that needed to be added was managing the main
navigation menu for rendered pages, so that's been turned on. menu
items can be added by pinning pages to the menu when editing them and
can be removed by unpinning them or deleting them from the navigation
edit ui
it touched quite a few systems so all of those classes needed to be
edited as well tweaking the front end script to work with the new
modular script format
the notifications and page editor ui elements where the only remaining
space that still contained font icons, so they've been removed and
replaced with svg
some styling tweaks are still needed so that will handlded as the css
edits continue
turned on the abiity to save settings to config file via the settings
page
the current member session needs to updated by the data coming in but
that will be handled by a specific member service that hasn't been built
yet, so just commenting it out for now
also fixed a minor bug that was stopping the save on render toggle from
working correctly, so now it's saving and updating the status properly
now
with the setting page set up, now the the settings api can be added,
beginning with the ability to render all files from settings.
the base settings api class is set up, so now the rest of the methods
can be added
ported over the new file uploader from the old build and made it a
service make for from some additonal file processing
i.e. image optimization or video converstion before it is saved to the system
start building out the new version of the page editing api while making
some changes to the original scripts for added flexibility and using the
full range of HTTP methods that weren't being used before.
currenlty, it's just an end to end test to make sure the plumbing works
as it should data is being passed and can be processed.
now that it all works, the guts of page editing can be completed
update sortablejs to the latest since it's been awhile and got rid of
the old version
dropped in js from the old site to begin the process of wiring up the
API, but this time around, scripts will be served directly in browswer
rather than being transpiled through NPM/Babel, eliminating the need for
NPM.
also scripting will new modularized and served specifically for the
requirements of the page loading it. no more front loading everything.
only script that is needed for that page will be retrieved. if no
scripting is needed, none will be loaded.
The only casualty so far has been syntax highlighting due to prismjs
still being a common js module, but either this will be replaced with
another library or a custom syntax enginge will be created at a later
date
There are some spacing issues that need to be addressed but the page
editor template has been added and the CSS all lines up
scripting is still an issue as the backend that handles content still
isn't in place, but the front facing piece is in place so now those
components can be built
scripting is going to get an overhaul anyway, so this is a good place to
start that process
Removed the Slim Framework from the codebase and installed the latest
Laravel version to be the new foundation for the project moving forward.
Code from the old version will now be ported to the new version.
Cleaned up the settings page by removing the improper usage of the role
tag and replaced it with class to maintain current design integrity.
Also updated the script files that was referencing the old role tags
Began the process of removing all invalid role attributes starting with the header, login, and notifications components. Updated the corresponding scripts as well.
Made a few structural changes to the header to simply it and then tested it to ensure notification still worked.
Fixed the issue where the text edit controller would scroll right off
the screen. Now it stick when it's the bottom of the header.
Also changed the background color of page links on the Start and Book
pages to indicate there is no image. It's just cleaner
There was an error in the request to set up a fresh site on the front
end and handling the respective object on the backend that was causing
the process to error out.
Also added the source map for the dash script because it's eventually
going to be fully transparent anyway.
Removed 'carot-ps' from dependencies so it had to be removed from
scripts calling that package.
Also renamed dash script to 'dash.js' just so it's clear it is for the
dashboard
Cleaned up resonsive for the rest of the remaining pages: the dash
index, page index, page editor, navigation editor and plugged in a
mobile nav that activates when the viewport gets skinny.
Whew.
Rebuilt forms for resetting the password, creating a fresh site and
restoring a site from a backup, as well as adjusting the accompanying
scripts that handle those processes.
Wasn't feeling the previous CSS responsive structure, so edited it to be
a bit more streamline.
Also fixed small issue with the backup API request.
Made a small change to notifications so the alert stays live while the
system is processing a request rather than going back to an unalert
state.
Started cleaning up responsive styles for the site starting with the
Settings section. Still needs some tweaking but the structure for that
section is in so it's just a matter of police.
Some changes need to be made to the main nav as reduced viewport throws
off the alignment.
Integrated the Notifications UI component into the header to streamline
user alerts into the overall experience.
Also added titles to use the space created by moving the notifications
compoenent to it's own space.
Rebuilt the css for the Settings UI, which also led to some changed in
the FilesAPI so it knows what to do with specific targets. There's still
some additional styling needed to polish it, but the core structure is
in place so now it can just be tweaked. The controller for this page was
adjusted as needed.
Also moved the settings sub nav convtrols to the header menu since it's
sticky now.
The upload process changed, so some tweaks needed to me made to the page
deletion process, which just marks the page as deleted but keeps the
file. Also updated the file manager to properly delete items from the
display list.
The css for page listings also had to updated [forgot to put that on the
list] so the styles for that were updated and the template pages
adjusted accordingnly.
Also forgot to mention changes to the notification display in the last
commit. It's basic as of right now but it will be enhanced as needed.
This one is a doozy, so let's breakt it down into what areas where
touched.
- updated package json to remove unneeded dependencies.
- rebuilt file uploading to simply a very convuluted process
- began proces to replace icons with https://tabler-icons.io
- began process of removing the need for css preprocessor and using
pure css
- login completed
- dashboard index completed
- page edit ui completed
- page edit ui text editor tweaked so syntax highlighting is cleaner and
more accurate
The settings and navigation UIs still remain and then polishing the
responsive for the new css structure