Merge branch 'main' into laravel-12

* main:
  Fix code styling
  Show latest news in dashboard
  Add de:doc to sponsors list
  Allow showing 10 years of incidents. Closes #248
  Fix code styling
  [3.x] Add email verification route (#247)

Author: jbrooksuk

README.md

@@ -75,6 +75,7 @@ Login to the account at `/dashboard` and use credentials:
     <a href="https://dreamtilt.com.au"><img width="100px" src="https://github.com/dreamtilt.png" alt="Dreamtilt"></a>
     <a href="https://xyphen-it.nl"><img width="100px" src="https://github.com/xyphen-it.png" alt="Xyphen-IT"></a>
     <a href="https://coderabbit.ai/"><img width="100px" src="https://github.com/coderabbitai.png" alt="Code Rabbit"></a>
+    <a href="https://scramble.dedoc.co/"><img width="100px" src="https://github.com/dedoc.png" alt="de:doc"></a>
 </p>
 
 ## Security Vulnerabilities

composer.json

@@ -20,10 +20,12 @@
     },
     "require": {
         "php": "^8.2",
+        "ext-simplexml": "*",
         "doctrine/dbal": "^3.6",
         "filament/filament": "^3.2.57",
         "filament/spatie-laravel-settings-plugin": "^3.2",
         "guzzlehttp/guzzle": "^7.8",
+        "illuminate/cache": "^11.23.0|^12.0",
         "illuminate/console": "^11.23.0|^12.0",
         "illuminate/database": "^11.23.0|^12.0",
         "illuminate/events": "^11.23.0|^12.0",

config/cachet.php

@@ -160,4 +160,9 @@
      */
     'demo_mode' => env('CACHET_DEMO_MODE', false),
 
+    'feed' => [
+        'uri' => env('CACHET_FEED_URI', 'https://blog.cachethq.io/rss'),
+        'cache' => env('CACHET_FEED_CACHE', 3600),
+    ],
+
 ];

resources/lang/en/cachet.php

@@ -7,6 +7,11 @@
         'keep_up_to_date' => 'Keep up to date with the latest news and releases by following the *Cachet blog*.',
         'work_in_progress_text' => 'Cachet is under active development. Things are still subject to change.',
     ],
+    'feed' => [
+        'section_heading' => 'Latest Blog Posts',
+        'empty' => 'No blog posts were found. Check *the blog* for further information.',
+        'posted_at' => 'Posted :date',
+    ],
     'powered_by' => 'Powered by',
     'open_source_status_page' => 'The open-source status page.',
     'all_times_shown_in' => 'All times are shown in *:timezone*.',

resources/views/filament/widgets/feed.blade.php

@@ -0,0 +1,29 @@
+<x-filament::widget>
+    <x-filament::section :heading="__('cachet::cachet.feed.section_heading')">
+        <div class="relative">
+            <ul role="list" class="gap-4 flex flex-col">
+                @forelse ($items as $post)
+                    <li>
+                        <a class="flex items-center justify-between text-sm" href="{{ $post['link'] }}" target="_blank">
+                            <div class="overflow-hidden text-sm leading-6 text-gray-500 dark:text-gray-400">
+                                <h3 class="text-base font-medium text-gray-950 dark:text-white">{{ $post['title'] }}</h3>
+                                <time class="text-muted text-xs" datetime="{{ $post['date']->toW3cString() }}" title="{{ $post['date']->toDateTimeString() }}">
+                                    {{ __('cachet::cachet.feed.posted_at', ['date' => $post['date']->diffForHumans()]) }}
+                                </time>
+                                <p class="break-words truncate">{{ $post['description'] }}</p>
+                            </div>
+                            <div class="">
+                                <x-heroicon-o-chevron-right class="w-5 h-5 text-gray-400" />
+                            </div>
+                        </a>
+                    </li>
+                @empty
+                    <li class="text-center filament-tables-text-column">
+                        <p class="text-sm text-gray-500">{!! $noItems !!}</p>
+                    </li>
+                @endforelse
+            </ul>
+        </div>
+    </x-filament::section>
+</x-filament::widget>
+

src/Filament/Pages/Settings/ManageCachet.php

@@ -52,7 +52,7 @@ public function form(Form $form): Form
                         ->numeric()
                         ->label(__('cachet::settings.manage_cachet.incident_days_label'))
                         ->minValue(1)
-                        ->maxValue(365)
+                        ->maxValue(3650)
                         ->step(1),
 
                     Forms\Components\TextInput::make('major_outage_threshold')

src/Filament/Widgets/Feed.php

@@ -0,0 +1,92 @@
+<?php
+
+namespace Cachet\Filament\Widgets;
+
+use Filament\Widgets\Concerns\CanPoll;
+use Filament\Widgets\Widget;
+use Illuminate\Support\Carbon;
+use Illuminate\Support\Facades\Blade;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Str;
+use Illuminate\Support\Uri;
+use Throwable;
+
+class Feed extends Widget
+{
+    use CanPoll;
+
+    protected int|string|array $columnSpan = 'full';
+
+    protected static string $view = 'cachet::filament.widgets.feed';
+
+    protected static ?int $sort = 10;
+
+    protected function getViewData(): array
+    {
+        return [
+            'items' => $this->getFeed(),
+            'noItems' => Blade::render($this->getEmptyBlock()),
+        ];
+    }
+
+    /**
+     * Get the generated empty block text.
+     */
+    public function getEmptyBlock(): string
+    {
+        return preg_replace(
+            '/\*(.*?)\*/',
+            '<x-filament::link href="'.config('cachet.feed.uri').'" target="_blank" rel="nofollow noopener">$1</x-filament::link>',
+            __('cachet::cachet.feed.empty')
+        );
+    }
+
+    /**
+     * Get the feed from the cache or fetch it fresh.
+     */
+    protected function getFeed(): array
+    {
+        return Cache::flexible('cachet-feed', [
+            60 * 15,
+            60 * 60,
+        ], fn () => $this->fetchFeed(
+            config('cachet.feed.uri')
+        ));
+    }
+
+    /**
+     * Fetch the data from the given RSS feed.
+     */
+    protected function fetchFeed(string $uri, int $maxPosts = 5): array
+    {
+        try {
+            $xml = simplexml_load_string(file_get_contents($uri));
+
+            $posts = [];
+
+            $feedItems = $xml->channel->item ?? $xml->entry ?? [];
+            $feedIndex = 0;
+
+            foreach ($feedItems as $item) {
+                if ($feedIndex >= $maxPosts) {
+                    break;
+                }
+
+                $posts[] = [
+                    'title' => (string) ($item->title ?? ''),
+                    'link' => Uri::of((string) ($item->link ?? ''))->withQuery([
+                        'ref' => 'cachet-dashboard',
+                    ]),
+                    'description' => Str::of($item->description ?? $item->summary ?? '')->limit(preserveWords: true),
+                    'date' => Carbon::parse((string) ($item->pubDate ?? $item->updated ?? '')),
+                ];
+
+                $feedIndex++;
+            }
+
+            return $posts;
+        } catch (Throwable $e) {
+            return [];
+        }
+    }
+}

src/Http/Controllers/Auth/VerifyEmailController.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Cachet\Http\Controllers\Auth;
+
+use Illuminate\Foundation\Auth\EmailVerificationRequest;
+use Illuminate\Http\RedirectResponse;
+
+final class VerifyEmailController
+{
+    /**
+     * Mark the authenticated user's email address as verified.
+     */
+    public function __invoke(EmailVerificationRequest $request): RedirectResponse
+    {
+        $request->fulfill();
+
+        return redirect()->intended(route('cachet.status-page', absolute: false).'?verified=1');
+    }
+}

src/Models/User.php

@@ -4,6 +4,7 @@
 
 use Cachet\Concerns\CachetUser;
 use Cachet\Database\Factories\UserFactory;
+use Illuminate\Auth\MustVerifyEmail as MustVerifyEmailTrait;
 use Illuminate\Contracts\Auth\MustVerifyEmail;
 use Illuminate\Contracts\Translation\HasLocalePreference;
 use Illuminate\Database\Eloquent\Factories\Factory;
@@ -23,7 +24,7 @@
 class User extends Authenticatable implements CachetUser, HasLocalePreference, MustVerifyEmail
 {
     /** @use HasFactory<\Cachet\Database\Factories\UserFactory> */
-    use HasApiTokens, HasFactory, Notifiable;
+    use HasApiTokens, HasFactory, MustVerifyEmailTrait, Notifiable;
 
     /**
      * The attributes that are mass assignable.

src/PendingRouteRegistration.php

@@ -2,6 +2,7 @@
 
 namespace Cachet;
 
+use Cachet\Http\Controllers\Auth\VerifyEmailController;
 use Cachet\Http\Controllers\HealthController;
 use Cachet\Http\Controllers\RssController;
 use Cachet\Http\Controllers\Setup\SetupController;
@@ -40,7 +41,19 @@ public function register(): void
                 $router->get('/health', HealthController::class)->name('health');
 
                 $router->get('/rss', RssController::class)->name('rss');
+
             });
+
+        $this->registerEmailVerificationRoutes();
+    }
+
+    private function registerEmailVerificationRoutes(): void
+    {
+        Route::middleware('auth')->group(function () {
+            Route::get('verify-email/{id}/{hash}', VerifyEmailController::class)
+                ->middleware(['signed', 'throttle:6,1'])
+                ->name('verification.verify');
+        });
     }
 
     /**

tests/Feature/Http/Controllers/Auth/EmailVerificationTest.php

@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Cachet\Tests\Feature\Auth;
+
+use Illuminate\Auth\Events\Verified;
+use Illuminate\Support\Facades\Event;
+use Illuminate\Support\Facades\URL;
+use Workbench\App\User;
+
+use function Pest\Laravel\actingAs;
+use function PHPUnit\Framework\assertFalse;
+use function PHPUnit\Framework\assertTrue;
+
+test('email can be verified', function () {
+    $user = User::factory()->unverified()->create();
+
+    Event::fake();
+
+    $verificationUrl = URL::temporarySignedRoute(
+        'verification.verify',
+        now()->addMinutes(60),
+        ['id' => $user->id, 'hash' => sha1($user->email)]
+    );
+
+    $response = actingAs($user)->get($verificationUrl);
+
+    Event::assertDispatched(Verified::class);
+    assertTrue($user->fresh()->hasVerifiedEmail());
+    $response->assertRedirect(route('cachet.status-page', absolute: false).'?verified=1');
+});
+
+test('email is not verified with invalid hash', function () {
+    $user = User::factory()->unverified()->create();
+
+    $verificationUrl = URL::temporarySignedRoute(
+        'verification.verify',
+        now()->addMinutes(60),
+        ['id' => $user->id, 'hash' => sha1('wrong-email')]
+    );
+
+    actingAs($user)->get($verificationUrl);
+    assertFalse($user->fresh()->hasVerifiedEmail());
+});

workbench/database/factories/UserFactory.php

@@ -44,4 +44,14 @@ public function active()
             ];
         });
     }
+
+    /**
+     * Indicate that the model's email address should be unverified.
+     */
+    public function unverified(): static
+    {
+        return $this->state(fn (array $attributes) => [
+            'email_verified_at' => null,
+        ]);
+    }
 }