Merge branch '5.1' into 5.2

.github/workflows/Build.yml

@@ -51,8 +51,9 @@ jobs:
       
       - name: Upload coverage to Codecov
         if: github.event_name != 'schedule'
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
         with:
+          token: ${{ secrets.CODECOV_TOKEN }}
           file: ./_meta/coverage.xml
           fail_ci_if_error: true
 
@@ -121,8 +122,9 @@ jobs:
     
     - name: Upload coverage to Codecov
       if: github.event_name != 'schedule'
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       with:
+        token: ${{ secrets.CODECOV_TOKEN }}
         file: ./_meta/coverage.xml
         fail_ci_if_error: true
 
@@ -184,8 +186,9 @@ jobs:
     
     - name: Upload coverage to Codecov
       if: github.event_name != 'schedule'
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       with:
+        token: ${{ secrets.CODECOV_TOKEN }}
         file: ./_meta/coverage.xml
         fail_ci_if_error: true
 
@@ -237,8 +240,9 @@ jobs:
       
       - name: Upload coverage to Codecov
         if: github.event_name != 'schedule'
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
         with:
+          token: ${{ secrets.CODECOV_TOKEN }}
           file: ./_meta/coverage.xml
           fail_ci_if_error: true
 
@@ -296,8 +300,9 @@ jobs:
       
       - name: Upload coverage to Codecov
         if: github.event_name != 'schedule'
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
         with:
+          token: ${{ secrets.CODECOV_TOKEN }}
           file: ./_meta/coverage.xml
           fail_ci_if_error: true
 
@@ -348,7 +353,8 @@ jobs:
         vendor/bin/phpunit
     
     - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       with:
+        token: ${{ secrets.CODECOV_TOKEN }}
         file: ./_meta/coverage.xml
         fail_ci_if_error: true

.github/workflows/PHPStan.yml

@@ -30,4 +30,4 @@ jobs:
       run: composer update --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
 
     - name: Run PHPStan
-      run: vendor/bin/phpstan analyse app/src/ app/tests/
+      run: vendor/bin/phpstan analyse

.github/workflows/Publish.yml

@@ -0,0 +1,19 @@
+name: Publish Package to npmjs
+on:
+  release:
+    types: [published]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+        contents: read
+        id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          registry-url: 'https://registry.npmjs.org'
+      - run: npm publish --provenance --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.gitignore

@@ -1,6 +1,3 @@
-# Ignores text editor metadata
-.vscode
-
 # Ignores Mac metadata.  You can configure this globally if you use a Mac: http://islegend.com/development/setting-global-gitignore-mac-windows/
 .DS_Store
 

.vscode/extensions.json

@@ -0,0 +1,9 @@
+{
+    "recommendations": [
+        "junstyle.php-cs-fixer",
+        "xdebug.php-debug",
+        "neilbrayfield.php-docblocker",
+        "bmewburn.vscode-intelephense-client",
+        "sanderronde.phpstan-vscode"
+    ]
+}

.vscode/launch.json

@@ -0,0 +1,15 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Listen for XDebug",
+            "type": "php",
+            "request": "launch",
+            "port": 9000,
+            "log": false,
+        }
+    ]
+}

.vscode/tasks.json

@@ -0,0 +1,71 @@
+{
+    // See https://go.microsoft.com/fwlink/?LinkId=733558
+    // for the documentation about the tasks.json format
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "PHPUnit",
+            "type": "shell",
+            "options": {
+                "env": {
+                    "XDEBUG_CONFIG": "idekey=VSCODE"
+                }
+            },
+            "command": "printf '\\33c\\e[3J' && vendor/bin/phpunit --stop-on-error --stop-on-failure",
+            // "command": "printf '\\33c\\e[3J' && vendor/bin/phpunit --filter UserRedirectedToDashboardTest --stop-on-error --stop-on-failure",
+           "problemMatcher": [],
+            "group": {
+                "kind": "build",
+                "isDefault": true
+            }
+        },
+        {
+            "label": "PHP CS Fixer",
+            "type": "shell",
+            "options": {},
+            "command": "vendor/bin/php-cs-fixer fix",
+            "problemMatcher": [],
+        },
+        {
+            "label": "Serve",
+            "type": "shell",
+            "options": {},
+            "command": "php bakery serve",
+            "problemMatcher": [],
+        },
+        {
+            "label": "PHPStan",
+            "type": "shell",
+            "command": "vendor/bin/phpstan analyse",
+            "problemMatcher": []
+        },
+        {
+            "label": "npm install",
+            "type": "shell",
+            "options": {},
+            "command": "npm install",
+            "problemMatcher": [],
+        },
+        {
+            "label": "npm update",
+            "type": "shell",
+            "options": {},
+            "command": "npm update",
+            "problemMatcher": [],
+        },
+        {
+            "label": "npm run dev",
+            "type": "shell",
+            "options": {},
+            "command": "npm run dev",
+            "problemMatcher": [],
+        },
+        {
+            "label": "npm run watch",
+            "type": "shell",
+            "options": {},
+            "command": "npm run watch",
+            "problemMatcher": [],
+        }
+    ]
+}

CHANGELOG.md

@@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [5.2.0](https://github.com/userfrosting/sprinkle-admin/compare/5.1.0...5.2.0)
 
+## [5.1.1](https://github.com/userfrosting/sprinkle-admin/compare/5.1.0...5.1.1)
+- Fix issue when a Group Administrator without the `create_user_field` permission creates a new user, the new user SHOULD inherit the admin's group (Fix [#1256](https://github.com/userfrosting/UserFrosting/issues/1256))
+
 ## [5.1.0](https://github.com/userfrosting/sprinkle-admin/compare/5.0.1...5.1.0)
 - Drop PHP 8.1 support, add PHP 8.3 support
 - Update to Laravel 10

README.md

@@ -1,6 +1,7 @@
 # UserFrosting 5.2 Admin Sprinkle
 
 [![Version](https://img.shields.io/github/v/release/userfrosting/sprinkle-admin?include_prereleases)](https://github.com/userfrosting/sprinkle-admin/releases)
+[![NPM Version](https://img.shields.io/npm/v/%40userfrosting%2Fsprinkle-admin)](https://www.npmjs.com/package/@userfrosting/sprinkle-admin)
 ![PHP Version](https://img.shields.io/badge/php-%5E8.1-brightgreen)
 [![License](https://img.shields.io/badge/license-MIT-brightgreen.svg)](LICENSE.md)
 [![Build](https://img.shields.io/github/actions/workflow/status/userfrosting/sprinkle-admin/Build.yml?branch=5.2&logo=github)](https://github.com/userfrosting/sprinkle-admin/actions)
@@ -46,7 +47,7 @@ See main [UserFrosting Documentation](https://learn.userfrosting.com) for more i
 - [Changelog](CHANGELOG.md)
 - [Issues](https://github.com/userfrosting/UserFrosting/issues)
 - [License](LICENSE.md)
-- [Style Guide](STYLE-GUIDE.md)
+- [Style Guide](https://github.com/userfrosting/.github/blob/main/.github/STYLE-GUIDE.md)
 
 ## Contributing
 

app/src/Controller/User/UserCreateAction.php

@@ -128,14 +128,6 @@ protected function handle(Request $request): void
         $data['flag_verified'] = true;
         $data['flag_enabled'] = true;
 
-        // Now that we check the form, we can try to register the actual user
-        $user = new $this->userModel($data);
-
-        // Try registration. Exceptions will be thrown if it fails.
-        // No need to catch, as this kind of exception will automatically
-        // handled by the error handlers.
-        $this->userValidation->validate($user);
-
         // Determine if currentUser has permission to modify the group.  If so, show the 'group' dropdown.
         // Otherwise, set to the currentUser's group and disable the dropdown.
         if ($this->authenticator->checkAccess('create_user_field', ['fields' => ['group']]) === false) {
@@ -150,6 +142,14 @@ protected function handle(Request $request): void
             $data['group_id'] = $currentUser->group_id;
         }
 
+        // Now that we check the form, we can try to register the actual user
+        $user = new $this->userModel($data);
+
+        // Try registration. Exceptions will be thrown if it fails.
+        // No need to catch, as this kind of exception will automatically
+        // handled by the error handlers.
+        $this->userValidation->validate($user);
+
         // Ready to save
         $this->db->transaction(function () use ($user, $data, $currentUser) {
             // Store new user to database

app/tests/Controller/User/UserCreateActionTest.php

@@ -299,6 +299,65 @@ public function testPostForGroup(): void
         $this->assertSame('success', array_reverse($messages)[0]['type']);
     }
 
+    /**
+     * When a Group Administrator without the create_user_field permission
+     * creates a new user, the new user SHOULD inherit the admin's group.
+     * Same as previous test, however, `group_id` is not set in the data payload.
+     *
+     * @see https://github.com/userfrosting/UserFrosting/issues/1256
+     */
+    public function testPostForGroupIsSetAs(): void
+    {
+        /** @var Group */
+        $group = Group::factory()->create();
+
+        /** @var User */
+        $user = User::factory()->for($group)->create();
+        $this->actAsUser($user, permissions: ['create_user']);
+
+        /** @var Config */
+        $config = $this->ci->get(Config::class);
+
+        // Force locale config.
+        $config->set('site.registration.user_defaults.locale', 'en_US');
+        $config->set('site.locales.available', ['en_US' => true]);
+
+        /** @var Mailer */
+        $mailer = Mockery::mock(Mailer::class)
+            ->makePartial()
+            ->shouldReceive('send')->once()
+            ->getMock();
+        $this->ci->set(Mailer::class, $mailer);
+
+        // Set post payload
+        $data = [
+            'user_name'  => 'foo',
+            'first_name' => 'Foo',
+            'last_name'  => 'Bar',
+            'email'      => 'foo@bar.com',
+        ];
+
+        // Create request with method and url and fetch response
+        $request = $this->createJsonRequest('POST', '/api/users', $data);
+        $response = $this->handleRequest($request);
+
+        // Assert response status & body
+        $this->assertResponseStatus(200, $response);
+        $this->assertJsonResponse([], $response);
+
+        // Make sure the user is added to the db by querying it
+        /** @var User */
+        $user = User::where('email', 'foo@bar.com')->first();
+        $this->assertSame($group->id, $user->group?->id);
+        $this->assertSame('en_US', $user['locale']); // Locale will be default :)
+
+        // Test message
+        /** @var AlertStream */
+        $ms = $this->ci->get(AlertStream::class);
+        $messages = $ms->getAndClearMessages();
+        $this->assertSame('success', array_reverse($messages)[0]['type']);
+    }
+
     /**
      * @depends testPost
      */