Updated partial transfers response

Changed

• We have updated the partial transfers collection and show route, the partial transfer object includes the URI to the relevant entity.
• We have switched additional routes in our routes files to named routes.
• We have updated the json schema file for partial transfers.

Token changes, permitted users, additional tests and more fixes

Added

• We have updated the /auth/user route, the route will now show any active created tokens.
• We have added device_name as an optional field on sign-in, if set, the generated token will be prefixed with the device name.
• We have added an include-permitted-users parameter when requesting a resource type, you will be able to see all the permitted users without having to go down the tree.
• If an API response includes a related object, the first field should be the URI to the relevant collection or resource, we have started updating responses.
• We have added a auth/user/tokens route to show the active tokens, you can view an individual token as well as delete a token.
• We have added a notification for failed jobs, if the ClearCache job fails we will get an email, luckily, it doesn't ever fail :)
• We have added the ability to assign permitted users, if you have access to a resource type you can assign a known user to the resource type.
• We have added a view permitted user endpoint.
• We have added the ability to delete a permitted user, you can delete any permitted user with access to the resource type, including yourself.
• We have added initial tests for the permitted user routes.

Changed

• We have updated sign-in to clear tokens that have not been used for a year.
• We have added additional validation to /auth/login to match the create password routes.
• We have removed additional references to our item-type entity class, keep code in the individual item type namespaces.
• We have converted out Mailables to Notifications and they get send via the queue.
• We have updated the partial-transfers route to use methods per item types, this way we can correctly return a 405 when an item doesn't support partial transfers.
• We have updated the transfers route to use methods per item types, this was we can correctly return a 405 when an item doesn't support transfers.
• We have localised all response messages in the Authentication controller to match the rest of the API.

Fixed

• We have fixed our Authentication tests, we no longer overwrite the initial user, additionally, we have updated three tests to return success on a 422, not a 401.
• We have corrected a couple of parameter conversions, two parameters not correctly being converted to Booleans.
• Unable to a delete an allocated-expense, need to clear the partial transfers table.

Post hiatus review

After being away from the code for a while I've made some changes. I've reduced the complexity around different items types because things had started to get a little complex and I know what is coming next so want to clear out as much unnecessary code as possible. This is just a first pass, I'm sure there will be more but I have many other planned tickets to get on with.

Added

• We have added additional tests for the ResourceManage controller.
• We have added tests for the ResourceTypeView controller.
• We have added a logout route.
• We have added an OPTIONS request for /auth/create-new-password.
• We have added an OPTIONS request for /auth/create-password.
• We have added an OPTIONS request for /auth/forgot-password.
• We have added an OPTIONS request for /auth/login.
• We have added an OPTIONS request for /auth/register.
• We have added an OPTIONS request for /auth/update-password.
• We have added an OPTIONS request for /auth/update-profile.
• We have added an OPTIONS request for /auth/user.
• We have added an OPTIONS request for /auth/check.

Changed

• We have made a couple of minor changes to the Docker setup.
• We have updated the README because of minor Docker changes and corrected the table layouts in the README file.
• We have updated all front-end and back-end dependencies.
• We have updated the copyright, we are now in 2022.
• We have added additional feature tests and removed some duplication in the tests, the README details the current test status.
• General refactoring, switched to method injection and logging exception messages.
• We are switching to named routes and have updated some of the route files, more will be updated as additional tests are created.
• We have done a quick review of each of the model classes and fixed a few tiny issues.
• We have reviewed all the ItemType classes, improved organisation with additional namespaces, renamed classes and methods, all with the goal being to try and make everything clearer.
• We have reviewed all item based controllers and switched to methods per item type rather than hiding all the logic in larger item classes. There is slightly more duplication but this will allow us to more easily customise each item type as new ones are added, I'm looking at you forecasting.
• We have updated the item/categories routes and will return a 405 when a category is not supported for the item type.
• We have updated the item/subcategories routes and will return a 405 when a subcategory is not supported for the item type.
• The Authentication controller no longer extends from the base app controller, it was doing some unnecessary work.

Fixed

• We have fixed the delete_resource_type_success test, wrong route.
• The notFoundOrNotAccessible response will optionally return a 403 if not accessible and not a 404.

Removed

• We have removed a few files not used by the API.

Reduce queue times; increase password min length

Changed

• We have updated our password requirements; the minimum length must now be 12 characters.
• We have updated our back-end dependencies.
• Cache clear jobs are dispatched immediately; we no longer delay items in the queue.

Tests and the resultant bug fixes

Added

• We have added additional resource-type tests.
• We have started work on resource tests.

Changed

• The cache setting for the API can now be set in .env.
• We have updated phpunit.xml; the local cache will be disabled for tests.
• We have updated our Docker setup; we have switched from MySQL 5.7 to 8.0 and PHP 7.4 to PHP 8.0.
• We have moved our Cache classes into App\Cache.
• We have updated our ConvertRouteParameters middleware; our middleware now returns a 404 for invalid route parameters.

Fixed

• We have updated some of our responses; the response no longer call exit() and are therefore testable.
• We have fixed our ResourceTypeName validator; our validator will no longer allow duplicate names.

Tests and the resultant bug fixes

Added

• We have added additional resource-type tests.
• We have started work on resource tests.

Changed

• The cache setting for the API can now be set in .env.
• We have updated phpunit.xml; the local cache will be disabled for tests.
• We have updated our Docker setup; we have switched from MySQL 5.7 to 8.0 and PHP 7.4 to PHP 8.0.
• We have moved our Cache classes into App\Cache.
• We have updated our ConvertRouteParameters middleware; our middleware now returns a 404 for invalid route parameters.

Fixed

• We have updated some of our responses; the response no longer call exit() and are therefore testable.
• We have fixed our ResourceTypeName validator; our validator will no longer allow duplicate names.

Improving first-install and making code more testable

Added

• We have started transferring our Postman response tests to local feature tests.
• We have added tests for the Authentication controller.
• We have started writing tests for the ResourceTypeManage controller.
• We have updated /auth/forgot-password and /auth/register, both now support a send GET parameter, if defined, no email will be issued.

Changed

• We are tweaking the first install; we have squashed all the migrations and tweaked the Docker setup. We have added an initial-install.sql file, this includes the required data for the API.
• We have made minor changes to how we return validation errors; we were calling exit and stalling our tests.
• We have updated the response for /auth/forgot-password and /auth/register; responses include the required follow-on URIs and parameters.
• We have updated the README, we have added a Tests section and updated the setup steps.

Switch to Sanctum, open registration

Added

• We have opened up registration on the API; you can register, login, and use all the expected authentication features.
• We have added notification emails for registration and forgot password requests.

Changed

• We have switched to Laravel Sanctum and removed all references to Laravel Passport, Sanctum makes more sense for our API.
• We have updated to Laravel version 8.
• We have tweaked our Docker setup and removed composer and phpunit.
• Content updates

X-Last-Updated

In this release, we add the X-Last-Updated header to many more routes. We are going to conditionally cache responses in the Costs to Expect App and need to know the last time the content changed, one day we will use the etag.

Changed

• We have added the X-Last-Updated header to the resource-types, resources, categories, subcategories, items and resource items collection routes.
• We have added the X-Last-Updated header to additional summary routes; the header was missing, and we are going to use it.
• We have increased the coverage of our request test suite.
• We have relocated our Transformer classes; we have moved them out of the Models namespace.

Fixed

• We have updated the way we calculated the value for X-Last-Updated. We are using the max of the created at and updated at, not just looking at the created at time.

Organise item-type code ready for expansion

In this release, we rework our item controllers, add a complete filter for the game item-type and reorganise all item-type classes.

Added

We have added a complete parameter for the game item-type; when the parameter is included and set to true, only complete games will be returned in collections and summaries.

Changed

We have added item-type based response classes for all item collections and summaries. Item and resource type items are unique; there are no shared dependencies. The shared dependencies were a result of the first two item-types being similar, with the addition of the game item-type, we have learnt our lesson.
We have tweaked the TTL for permitted, and viewable resource types. The TTL for public viewable resource types is higher than for private users.
With the addition of more item-type classes, we have tweaked our collection TTLs for public and private users.
We have moved our 'Method' classes; it doesn't make sense for them to sit inside the 'Option' namespace.
We have moved our 'AllowedValue' classes; it doesn't make sense for them to sit inside the 'Option' namespace.
We have reorganised all the item-type classes; we are keeping all the classes for each item-type together.
We have tweaked our response classes; we will do slightly less work when reading from the cache.

Removed

We have removed all our interfaces; the interfaces were not useful, and we are going a slightly different way with the item-type classes, interfaces will return.