Merge pull request #5435 from getkirby/releases/3.9.6.1

3.9.6.1

composer.json

@@ -3,7 +3,7 @@
 	"description": "The Kirby 3 core",
 	"license": "proprietary",
 	"type": "kirby-cms",
-	"version": "3.9.6",
+	"version": "3.9.6.1",
 	"keywords": [
 		"kirby",
 		"cms",

config/components.php

@@ -140,8 +140,8 @@
 	'search' => function (
 		App $kirby,
 		Collection $collection,
-		string $query = '',
-		$params = []
+		string|null $query = '',
+		array|string $params = []
 	): Collection|bool {
 		if (is_string($params) === true) {
 			$params = ['fields' => Str::split($params, '|')];
@@ -154,9 +154,8 @@
 			'words'     => false,
 		];
 
-		$collection  = clone $collection;
-		$options     = array_merge($defaults, $params);
-		$query       = trim($query);
+		$options    = array_merge($defaults, $params);
+		$query      = trim($query ?? '');
 
 		// empty or too short search query
 		if (Str::length($query) < $options['minlength']) {

i18n/translations/de.json

@@ -183,7 +183,7 @@
 	"error.user.email.invalid": "Bitte gib eine gültige E-Mailadresse an",
 	"error.user.language.invalid": "Bitte gib eine gültige Sprache an",
 	"error.user.notFound": "Der Account \"{name}\" wurde nicht gefunden",
-	"error.user.password.excessive": "Please enter a valid password. Passwords must not be longer than 1000 characters.",
+	"error.user.password.excessive": "Bitte gib ein gültiges Passwort ein. Passwörter dürfen nicht länger als 1000 Zeichen sein.",
 	"error.user.password.invalid": "Bitte gib ein gültiges Passwort ein. Passwörter müssen mindestens 8 Zeichen lang sein.",
 	"error.user.password.notSame": "Die Passwörter stimmen nicht überein",
 	"error.user.password.undefined": "Der Account hat kein Passwort",

i18n/translations/tr.json

@@ -183,7 +183,7 @@
 	"error.user.email.invalid": "Lütfen geçerli bir e-posta adresi girin",
 	"error.user.language.invalid": "Lütfen geçerli bir dil girin",
 	"error.user.notFound": "\"{name}\" kullanıcısı bulunamadı",
-	"error.user.password.excessive": "Please enter a valid password. Passwords must not be longer than 1000 characters.",
+	"error.user.password.excessive": "Lütfen geçerli bir şifre girin. Şifreler 1000 karakterden uzun olmamalıdır.",
 	"error.user.password.invalid": "Lütfen geçerli bir şifre giriniz. Şifreler en az 8 karakter uzunluğunda olmalıdır.",
 	"error.user.password.notSame": "L\u00fctfen \u015fifreyi do\u011frulay\u0131n",
 	"error.user.password.undefined": "Bu kullanıcının şifresi yok",

src/Panel/Document.php

@@ -278,8 +278,16 @@ public static function response(array $fiber): Response
 			'panelUrl' => $uri->path()->toString(true) . '/',
 		]);
 
+		$frameAncestors = $kirby->option('panel.frameAncestors');
+		$frameAncestors = match (true) {
+			$frameAncestors === true   => "'self'",
+			is_array($frameAncestors)  => "'self' " . implode(' ', $frameAncestors),
+			is_string($frameAncestors) => $frameAncestors,
+			default                    => "'none'"
+		};
+
 		return new Response($body, 'text/html', $code, [
-			'Content-Security-Policy' => "frame-ancestors 'none'"
+			'Content-Security-Policy' => 'frame-ancestors ' . $frameAncestors
 		]);
 	}
 }

tests/Cms/Api/routes/AccountRoutesTest.php

@@ -48,6 +48,7 @@ public function setUp(): void
 
 	public function tearDown(): void
 	{
+		$this->app->session()->destroy();
 		App::destroy();
 		Field::$types = [];
 		Section::$types = [];

tests/Cms/Auth/AuthTest.php

@@ -305,8 +305,7 @@ public function testUserSessionManualSession()
 	}
 
 	/**
-	 * @covers ::status
-	 * @covers ::user
+	 * @covers ::currentUserFromSession
 	 */
 	public function testUserSessionOldTimestamp()
 	{
@@ -326,8 +325,7 @@ public function testUserSessionOldTimestamp()
 	}
 
 	/**
-	 * @covers ::status
-	 * @covers ::user
+	 * @covers ::currentUserFromSession
 	 */
 	public function testUserSessionNoTimestamp()
 	{

tests/Cms/Collections/SearchTest.php

@@ -39,6 +39,12 @@ public function testCollection()
 
 		$search = Search::collection($collection, ' ');
 		$this->assertCount(0, $search);
+
+		$search = Search::collection($collection, null);
+		$this->assertCount(0, $search);
+
+		$search = Search::collection($collection);
+		$this->assertCount(0, $search);
 	}
 
 

tests/Cms/Users/UserActionsTest.php

@@ -44,6 +44,7 @@ public function tearDown(): void
 	{
 		$this->app->session()->destroy();
 		Dir::remove($this->tmp);
+		App::destroy();
 	}
 
 	public function testChangeEmail()
@@ -303,7 +304,7 @@ public function testChangeEmailHooks()
 		$calls = 0;
 		$phpunit = $this;
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.changeEmail:before' => function (User $user, $email) use ($phpunit, &$calls) {
 					$phpunit->assertSame('[email protected]', $user->email());
@@ -318,7 +319,7 @@ public function testChangeEmailHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->changeEmail('[email protected]');
 
 		$this->assertSame(2, $calls);
@@ -329,7 +330,7 @@ public function testChangeLanguageHooks()
 		$calls = 0;
 		$phpunit = $this;
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.changeLanguage:before' => function (User $user, $language) use ($phpunit, &$calls) {
 					$phpunit->assertSame('en', $user->language());
@@ -344,7 +345,7 @@ public function testChangeLanguageHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->changeLanguage('de');
 
 		$this->assertSame(2, $calls);
@@ -355,7 +356,7 @@ public function testChangeNameHooks()
 		$calls = 0;
 		$phpunit = $this;
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.changeName:before' => function (User $user, $name) use ($phpunit, &$calls) {
 					$phpunit->assertNull($user->name()->value());
@@ -370,7 +371,7 @@ public function testChangeNameHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->changeName('Edith Thor');
 
 		$this->assertSame(2, $calls);
@@ -381,7 +382,7 @@ public function testChangePasswordHooks()
 		$calls = 0;
 		$phpunit = $this;
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.changePassword:before' => function (User $user, $password) use ($phpunit, &$calls) {
 					$phpunit->assertEmpty($user->password());
@@ -402,7 +403,7 @@ public function testChangePasswordHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->changePassword('topsecret2018');
 
 		$this->assertSame(3, $calls);
@@ -445,7 +446,7 @@ public function testChangeRoleHooks()
 		$calls = 0;
 		$phpunit = $this;
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.changeRole:before' => function (User $user, $role) use ($phpunit, &$calls) {
 					$phpunit->assertSame('editor', $user->role()->name());
@@ -460,7 +461,7 @@ public function testChangeRoleHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->changeRole('admin');
 
 		$this->assertSame(2, $calls);
@@ -476,7 +477,7 @@ public function testCreateHooks()
 			'model' => 'admin',
 		];
 
-		$this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.create:before' => function (User $user, $input) use ($phpunit, $userInput, &$calls) {
 					$phpunit->assertSame('[email protected]', $user->email());
@@ -502,7 +503,7 @@ public function testDeleteHooks()
 		$calls = 0;
 		$phpunit = $this;
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.delete:before' => function (User $user) use ($phpunit, &$calls) {
 					$phpunit->assertSame('[email protected]', $user->email());
@@ -518,7 +519,7 @@ public function testDeleteHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->delete();
 
 		$this->assertSame(2, $calls);
@@ -532,7 +533,7 @@ public function testUpdateHooks()
 			'website' => 'https://getkirby.com'
 		];
 
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.update:before' => function (User $user, $values, $strings) use ($phpunit, $input, &$calls) {
 					$phpunit->assertNull($user->website()->value());
@@ -548,7 +549,7 @@ public function testUpdateHooks()
 			]
 		]);
 
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->update($input);
 
 		$this->assertSame(2, $calls);

tests/Cms/Users/UserAuthTest.php

@@ -30,7 +30,9 @@ public function setUp(): void
 
 	public function tearDown(): void
 	{
+		$this->app->session()->destroy();
 		Dir::remove($this->tmp);
+		App::destroy();
 	}
 
 	public function testGlobalUserState()
@@ -50,7 +52,7 @@ public function testLoginLogoutHooks()
 
 		$calls         = 0;
 		$logoutSession = false;
-		$app = $this->app->clone([
+		$this->app = $this->app->clone([
 			'hooks' => [
 				'user.login:before' => function ($user, $session) use ($phpunit, &$calls) {
 					$phpunit->assertSame('[email protected]', $user->email());
@@ -86,7 +88,7 @@ public function testLoginLogoutHooks()
 		]);
 
 		// without prepopulated session
-		$user = $app->user('[email protected]');
+		$user = $this->app->user('[email protected]');
 		$user->loginPasswordless();
 		$user->logout();
 

tests/Filesystem/FTest.php

@@ -493,7 +493,15 @@ public function testMove()
 	 */
 	public function testMoveAcrossDevices()
 	{
-		$tmpDir = sys_get_temp_dir();
+		// try to find a suitable path on a different device (filesystem)
+		if (is_dir('/dev/shm') === true) {
+			// use tmpfs mount point on GitHub Actions
+			$tmpDir = '/dev/shm';
+		} else {
+			// no luck, try the system temp dir,
+			// which often also uses tmpfs
+			$tmpDir = sys_get_temp_dir();
+		}
 
 		if (stat($this->tmp)['dev'] === stat($tmpDir)['dev']) {
 			$this->markTestSkipped('Temporary directory "' . $tmpDir . '" is on the same filesystem');