Tags: dereuromark/cakephp-workflow
Tags
Standardize polymorphic columns to model / foreign_key (#34) * Standardize polymorphic columns to model / foreign_key (#33) Rename the polymorphic reference columns to the CakePHP ecosystem convention, as used by cakephp-comments / cakephp-favorites / cakephp-file-storage. - DB columns on workflow_transitions / workflow_locks / workflow_timeouts: entity_table -> model, entity_id -> foreign_key. WorkflowInit creates the new names; the composite and unique indexes follow them. - Add a guarded, data-preserving upgrade migration (RenamePolymorphicColumns): renames the columns on existing installs, no-op on fresh installs where WorkflowInit already created the new names. - Behavior config entityTable -> model (auto-detected from getRegistryAlias()). - foreign_key column type still follows the shared Polymorphic.type config (integer default; biginteger / uuid / binaryuuid). - Relax foreign_key validation (maxLength 36 -> 255) so longer string keys are not rejected; model keeps 128. The DB column type is the real enforcer. - Update entities, table finders/validation, services, admin controllers, templates, the DBML snapshot, tests, README and the guides (with an upgrade-from-0.1.x note). Breaking change -> 0.2.0. * Address review: idempotent rename migration, consistent labels - RenamePolymorphicColumns renames only when the source column exists and the target does not, so it is a safe no-op on fresh and partially-migrated databases. - Admin UI labels: "Entity Table" -> "Model", "Entity ID" -> "Foreign key". - Rename testIndexFiltersEntityId -> testIndexFiltersForeignKey (the earlier rename missed the PascalCase method name). - behavior.md / behavior comment: the model option defaults to the registry alias, not the physical table name.
Default entity_id to integer via the shared Polymorphic.type config k… …ey (#32) * Default entity_id to integer and make the column type configurable entity_id defaulted to biginteger; integer (CakePHP's default PK type) is the better default and matches the convention in plugins like audit-stash. The type is now configurable via Workflow.entityIdColumnType ('integer' default; 'biginteger' for large-id apps, 'uuid'/'string' for non-integer keys), read at migration time, applied to all three workflow tables. Signedness still follows Migrations.unsigned_primary_keys for integer/biginteger. Documents the key in app.example.php, installation guide, and README. * Use the shared Polymorphic.type config key for entity_id, not a bespoke one Aligns with the plugin family (e.g. cakephp-bouncer): the polymorphic entity_id column type is read from the shared 'Polymorphic.type' key (integer default; biginteger / uuid / binaryuuid) rather than a Workflow-specific key. Removes the app.example.php entry (it's a shared, not Workflow-namespaced, key) and documents it in the installation guide. * Align schema snapshots + docs with integer entity_id default - Update the hand-maintained schema snapshot (resources/schema/schema.dbml), the test schema (tests/schema.php), and the test-case DDL to integer entity_id, matching the install migration's new default. - Drop the 'string' option from the docs: entity_id is validated to <=36 chars, so use uuid/binaryuuid (or integer/biginteger) — the values the shared Polymorphic.type takes.
Fix test isolation: recreate shared transitions table with idempotenc… …y_key (#20) The migrate rollback test drops and recreates the shared in-memory workflow_transitions table; its CREATE was missing the idempotency_key column (added in the dedicated-column PR), which corrupted the schema for later tests and broke the idempotency suite when the whole suite runs together. Mirror the canonical DatabaseTestCase schema so the shared table is restored intact.
Add Workflow.adminAccess Closure gate (default-deny) (#6) The admin UI can rewrite workflow definitions and trigger transitions, so accidental exposure has real blast radius — and because the controllers extend the bare Cake\Controller\Controller (not the host's AppController), per-controller auth wired through AppController would never run anyway. Mirror the captcha plugin's "fail closed" pattern: the host app MUST configure Workflow.adminAccess as a Closure that receives the current request and returns literal true. Anything else (unset, non-Closure, returns false or a truthy non-bool, or throws) yields a 403. * Calls Authorization::skipAuthorization() when present so the cakephp/authorization plugin does not double-reject — the gate IS the authorization decision for these controllers. * A throwing Closure is logged via Cake\Log\Log and converted to a generic 403 (no stack trace leaked to the client). A Closure that itself throws ForbiddenException is respected as-is so callers can short-circuit with their own message. * Tests configure a permissive default in tests/bootstrap.php; individual tests override to exercise the deny paths. * Docs gain a leading Security section with three example gates (role check, IP allow-list, dev-only shortcut). Backwards-incompatible: existing installs that just relied on host gating will 403 until they add a Closure.