🔄 synced file(s) with pimcore/sync-common-files (#13)

.github/ci/files/.env

@@ -0,0 +1,2 @@
+APP_ENV=test
+APP_DEBUG=true

.github/ci/files/.my.cnf

@@ -0,0 +1,5 @@
+[client]
+host=127.0.0.1
+port=33006
+user=root
+password=

.github/ci/files/bin/console

@@ -0,0 +1,46 @@
+#!/usr/bin/env php
+<?php
+/**
+ * Pimcore
+ *
+ * This source file is available under two different licenses:
+ * - GNU General Public License version 3 (GPLv3)
+ * - Pimcore Enterprise License (PEL)
+ * Full copyright and license information is available in
+ * LICENSE.md which is distributed with this source code.
+ *
+ * @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
+ * @license    http://www.pimcore.org/license     GPLv3 and PEL
+ */
+
+ob_get_clean();
+
+if (file_exists($a = getcwd() . '/vendor/autoload.php')) {
+    include $a;
+} elseif (file_exists($a = __DIR__ . '/../../../../vendor/autoload.php')) {
+    include $a;
+} elseif (file_exists($a = __DIR__ . '/../vendor/autoload.php')) {
+    include $a;
+} else {
+    fwrite(STDERR, 'Cannot locate autoloader; please run "composer install"' . PHP_EOL);
+    exit(1);
+}
+
+\Pimcore\Bootstrap::setProjectRoot();
+
+define('PIMCORE_CONSOLE', true);
+
+
+$input = new \Symfony\Component\Console\Input\ArgvInput();
+if (null !== $env = $input->getParameterOption(['--env', '-e'], null, true)) {
+    putenv('APP_ENV='.$_SERVER['APP_ENV'] = $_ENV['APP_ENV'] = $env);
+}
+
+if ($input->hasParameterOption('--no-debug', true)) {
+    putenv('APP_DEBUG='.$_SERVER['APP_DEBUG'] = $_ENV['APP_DEBUG'] = '0');
+}
+
+/** @var \Pimcore\Kernel $kernel */
+$kernel = \Pimcore\Bootstrap::startupCli();
+$application = new \Pimcore\Console\Application($kernel);
+$application->run();

.github/ci/files/config/packages/security.yaml

@@ -0,0 +1,60 @@
+security:
+    enable_authenticator_manager: true
+
+    providers:
+        pimcore_admin:
+            id: Pimcore\Bundle\AdminBundle\Security\User\UserProvider
+
+    firewalls:
+        dev:
+            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+
+        # Pimcore WebDAV HTTP basic // DO NOT CHANGE!
+        pimcore_admin_webdav:
+            pattern: ^/admin/asset/webdav
+            provider: pimcore_admin
+            http_basic: ~
+
+        # Pimcore admin form login // DO NOT CHANGE!
+        pimcore_admin:
+            pattern: ^/admin(/.*)?$
+            user_checker: Pimcore\Bundle\AdminBundle\Security\User\UserChecker
+            provider: pimcore_admin
+            login_throttling:
+                max_attempts: 3
+                interval: '5 minutes'
+            logout:
+                path: pimcore_admin_logout
+                target: pimcore_admin_login
+            form_login:
+                default_target_path: pimcore_admin_index
+                always_use_default_target_path: true
+                login_path: pimcore_admin_login
+                check_path: pimcore_admin_login_check
+                username_parameter: username
+                password_parameter: password
+            custom_authenticators:
+                - Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminTokenAuthenticator
+            two_factor:
+                auth_form_path: /admin/login/2fa                   # Path or route name of the two-factor form
+                check_path: /admin/login/2fa-verify                # Path or route name of the two-factor code check
+                default_target_path: /admin            # Where to redirect by default after successful authentication
+                always_use_default_target_path: false  # If it should always redirect to default_target_path
+                auth_code_parameter_name: _auth_code   # Name of the parameter for the two-factor authentication code
+                trusted_parameter_name: _trusted       # Name of the parameter for the trusted device option
+                multi_factor: false                    # If ALL active two-factor methods need to be fulfilled (multi-factor authentication)
+
+    access_control:
+        # Pimcore admin ACl  // DO NOT CHANGE!
+        - { path: ^/admin/settings/display-custom-logo, roles: PUBLIC_ACCESS }
+        - { path: ^/admin/login/2fa-verify, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS }
+        - { path: ^/admin/login/2fa-setup, roles: ROLE_PIMCORE_USER }
+        - { path: ^/admin/login/2fa, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS }
+        - { path: ^/admin/login$, roles: PUBLIC_ACCESS }
+        - { path: ^/admin/login/(login|lostpassword|deeplink|csrf-token)$, roles: PUBLIC_ACCESS }
+        - { path: ^/admin, roles: ROLE_PIMCORE_USER }
+
+    role_hierarchy:
+        # Pimcore admin  // DO NOT CHANGE!
+        ROLE_PIMCORE_ADMIN: [ROLE_PIMCORE_USER]

.github/ci/files/config/system.yml

@@ -0,0 +1,65 @@
+pimcore:
+    general:
+        timezone: Europe/Berlin
+        path_variable: ''
+        domain: pimcore-test.dev
+        redirect_to_maindomain: false
+        language: en
+        valid_languages: 'en,de'
+        fallback_languages:
+            en: ''
+            de: ''
+        default_language: ''
+        disable_usage_statistics: false
+    documents:
+        versions:
+            days: null
+            steps: 10
+        error_pages:
+            default: /error
+        allow_trailing_slash: 'no'
+        generate_preview: true
+    objects:
+        versions:
+            days: null
+            steps: 10
+    assets:
+        versions:
+            days: null
+            steps: 10
+        icc_rgb_profile: ''
+        icc_cmyk_profile: ''
+        hide_edit_image: false
+        disable_tree_preview: false
+    full_page_cache:
+        enabled: false
+        lifetime: null
+        exclude_patterns: ''
+        exclude_cookie: ''
+    httpclient:
+        adapter: Socket
+        proxy_host: ''
+        proxy_port: ''
+        proxy_user: ''
+        proxy_pass: ''
+    email:
+        sender:
+            name: pimcore
+            email: pimcore@example.com
+        return:
+            name: pimcore
+            email: pimcore@example.com
+        debug:
+            email_addresses: ''
+    applicationlog:
+        mail_notification:
+            send_log_summary: false
+            filter_priority: null
+            mail_receiver: ''
+        archive_treshold: '30'
+        archive_alternative_database: ''
+pimcore_admin:
+    branding:
+        color_login_screen: ''
+        color_admin_interface: ''
+        login_screen_custom_image: ''

.github/ci/files/kernel/Kernel.php

@@ -0,0 +1,22 @@
+<?php
+/**
+ * Pimcore
+ *
+ * This source file is available under two different licenses:
+ * - GNU General Public License version 3 (GPLv3)
+ * - Pimcore Enterprise License (PEL)
+ * Full copyright and license information is available in
+ * LICENSE.md which is distributed with this source code.
+ *
+ * @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
+ * @license    http://www.pimcore.org/license     GPLv3 and PEL
+ */
+
+namespace App;
+
+use Pimcore\Kernel as BaseKernel;
+
+class Kernel extends BaseKernel
+{
+
+}

.github/ci/files/public/.htaccess

@@ -0,0 +1,155 @@
+# Use the front controller as index file. It serves as a fallback solution when
+# every other rewrite/redirect fails (e.g. in an aliased environment without
+# mod_rewrite). Additionally, this reduces the matching process for the
+# start page (path "/") because otherwise Apache will apply the rewriting rules
+# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
+DirectoryIndex index_test.php
+
+# By default, Apache does not evaluate symbolic links if you did not enable this
+# feature in your server configuration. Uncomment the following line if you
+# install assets as symlinks or if you experience problems related to symlinks
+# when compiling LESS/Sass/CoffeScript assets.
+# Options FollowSymlinks
+
+# Disabling MultiViews prevents unwanted negotiation, e.g. "/app" should not resolve
+# to the front controller "/app.php" but be rewritten to "/app.php/app".
+<IfModule mod_negotiation.c>
+    Options -MultiViews
+</IfModule>
+
+# mime types
+AddType video/mp4 .mp4
+AddType video/webm .webm
+AddType image/jpeg .pjpeg
+
+Options +SymLinksIfOwnerMatch
+
+# Use UTF-8 encoding for anything served text/plain or text/html
+AddDefaultCharset utf-8
+
+RewriteEngine On
+
+<IfModule mod_headers.c>
+    <FilesMatch "\.(jpe?g|png)$">
+        Header always unset X-Content-Type-Options
+    </FilesMatch>
+</IfModule>
+
+# Determine the RewriteBase automatically and set it as environment variable.
+# If you are using Apache aliases to do mass virtual hosting or installed the
+# project in a subdirectory, the base path will be prepended to allow proper
+# resolution of the app.php file and to redirect to the correct URI. It will
+# work in environments without path prefix as well, providing a safe, one-size
+# fits all solution. But as you do not need it in this case, you can comment
+# the following 2 lines to eliminate the overhead.
+RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
+RewriteRule ^(.*) - [E=BASE:%1]
+
+# Sets the HTTP_AUTHORIZATION header removed by Apache
+RewriteCond %{HTTP:Authorization} .
+RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
+# Redirect to URI without front controller to prevent duplicate content
+# (with and without `/app.php`). Only do this redirect on the initial
+# rewrite by Apache and not on subsequent cycles. Otherwise we would get an
+# endless redirect loop (request -> rewrite to front controller ->
+# redirect -> request -> ...).
+# So in case you get a "too many redirects" error or you always get redirected
+# to the start page because your Apache does not expose the REDIRECT_STATUS
+# environment variable, you have 2 choices:
+# - disable this feature by commenting the following 2 lines or
+# - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
+#   following RewriteCond (best solution)
+RewriteCond %{ENV:REDIRECT_STATUS} ^$
+RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
+
+<IfModule mod_status.c>
+    RewriteCond %{REQUEST_URI} ^/(fpm|server)-(info|status|ping)
+    RewriteRule . - [L]
+</IfModule>
+
+# restrict access to dotfiles
+RewriteCond %{REQUEST_FILENAME} -d [OR]
+RewriteCond %{REQUEST_FILENAME} -l [OR]
+RewriteCond %{REQUEST_FILENAME} -f
+RewriteRule /\.|^\.(?!well-known/) - [F,L]
+
+# ASSETS: check if request method is GET (because of WebDAV) and if the requested file (asset) exists on the filesystem, if both match, deliver the asset directly
+RewriteCond %{REQUEST_METHOD} ^(GET|HEAD)
+RewriteCond %{DOCUMENT_ROOT}/var/assets%{REQUEST_URI} -f
+RewriteRule ^(.*)$ /var/assets%{REQUEST_URI} [PT,L]
+
+# Thumbnails
+RewriteCond %{REQUEST_URI} .*/(image|video)-thumb__[\d]+__.*
+RewriteCond %{DOCUMENT_ROOT}/var/tmp/%1-thumbnails%{REQUEST_URI} -f
+RewriteRule ^(.*)$ /var/tmp/%1-thumbnails%{REQUEST_URI} [PT,L]
+
+# cache-buster rule for scripts & stylesheets embedded using view helpers
+RewriteRule ^cache-buster\-[\d]+/(.*) $1 [PT,L]
+
+# If the requested filename exists, simply serve it.
+# We only want to let Apache serve files and not directories.
+RewriteCond %{REQUEST_FILENAME} -f
+RewriteRule ^ - [L]
+
+# Rewrite all other queries to the front controller.
+RewriteRule ^ %{ENV:BASE}/index_test.php [L]
+
+
+
+
+##########################################
+### OPTIONAL PERFORMANCE OPTIMIZATIONS ###
+##########################################
+
+<IfModule mod_deflate.c>
+    # Force compression for mangled headers.
+    # http://developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping
+    <IfModule mod_setenvif.c>
+        <IfModule mod_headers.c>
+            SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
+            RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
+        </IfModule>
+    </IfModule>
+
+    # Compress all output labeled with one of the following MIME-types
+    # (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
+    #  and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines
+    #  as `AddOutputFilterByType` is still in the core directives).
+    <IfModule mod_filter.c>
+        AddOutputFilterByType DEFLATE application/atom+xml application/javascript application/json \
+            application/vnd.ms-fontobject application/x-font-ttf application/rss+xml \
+            application/x-web-app-manifest+json application/xhtml+xml \
+            application/xml font/opentype image/svg+xml image/x-icon \
+            text/css text/html text/plain text/x-component text/xml text/javascript
+    </IfModule>
+</IfModule>
+
+<IfModule mod_expires.c>
+    ExpiresActive on
+    ExpiresDefault "access plus 31536000 seconds"
+
+    # specific overrides
+    #ExpiresByType text/css "access plus 1 year"
+</IfModule>
+
+<IfModule pagespeed_module>
+    # pimcore mod_pagespeed integration
+    # pimcore automatically disables mod_pagespeed in the following situations: debug-mode on, /admin, preview, editmode, ...
+    # if you want to disable pagespeed for specific actions in pimcore you can use $this->disableBrowserCache() in your action
+    RewriteCond %{REQUEST_URI} ^/(mod_)?pagespeed_(statistics|message|console|beacon|admin|global_admin)
+    RewriteRule . - [L]
+
+    ModPagespeed Off
+    AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html
+    ModPagespeedModifyCachingHeaders off
+    ModPagespeedRewriteLevel PassThrough
+    # low risk filters
+    ModPagespeedEnableFilters remove_comments,recompress_images
+    # low and moderate filters, recommended filters, but can cause problems
+    ModPagespeedEnableFilters lazyload_images,extend_cache_images,inline_preview_images,sprite_images
+    ModPagespeedEnableFilters combine_css,rewrite_css,move_css_to_head,flatten_css_imports,extend_cache_css,prioritize_critical_css
+    ModPagespeedEnableFilters extend_cache_scripts,combine_javascript,canonicalize_javascript_libraries,rewrite_javascript
+    # high risk
+    #ModPagespeedEnableFilters defer_javascript,local_storage_cache
+</IfModule>