Updated version and assets for release v23.06

Occured when the cell contained any block content with a differnt line
height to the table cell itself.
In firefox, cells with a height would end up with an actual greater
real cell height, which messed up TinyMCE resize calculations, causing
tables to grow.
Adding default vertical-align: top, changes this behaviour to get proper
cell heights.
Related to Firefox issue: https://bugzilla.mozilla.org/show_bug.cgi?id=569645
Have tested that editor cell text align options can still be used with
this.

For #4337

.env.example

@@ -37,8 +37,10 @@ MAIL_FROM=bookstack@example.com
 # SMTP mail options
 # These settings can be checked using the "Send a Test Email"
 # feature found in the "Settings > Maintenance" area of the system.
+# For more detailed documentation on mail options, refer to:
+# https://www.bookstackapp.com/docs/admin/email-webhooks/#email-configuration
 MAIL_HOST=localhost
-MAIL_PORT=1025
+MAIL_PORT=587
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null

.env.example.complete

@@ -3,6 +3,10 @@
 # Each option is shown with it's default value.
 # Do not copy this whole file to use as your '.env' file.
 
+# The details here only serve as a quick reference.
+# Please refer to the BookStack documentation for full details:
+# https://www.bookstackapp.com/docs/
+
 # Application environment
 # Can be 'production', 'development', 'testing' or 'demo'
 APP_ENV=production
@@ -65,20 +69,20 @@ DB_PASSWORD=database_user_password
 # certificate itself (Common Name or Subject Alternative Name).
 MYSQL_ATTR_SSL_CA="/path/to/ca.pem"
 
-# Mail system to use
-# Can be 'smtp' or 'sendmail'
+# Mail configuration
+# Refer to https://www.bookstackapp.com/docs/admin/email-webhooks/#email-configuration
 MAIL_DRIVER=smtp
-
-# Mail sending options
 MAIL_FROM=mail@bookstackapp.com
 MAIL_FROM_NAME=BookStack
 
-# SMTP mail options
 MAIL_HOST=localhost
-MAIL_PORT=1025
+MAIL_PORT=587
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
+MAIL_VERIFY_SSL=true
+
+MAIL_SENDMAIL_COMMAND="/usr/sbin/sendmail -bs"
 
 # Cache & Session driver to use
 # Can be 'file', 'database', 'memcached' or 'redis'
@@ -319,6 +323,13 @@ FILE_UPLOAD_SIZE_LIMIT=50
 # Can be 'a4' or 'letter'.
 EXPORT_PAGE_SIZE=a4
 
+# Set path to wkhtmltopdf binary for PDF generation.
+# Can be 'false' or a path path like: '/home/bins/wkhtmltopdf'
+# When false, BookStack will attempt to find a wkhtmltopdf in the application
+# root folder then fall back to the default dompdf renderer if no binary exists.
+# Only used if 'ALLOW_UNTRUSTED_SERVER_FETCHING=true' which disables security protections.
+WKHTMLTOPDF=false
+
 # Allow <script> tags in page content
 # Note, if set to 'true' the page editor may still escape scripts.
 ALLOW_CONTENT_SCRIPTS=false
@@ -369,4 +380,4 @@ LOG_FAILED_LOGIN_CHANNEL=errorlog_plain_webserver
 # IP address '146.191.42.4' would result in '146.191.x.x' being logged.
 # For the IPv6 address '2001:db8:85a3:8d3:1319:8a2e:370:7348' this would result as:
 # '2001:db8:85a3:8d3:x:x:x:x'
-IP_ADDRESS_PRECISION=4
+IP_ADDRESS_PRECISION=4

.github/translators.txt

@@ -308,3 +308,36 @@ Adrian Ocneanu (aocneanu) :: Romanian
 Eduardo Castanho (EduardoCastanho) :: Portuguese
 VIET NAM VPS (vietnamvps) :: Vietnamese
 m4tthi4s :: French
+toras9000 :: Japanese
+pathab :: German
+MichelSchoon85 :: Dutch
+Jøran Haugli (haugli92) :: Norwegian Bokmal
+Vasileios Kouvelis (VasilisKouvelis) :: Greek
+Dremski :: Bulgarian
+Frédéric SENE (nothingfr) :: French
+bendem :: French
+kostasdizas :: Greek
+Ricardo Schroeder (brownstone666) :: Portuguese, Brazilian
+Eitan MG (EitanMG) :: Hebrew
+Robin Flikkema (RobinFlikkema) :: Dutch
+Michal Gurcik (mgurcik) :: Slovak
+Pooyan Arab (pooyanarab) :: Persian
+Ochi Darma Putra (troke12) :: Indonesian
+H.-H. Peng (Hsins) :: Chinese Traditional
+Mosi  Wang (mosiwang) :: Chinese Traditional
+骆言 (LawssssCat) :: Chinese Simplified
+Stickers Gaming Shøw (StickerSGSHOW) :: French
+Le Van Chinh (Chino) (lvanchinh86) :: Vietnamese
+Rubens nagios (rubenix) :: Catalan
+Patrick Dantas (pa-tiq) :: Portuguese, Brazilian
+Michal (michalgurcik) :: Slovak
+Nepomacs :: German
+Rubens (rubenix) :: Catalan
+m4z :: German; German Informal
+TheRazvy :: Romanian
+Yossi Zilber (lortens) :: Hebrew; Uzbek
+desdinova :: French
+Ingus Rūķis (ingus.rukis) :: Latvian
+Eugene Pershin (SilentEugene) :: Russian
+周盛道 (zhoushengdao) :: Chinese Simplified
+hamidreza amini (hamidrezaamini2022) :: Persian

.github/workflows/lint-js.yml

@@ -0,0 +1,16 @@
+name: lint-js
+
+on: [push, pull_request]
+
+jobs:
+  build:
+    if: ${{ github.ref != 'refs/heads/l10n_development' }}
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v1
+
+    - name: Install NPM deps
+      run: npm ci
+
+    - name: Run formatting check
+      run: npm run lint

.github/workflows/test-migrations.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        php: ['7.4', '8.0', '8.1', '8.2']
+        php: ['8.0', '8.1', '8.2']
     steps:
       - uses: actions/checkout@v1
 

.github/workflows/test-php.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        php: ['7.4', '8.0', '8.1', '8.2']
+        php: ['8.0', '8.1', '8.2']
     steps:
     - uses: actions/checkout@v1
 

.gitignore

@@ -1,5 +1,7 @@
 /vendor
 /node_modules
+/.vscode
+/composer
 Homestead.yaml
 .env
 .idea
@@ -11,6 +13,7 @@ yarn-error.log
 /public/js/*.map
 /public/bower
 /public/build/
+/public/favicon.ico
 /storage/images
 _ide_helper.php
 /storage/debugbar
@@ -20,8 +23,10 @@ yarn.lock
 nbproject
 .buildpath
 .project
+.nvmrc
 .settings/
 webpack-stats.json
 .phpunit.result.cache
 .DS_Store
-phpstan.neon
+phpstan.neon
+esbuild-meta.json

LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2015-2022, Dan Brown and the BookStack Project contributors.
+Copyright (c) 2015-2023, Dan Brown and the BookStack Project contributors.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

app/Access/Controllers/ConfirmEmailController.php

@@ -1,34 +1,24 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\EmailConfirmationService;
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\UserRepo;
+use BookStack\Access\EmailConfirmationService;
+use BookStack\Access\LoginService;
 use BookStack\Exceptions\ConfirmationEmailException;
 use BookStack\Exceptions\UserTokenExpiredException;
 use BookStack\Exceptions\UserTokenNotFoundException;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
+use BookStack\Users\UserRepo;
 use Exception;
 use Illuminate\Http\Request;
 
 class ConfirmEmailController extends Controller
 {
-    protected EmailConfirmationService $emailConfirmationService;
-    protected LoginService $loginService;
-    protected UserRepo $userRepo;
-
-    /**
-     * Create a new controller instance.
-     */
     public function __construct(
-        EmailConfirmationService $emailConfirmationService,
-        LoginService $loginService,
-        UserRepo $userRepo
+        protected EmailConfirmationService $emailConfirmationService,
+        protected LoginService $loginService,
+        protected UserRepo $userRepo
     ) {
-        $this->emailConfirmationService = $emailConfirmationService;
-        $this->loginService = $loginService;
-        $this->userRepo = $userRepo;
     }
 
     /**

app/Access/Controllers/ForgotPasswordController.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Activity\ActivityType;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Password;
 

app/Access/Controllers/HandlesPartialLogins.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\User;
+use BookStack\Access\LoginService;
 use BookStack\Exceptions\NotFoundException;
+use BookStack\Users\Models\User;
 
 trait HandlesPartialLogins
 {

app/Access/Controllers/LoginController.php

@@ -1,13 +1,13 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Access\LoginService;
+use BookStack\Access\SocialAuthService;
 use BookStack\Exceptions\LoginAttemptEmailNeededException;
 use BookStack\Exceptions\LoginAttemptException;
 use BookStack\Facades\Activity;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;

app/Access/Controllers/MfaBackupCodesController.php

@@ -1,14 +1,14 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\Mfa\BackupCodeService;
-use BookStack\Auth\Access\Mfa\MfaSession;
-use BookStack\Auth\Access\Mfa\MfaValue;
+use BookStack\Access\LoginService;
+use BookStack\Access\Mfa\BackupCodeService;
+use BookStack\Access\Mfa\MfaSession;
+use BookStack\Access\Mfa\MfaValue;
+use BookStack\Activity\ActivityType;
 use BookStack\Exceptions\NotFoundException;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
 use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Validation\ValidationException;

app/Access/Controllers/MfaController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Auth\Access\Mfa\MfaValue;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Access\Mfa\MfaValue;
+use BookStack\Activity\ActivityType;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 
 class MfaController extends Controller

app/Access/Controllers/MfaTotpController.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\Mfa\MfaSession;
-use BookStack\Auth\Access\Mfa\MfaValue;
-use BookStack\Auth\Access\Mfa\TotpService;
-use BookStack\Auth\Access\Mfa\TotpValidationRule;
+use BookStack\Access\LoginService;
+use BookStack\Access\Mfa\MfaSession;
+use BookStack\Access\Mfa\MfaValue;
+use BookStack\Access\Mfa\TotpService;
+use BookStack\Access\Mfa\TotpValidationRule;
+use BookStack\Activity\ActivityType;
 use BookStack\Exceptions\NotFoundException;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 use Illuminate\Validation\ValidationException;
 

app/Access/Controllers/OidcController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\Oidc\OidcException;
-use BookStack\Auth\Access\Oidc\OidcService;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Access\Oidc\OidcException;
+use BookStack\Access\Oidc\OidcService;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 
 class OidcController extends Controller

app/Access/Controllers/RegisterController.php

@@ -1,13 +1,13 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\RegistrationService;
-use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Access\LoginService;
+use BookStack\Access\RegistrationService;
+use BookStack\Access\SocialAuthService;
 use BookStack\Exceptions\StoppedAuthenticationException;
 use BookStack\Exceptions\UserRegistrationException;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
 use Illuminate\Contracts\Validation\Validator as ValidatorContract;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Validator;

app/Access/Controllers/ResetPasswordController.php

@@ -1,11 +1,11 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\User;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Access\LoginService;
+use BookStack\Activity\ActivityType;
+use BookStack\Http\Controller;
+use BookStack\Users\Models\User;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;

app/Access/Controllers/Saml2Controller.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\Saml2Service;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Access\Saml2Service;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 use Illuminate\Support\Str;
 

app/Access/Controllers/SocialController.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\RegistrationService;
-use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Access\LoginService;
+use BookStack\Access\RegistrationService;
+use BookStack\Access\SocialAuthService;
 use BookStack\Exceptions\SocialDriverNotConfigured;
 use BookStack\Exceptions\SocialSignInAccountNotUsed;
 use BookStack\Exceptions\SocialSignInException;
 use BookStack\Exceptions\UserRegistrationException;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 use Illuminate\Support\Str;
 use Laravel\Socialite\Contracts\User as SocialUser;

app/Access/Controllers/ThrottlesLogins.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
 use Illuminate\Cache\RateLimiter;
 use Illuminate\Http\Request;

app/Access/Controllers/UserInviteController.php

@@ -1,12 +1,12 @@
 <?php
 
-namespace BookStack\Http\Controllers\Auth;
+namespace BookStack\Access\Controllers;
 
-use BookStack\Auth\Access\UserInviteService;
-use BookStack\Auth\UserRepo;
+use BookStack\Access\UserInviteService;
 use BookStack\Exceptions\UserTokenExpiredException;
 use BookStack\Exceptions\UserTokenNotFoundException;
-use BookStack\Http\Controllers\Controller;
+use BookStack\Http\Controller;
+use BookStack\Users\UserRepo;
 use Exception;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;

app/Access/EmailConfirmationService.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\User;
 use BookStack\Exceptions\ConfirmationEmailException;
 use BookStack\Notifications\ConfirmEmail;
+use BookStack\Users\Models\User;
 
 class EmailConfirmationService extends UserTokenService
 {
-    protected $tokenTable = 'email_confirmations';
-    protected $expiryTime = 24;
+    protected string $tokenTable = 'email_confirmations';
+    protected int $expiryTime = 24;
 
     /**
      * Create new confirmation for a user,

app/Access/ExternalBaseUserProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Contracts\Auth\UserProvider;

app/Access/GroupSyncService.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\Role;
-use BookStack\Auth\User;
+use BookStack\Users\Models\Role;
+use BookStack\Users\Models\User;
 use Illuminate\Support\Collection;
 
 class GroupSyncService

app/Access/Guards/AsyncExternalBaseSessionGuard.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Guards;
+namespace BookStack\Access\Guards;
 
 /**
  * Saml2 Session Guard.

app/Access/Guards/ExternalBaseSessionGuard.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Auth\Access\Guards;
+namespace BookStack\Access\Guards;
 
-use BookStack\Auth\Access\RegistrationService;
+use BookStack\Access\RegistrationService;
 use Illuminate\Auth\GuardHelpers;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\StatefulGuard;

app/Access/Guards/LdapSessionGuard.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace BookStack\Auth\Access\Guards;
+namespace BookStack\Access\Guards;
 
-use BookStack\Auth\Access\LdapService;
-use BookStack\Auth\Access\RegistrationService;
-use BookStack\Auth\User;
+use BookStack\Access\LdapService;
+use BookStack\Access\RegistrationService;
 use BookStack\Exceptions\JsonDebugException;
 use BookStack\Exceptions\LdapException;
 use BookStack\Exceptions\LoginAttemptEmailNeededException;
 use BookStack\Exceptions\LoginAttemptException;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Users\Models\User;
 use Illuminate\Contracts\Auth\UserProvider;
 use Illuminate\Contracts\Session\Session;
 use Illuminate\Support\Str;

app/Access/Ldap.php

@@ -0,0 +1,110 @@
+<?php
+
+namespace BookStack\Access;
+
+/**
+ * Class Ldap
+ * An object-orientated thin abstraction wrapper for common PHP LDAP functions.
+ * Allows the standard LDAP functions to be mocked for testing.
+ */
+class Ldap
+{
+    /**
+     * Connect to an LDAP server.
+     *
+     * @return resource|\LDAP\Connection|false
+     */
+    public function connect(string $hostName)
+    {
+        return ldap_connect($hostName);
+    }
+
+    /**
+     * Set the value of an LDAP option for the given connection.
+     *
+     * @param resource|\LDAP\Connection|null $ldapConnection
+     */
+    public function setOption($ldapConnection, int $option, mixed $value): bool
+    {
+        return ldap_set_option($ldapConnection, $option, $value);
+    }
+
+    /**
+     * Start TLS on the given LDAP connection.
+     */
+    public function startTls($ldapConnection): bool
+    {
+        return ldap_start_tls($ldapConnection);
+    }
+
+    /**
+     * Set the version number for the given LDAP connection.
+     *
+     * @param resource|\LDAP\Connection $ldapConnection
+     */
+    public function setVersion($ldapConnection, int $version): bool
+    {
+        return $this->setOption($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, $version);
+    }
+
+    /**
+     * Search LDAP tree using the provided filter.
+     *
+     * @param resource|\LDAP\Connection   $ldapConnection
+     *
+     * @return resource|\LDAP\Result
+     */
+    public function search($ldapConnection, string $baseDn, string $filter, array $attributes = null)
+    {
+        return ldap_search($ldapConnection, $baseDn, $filter, $attributes);
+    }
+
+    /**
+     * Get entries from an LDAP search result.
+     *
+     * @param resource|\LDAP\Connection $ldapConnection
+     * @param resource|\LDAP\Result $ldapSearchResult
+     */
+    public function getEntries($ldapConnection, $ldapSearchResult): array|false
+    {
+        return ldap_get_entries($ldapConnection, $ldapSearchResult);
+    }
+
+    /**
+     * Search and get entries immediately.
+     *
+     * @param resource|\LDAP\Connection   $ldapConnection
+     */
+    public function searchAndGetEntries($ldapConnection, string $baseDn, string $filter, array $attributes = null): array|false
+    {
+        $search = $this->search($ldapConnection, $baseDn, $filter, $attributes);
+
+        return $this->getEntries($ldapConnection, $search);
+    }
+
+    /**
+     * Bind to LDAP directory.
+     *
+     * @param resource|\LDAP\Connection $ldapConnection
+     */
+    public function bind($ldapConnection, string $bindRdn = null, string $bindPassword = null): bool
+    {
+        return ldap_bind($ldapConnection, $bindRdn, $bindPassword);
+    }
+
+    /**
+     * Explode an LDAP dn string into an array of components.
+     */
+    public function explodeDn(string $dn, int $withAttrib): array|false
+    {
+        return ldap_explode_dn($dn, $withAttrib);
+    }
+
+    /**
+     * Escape a string for use in an LDAP filter.
+     */
+    public function escape(string $value, string $ignore = '', int $flags = 0): string
+    {
+        return ldap_escape($value, $ignore, $flags);
+    }
+}

app/Access/LdapService.php

@@ -1,11 +1,11 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\User;
 use BookStack\Exceptions\JsonDebugException;
 use BookStack\Exceptions\LdapException;
 use BookStack\Uploads\UserAvatars;
+use BookStack\Users\Models\User;
 use ErrorException;
 use Illuminate\Support\Facades\Log;
 
@@ -15,26 +15,19 @@ use Illuminate\Support\Facades\Log;
  */
 class LdapService
 {
-    protected Ldap $ldap;
-    protected GroupSyncService $groupSyncService;
-    protected UserAvatars $userAvatars;
-
     /**
-     * @var resource
+     * @var resource|\LDAP\Connection
      */
     protected $ldapConnection;
 
     protected array $config;
     protected bool $enabled;
 
-    /**
-     * LdapService constructor.
-     */
-    public function __construct(Ldap $ldap, UserAvatars $userAvatars, GroupSyncService $groupSyncService)
-    {
-        $this->ldap = $ldap;
-        $this->userAvatars = $userAvatars;
-        $this->groupSyncService = $groupSyncService;
+    public function __construct(
+        protected Ldap $ldap,
+        protected UserAvatars $userAvatars,
+        protected GroupSyncService $groupSyncService
+    ) {
         $this->config = config('services.ldap');
         $this->enabled = config('auth.method') === 'ldap';
     }
@@ -59,7 +52,7 @@ class LdapService
 
         // Clean attributes
         foreach ($attributes as $index => $attribute) {
-            if (strpos($attribute, 'BIN;') === 0) {
+            if (str_starts_with($attribute, 'BIN;')) {
                 $attributes[$index] = substr($attribute, strlen('BIN;'));
             }
         }
@@ -82,7 +75,7 @@ class LdapService
      * Get the details of a user from LDAP using the given username.
      * User found via configurable user filter.
      *
-     * @throws LdapException
+     * @throws LdapException|JsonDebugException
      */
     public function getUserDetails(string $userName): ?array
     {
@@ -126,7 +119,7 @@ class LdapService
      */
     protected function getUserResponseProperty(array $userDetails, string $propertyKey, $defaultValue)
     {
-        $isBinary = strpos($propertyKey, 'BIN;') === 0;
+        $isBinary = str_starts_with($propertyKey, 'BIN;');
         $propertyKey = strtolower($propertyKey);
         $value = $defaultValue;
 
@@ -170,11 +163,11 @@ class LdapService
      * Bind the system user to the LDAP connection using the given credentials
      * otherwise anonymous access is attempted.
      *
-     * @param resource $connection
+     * @param resource|\LDAP\Connection $connection
      *
      * @throws LdapException
      */
-    protected function bindSystemUser($connection)
+    protected function bindSystemUser($connection): void
     {
         $ldapDn = $this->config['dn'];
         $ldapPass = $this->config['pass'];
@@ -197,7 +190,7 @@ class LdapService
      *
      * @throws LdapException
      *
-     * @return resource
+     * @return resource|\LDAP\Connection
      */
     protected function getConnection()
     {
@@ -216,8 +209,8 @@ class LdapService
             $this->ldap->setOption(null, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER);
         }
 
-        $serverDetails = $this->parseServerString($this->config['server']);
-        $ldapConnection = $this->ldap->connect($serverDetails['host'], $serverDetails['port']);
+        $ldapHost = $this->parseServerString($this->config['server']);
+        $ldapConnection = $this->ldap->connect($ldapHost);
 
         if ($ldapConnection === false) {
             throw new LdapException(trans('errors.ldap_cannot_connect'));
@@ -242,23 +235,16 @@ class LdapService
     }
 
     /**
-     * Parse a LDAP server string and return the host and port for a connection.
+     * Parse an LDAP server string and return the host suitable for a connection.
      * Is flexible to formats such as 'ldap.example.com:8069' or 'ldaps://ldap.example.com'.
      */
-    protected function parseServerString(string $serverString): array
+    protected function parseServerString(string $serverString): string
     {
-        $serverNameParts = explode(':', $serverString);
-
-        // If we have a protocol just return the full string since PHP will ignore a separate port.
-        if ($serverNameParts[0] === 'ldaps' || $serverNameParts[0] === 'ldap') {
-            return ['host' => $serverString, 'port' => 389];
+        if (str_starts_with($serverString, 'ldaps://') || str_starts_with($serverString, 'ldap://')) {
+            return $serverString;
         }
 
-        // Otherwise, extract the port out
-        $hostName = $serverNameParts[0];
-        $ldapPort = (count($serverNameParts) > 1) ? intval($serverNameParts[1]) : 389;
-
-        return ['host' => $hostName, 'port' => $ldapPort];
+        return "ldap://{$serverString}";
     }
 
     /**
@@ -386,7 +372,7 @@ class LdapService
      * @throws LdapException
      * @throws JsonDebugException
      */
-    public function syncGroups(User $user, string $username)
+    public function syncGroups(User $user, string $username): void
     {
         $userLdapGroups = $this->getUserGroups($username);
         $this->groupSyncService->syncUserWithFoundGroups($user, $userLdapGroups, $this->config['remove_from_groups']);

app/Access/LoginService.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Auth\Access\Mfa\MfaSession;
-use BookStack\Auth\User;
+use BookStack\Access\Mfa\MfaSession;
+use BookStack\Activity\ActivityType;
 use BookStack\Exceptions\LoginAttemptException;
 use BookStack\Exceptions\StoppedAuthenticationException;
 use BookStack\Facades\Activity;
 use BookStack\Facades\Theme;
 use BookStack\Theming\ThemeEvents;
+use BookStack\Users\Models\User;
 use Exception;
 
 class LoginService

app/Access/Mfa/BackupCodeService.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Mfa;
+namespace BookStack\Access\Mfa;
 
 use Illuminate\Support\Str;
 

app/Access/Mfa/MfaSession.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Auth\Access\Mfa;
+namespace BookStack\Access\Mfa;
 
-use BookStack\Auth\User;
+use BookStack\Users\Models\User;
 
 class MfaSession
 {

app/Access/Mfa/MfaValue.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Auth\Access\Mfa;
+namespace BookStack\Access\Mfa;
 
-use BookStack\Auth\User;
+use BookStack\Users\Models\User;
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Model;
 

app/Access/Mfa/TotpService.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Mfa;
+namespace BookStack\Access\Mfa;
 
 use BaconQrCode\Renderer\Color\Rgb;
 use BaconQrCode\Renderer\Image\SvgImageBackEnd;
@@ -8,7 +8,7 @@ use BaconQrCode\Renderer\ImageRenderer;
 use BaconQrCode\Renderer\RendererStyle\Fill;
 use BaconQrCode\Renderer\RendererStyle\RendererStyle;
 use BaconQrCode\Writer;
-use BookStack\Auth\User;
+use BookStack\Users\Models\User;
 use PragmaRX\Google2FA\Google2FA;
 use PragmaRX\Google2FA\Support\Constants;
 

app/Access/Mfa/TotpValidationRule.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Mfa;
+namespace BookStack\Access\Mfa;
 
 use Illuminate\Contracts\Validation\Rule;
 

app/Access/Oidc/OidcAccessToken.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use InvalidArgumentException;
 use League\OAuth2\Client\Token\AccessToken;

app/Access/Oidc/OidcException.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use Exception;
 

app/Access/Oidc/OidcIdToken.php

@@ -1,38 +1,19 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 class OidcIdToken
 {
-    /**
-     * @var array
-     */
-    protected $header;
-
-    /**
-     * @var array
-     */
-    protected $payload;
-
-    /**
-     * @var string
-     */
-    protected $signature;
+    protected array $header;
+    protected array $payload;
+    protected string $signature;
+    protected string $issuer;
+    protected array $tokenParts = [];
 
     /**
      * @var array[]|string[]
      */
-    protected $keys;
-
-    /**
-     * @var string
-     */
-    protected $issuer;
-
-    /**
-     * @var array
-     */
-    protected $tokenParts = [];
+    protected array $keys;
 
     public function __construct(string $token, string $issuer, array $keys)
     {
@@ -106,6 +87,14 @@ class OidcIdToken
         return $this->payload;
     }
 
+    /**
+     * Replace the existing claim data of this token with that provided.
+     */
+    public function replaceClaims(array $claims): void
+    {
+        $this->payload = $claims;
+    }
+
     /**
      * Validate the structure of the given token and ensure we have the required pieces.
      * As per https://datatracker.ietf.org/doc/html/rfc7519#section-7.2.

app/Access/Oidc/OidcInvalidKeyException.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 class OidcInvalidKeyException extends \Exception
 {

app/Access/Oidc/OidcInvalidTokenException.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use Exception;
 

app/Access/Oidc/OidcIssuerDiscoveryException.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use Exception;
 

app/Access/Oidc/OidcJwtSigningKey.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use phpseclib3\Crypt\Common\PublicKey;
 use phpseclib3\Crypt\PublicKeyLoader;

app/Access/Oidc/OidcOAuthProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use League\OAuth2\Client\Grant\AbstractGrant;
 use League\OAuth2\Client\Provider\AbstractProvider;

app/Access/Oidc/OidcProviderSettings.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
 use GuzzleHttp\Psr7\Request;
 use Illuminate\Contracts\Cache\Repository;

app/Access/Oidc/OidcService.php

@@ -1,14 +1,16 @@
 <?php
 
-namespace BookStack\Auth\Access\Oidc;
+namespace BookStack\Access\Oidc;
 
-use BookStack\Auth\Access\GroupSyncService;
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\RegistrationService;
-use BookStack\Auth\User;
+use BookStack\Access\GroupSyncService;
+use BookStack\Access\LoginService;
+use BookStack\Access\RegistrationService;
 use BookStack\Exceptions\JsonDebugException;
 use BookStack\Exceptions\StoppedAuthenticationException;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Facades\Theme;
+use BookStack\Theming\ThemeEvents;
+use BookStack\Users\Models\User;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Facades\Cache;
 use League\OAuth2\Client\OptionProvider\HttpBasicAuthOptionProvider;
@@ -21,24 +23,12 @@ use Psr\Http\Client\ClientInterface as HttpClient;
  */
 class OidcService
 {
-    protected RegistrationService $registrationService;
-    protected LoginService $loginService;
-    protected HttpClient $httpClient;
-    protected GroupSyncService $groupService;
-
-    /**
-     * OpenIdService constructor.
-     */
     public function __construct(
-        RegistrationService $registrationService,
-        LoginService $loginService,
-        HttpClient $httpClient,
-        GroupSyncService $groupService
+        protected RegistrationService $registrationService,
+        protected LoginService $loginService,
+        protected HttpClient $httpClient,
+        protected GroupSyncService $groupService
     ) {
-        $this->registrationService = $registrationService;
-        $this->loginService = $loginService;
-        $this->httpClient = $httpClient;
-        $this->groupService = $groupService;
     }
 
     /**
@@ -226,6 +216,16 @@ class OidcService
             $settings->keys,
         );
 
+        $returnClaims = Theme::dispatch(ThemeEvents::OIDC_ID_TOKEN_PRE_VALIDATE, $idToken->getAllClaims(), [
+            'access_token' => $accessToken->getToken(),
+            'expires_in' => $accessToken->getExpires(),
+            'refresh_token' => $accessToken->getRefreshToken(),
+        ]);
+
+        if (!is_null($returnClaims)) {
+            $idToken->replaceClaims($returnClaims);
+        }
+
         if ($this->config()['dump_user_details']) {
             throw new JsonDebugException($idToken->getAllClaims());
         }

app/Access/RegistrationService.php

@@ -1,15 +1,14 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Auth\SocialAccount;
-use BookStack\Auth\User;
-use BookStack\Auth\UserRepo;
+use BookStack\Activity\ActivityType;
 use BookStack\Exceptions\UserRegistrationException;
 use BookStack\Facades\Activity;
 use BookStack\Facades\Theme;
 use BookStack\Theming\ThemeEvents;
+use BookStack\Users\Models\User;
+use BookStack\Users\UserRepo;
 use Exception;
 use Illuminate\Support\Str;
 

app/Access/Saml2Service.php

@@ -1,12 +1,12 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\User;
 use BookStack\Exceptions\JsonDebugException;
 use BookStack\Exceptions\SamlException;
 use BookStack\Exceptions\StoppedAuthenticationException;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Users\Models\User;
 use Exception;
 use OneLogin\Saml2\Auth;
 use OneLogin\Saml2\Constants;
@@ -67,7 +67,7 @@ class Saml2Service
                 $returnRoute,
                 [],
                 $user->email,
-                null,
+                session()->get('saml2_session_index'),
                 true,
                 Constants::NAMEID_EMAIL_ADDRESS
             );
@@ -118,6 +118,7 @@ class Saml2Service
 
         $attrs = $toolkit->getAttributes();
         $id = $toolkit->getNameId();
+        session()->put('saml2_session_index', $toolkit->getSessionIndex());
 
         return $this->processLoginCallback($id, $attrs);
     }

app/Access/SocialAccount.php

@@ -1,9 +1,10 @@
 <?php
 
-namespace BookStack\Auth;
+namespace BookStack\Access;
 
-use BookStack\Interfaces\Loggable;
-use BookStack\Model;
+use BookStack\Activity\Models\Loggable;
+use BookStack\App\Model;
+use BookStack\Users\Models\User;
 
 /**
  * Class SocialAccount.

app/Access/SocialAuthService.php

@@ -1,12 +1,12 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\SocialAccount;
-use BookStack\Auth\User;
+use BookStack\Auth\Access\handler;
 use BookStack\Exceptions\SocialDriverNotConfigured;
 use BookStack\Exceptions\SocialSignInAccountNotUsed;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Users\Models\User;
 use Illuminate\Support\Facades\Event;
 use Illuminate\Support\Str;
 use Laravel\Socialite\Contracts\Factory as Socialite;

app/Access/UserInviteService.php

@@ -1,20 +1,18 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\User;
 use BookStack\Notifications\UserInvite;
+use BookStack\Users\Models\User;
 
 class UserInviteService extends UserTokenService
 {
-    protected $tokenTable = 'user_invites';
-    protected $expiryTime = 336; // Two weeks
+    protected string $tokenTable = 'user_invites';
+    protected int $expiryTime = 336; // Two weeks
 
     /**
      * Send an invitation to a user to sign into BookStack
      * Removes existing invitation tokens.
-     *
-     * @param User $user
      */
     public function sendInvitation(User $user)
     {

app/Access/UserTokenService.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace BookStack\Auth\Access;
+namespace BookStack\Access;
 
-use BookStack\Auth\User;
 use BookStack\Exceptions\UserTokenExpiredException;
 use BookStack\Exceptions\UserTokenNotFoundException;
+use BookStack\Users\Models\User;
 use Carbon\Carbon;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Str;
@@ -14,41 +14,29 @@ class UserTokenService
 {
     /**
      * Name of table where user tokens are stored.
-     *
-     * @var string
      */
-    protected $tokenTable = 'user_tokens';
+    protected string $tokenTable = 'user_tokens';
 
     /**
      * Token expiry time in hours.
-     *
-     * @var int
      */
-    protected $expiryTime = 24;
+    protected int $expiryTime = 24;
 
     /**
-     * Delete all email confirmations that belong to a user.
-     *
-     * @param User $user
-     *
-     * @return mixed
+     * Delete all tokens that belong to a user.
      */
-    public function deleteByUser(User $user)
+    public function deleteByUser(User $user): void
     {
-        return DB::table($this->tokenTable)
+        DB::table($this->tokenTable)
             ->where('user_id', '=', $user->id)
             ->delete();
     }
 
     /**
-     * Get the user id from a token, while check the token exists and has not expired.
-     *
-     * @param string $token
+     * Get the user id from a token, while checking the token exists and has not expired.
      *
      * @throws UserTokenNotFoundException
      * @throws UserTokenExpiredException
-     *
-     * @return int
      */
     public function checkTokenAndGetUserId(string $token): int
     {
@@ -67,8 +55,6 @@ class UserTokenService
 
     /**
      * Creates a unique token within the email confirmation database.
-     *
-     * @return string
      */
     protected function generateToken(): string
     {
@@ -82,10 +68,6 @@ class UserTokenService
 
     /**
      * Generate and store a token for the given user.
-     *
-     * @param User $user
-     *
-     * @return string
      */
     protected function createTokenForUser(User $user): string
     {
@@ -102,10 +84,6 @@ class UserTokenService
 
     /**
      * Check if the given token exists.
-     *
-     * @param string $token
-     *
-     * @return bool
      */
     protected function tokenExists(string $token): bool
     {
@@ -115,12 +93,8 @@ class UserTokenService
 
     /**
      * Get a token entry for the given token.
-     *
-     * @param string $token
-     *
-     * @return object|null
      */
-    protected function getEntryByToken(string $token)
+    protected function getEntryByToken(string $token): ?stdClass
     {
         return DB::table($this->tokenTable)
             ->where('token', '=', $token)
@@ -129,10 +103,6 @@ class UserTokenService
 
     /**
      * Check if the given token entry has expired.
-     *
-     * @param stdClass $tokenEntry
-     *
-     * @return bool
      */
     protected function entryExpired(stdClass $tokenEntry): bool
     {

app/Activity/ActivityQueries.php

@@ -1,13 +1,14 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity;
 
-use BookStack\Auth\Permissions\PermissionApplicator;
-use BookStack\Auth\User;
+use BookStack\Activity\Models\Activity;
 use BookStack\Entities\Models\Book;
 use BookStack\Entities\Models\Chapter;
 use BookStack\Entities\Models\Entity;
 use BookStack\Entities\Models\Page;
+use BookStack\Permissions\PermissionApplicator;
+use BookStack\Users\Models\User;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Relations\Relation;
 

app/Activity/ActivityType.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity;
 
 class ActivityType
 {

app/Activity/CommentRepo.php

@@ -1,32 +1,20 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity;
 
+use BookStack\Activity\Models\Comment;
 use BookStack\Entities\Models\Entity;
 use BookStack\Facades\Activity as ActivityService;
 use League\CommonMark\CommonMarkConverter;
 
-/**
- * Class CommentRepo.
- */
 class CommentRepo
 {
-    /**
-     * @var Comment
-     */
-    protected $comment;
-
-    public function __construct(Comment $comment)
-    {
-        $this->comment = $comment;
-    }
-
     /**
      * Get a comment by ID.
      */
     public function getById(int $id): Comment
     {
-        return $this->comment->newQuery()->findOrFail($id);
+        return Comment::query()->findOrFail($id);
     }
 
     /**
@@ -35,7 +23,7 @@ class CommentRepo
     public function create(Entity $entity, string $text, ?int $parent_id): Comment
     {
         $userId = user()->id;
-        $comment = $this->comment->newInstance();
+        $comment = new Comment();
 
         $comment->text = $text;
         $comment->html = $this->commentToHtml($text);
@@ -82,7 +70,7 @@ class CommentRepo
             'allow_unsafe_links' => false,
         ]);
 
-        return $converter->convertToHtml($commentText);
+        return $converter->convert($commentText);
     }
 
     /**
@@ -90,9 +78,8 @@ class CommentRepo
      */
     protected function getNextLocalId(Entity $entity): int
     {
-        /** @var Comment $comment */
-        $comment = $entity->comments(false)->orderBy('local_id', 'desc')->first();
+        $currentMaxId = $entity->comments()->max('local_id');
 
-        return ($comment->local_id ?? 0) + 1;
+        return $currentMaxId + 1;
     }
 }

app/Activity/Controllers/AuditLogController.php

@@ -1,12 +1,12 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\Activity\Controllers;
 
-use BookStack\Actions\Activity;
-use BookStack\Actions\ActivityType;
+use BookStack\Activity\ActivityType;
+use BookStack\Activity\Models\Activity;
+use BookStack\Http\Controller;
 use BookStack\Util\SimpleListOptions;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
 
 class AuditLogController extends Controller
 {

app/Activity/Controllers/CommentController.php

@@ -1,19 +1,18 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\Activity\Controllers;
 
-use BookStack\Actions\CommentRepo;
+use BookStack\Activity\CommentRepo;
 use BookStack\Entities\Models\Page;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 use Illuminate\Validation\ValidationException;
 
 class CommentController extends Controller
 {
-    protected $commentRepo;
-
-    public function __construct(CommentRepo $commentRepo)
-    {
-        $this->commentRepo = $commentRepo;
+    public function __construct(
+        protected CommentRepo $commentRepo
+    ) {
     }
 
     /**
@@ -42,7 +41,13 @@ class CommentController extends Controller
         $this->checkPermission('comment-create-all');
         $comment = $this->commentRepo->create($page, $request->get('text'), $request->get('parent_id'));
 
-        return view('comments.comment', ['comment' => $comment]);
+        return view('comments.comment-branch', [
+            'readOnly' => false,
+            'branch' => [
+                'comment' => $comment,
+                'children' => [],
+            ]
+        ]);
     }
 
     /**
@@ -62,7 +67,7 @@ class CommentController extends Controller
 
         $comment = $this->commentRepo->update($comment, $request->get('text'));
 
-        return view('comments.comment', ['comment' => $comment]);
+        return view('comments.comment', ['comment' => $comment, 'readOnly' => false]);
     }
 
     /**

app/Activity/Controllers/FavouriteController.php

@@ -1,11 +1,12 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\Activity\Controllers;
 
+use BookStack\Activity\Models\Favouritable;
+use BookStack\App\Model;
 use BookStack\Entities\Models\Entity;
 use BookStack\Entities\Queries\TopFavourites;
-use BookStack\Interfaces\Favouritable;
-use BookStack\Model;
+use BookStack\Http\Controller;
 use Illuminate\Http\Request;
 
 class FavouriteController extends Controller

app/Activity/Controllers/TagController.php

@@ -1,18 +1,17 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\Activity\Controllers;
 
-use BookStack\Actions\TagRepo;
+use BookStack\Activity\TagRepo;
+use BookStack\Http\Controller;
 use BookStack\Util\SimpleListOptions;
 use Illuminate\Http\Request;
 
 class TagController extends Controller
 {
-    protected TagRepo $tagRepo;
-
-    public function __construct(TagRepo $tagRepo)
-    {
-        $this->tagRepo = $tagRepo;
+    public function __construct(
+        protected TagRepo $tagRepo
+    ) {
     }
 
     /**

app/Activity/Controllers/WebhookController.php

@@ -1,10 +1,11 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\Activity\Controllers;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Actions\Queries\WebhooksAllPaginatedAndSorted;
-use BookStack\Actions\Webhook;
+use BookStack\Activity\ActivityType;
+use BookStack\Activity\Models\Webhook;
+use BookStack\Activity\Queries\WebhooksAllPaginatedAndSorted;
+use BookStack\Http\Controller;
 use BookStack\Util\SimpleListOptions;
 use Illuminate\Http\Request;
 

app/Activity/DispatchWebhookJob.php

@@ -1,11 +1,13 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity;
 
-use BookStack\Auth\User;
+use BookStack\Activity\Models\Loggable;
+use BookStack\Activity\Models\Webhook;
+use BookStack\Activity\Tools\WebhookFormatter;
 use BookStack\Facades\Theme;
-use BookStack\Interfaces\Loggable;
 use BookStack\Theming\ThemeEvents;
+use BookStack\Users\Models\User;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Foundation\Bus\Dispatchable;

app/Activity/Models/Activity.php

@@ -1,11 +1,11 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
-use BookStack\Auth\Permissions\JointPermission;
-use BookStack\Auth\User;
+use BookStack\App\Model;
 use BookStack\Entities\Models\Entity;
-use BookStack\Model;
+use BookStack\Permissions\Models\JointPermission;
+use BookStack\Users\Models\User;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
@@ -19,6 +19,8 @@ use Illuminate\Support\Str;
  * @property string $entity_type
  * @property int    $entity_id
  * @property int    $user_id
+ * @property Carbon $created_at
+ * @property Carbon $updated_at
  */
 class Activity extends Model
 {

app/Activity/Models/Comment.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
-use BookStack\Model;
-use BookStack\Traits\HasCreatorAndUpdater;
+use BookStack\App\Model;
+use BookStack\Users\Models\HasCreatorAndUpdater;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 

app/Activity/Models/Favouritable.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Interfaces;
+namespace BookStack\Activity\Models;
 
 use Illuminate\Database\Eloquent\Relations\MorphMany;
 

app/Activity/Models/Favourite.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
-use BookStack\Auth\Permissions\JointPermission;
-use BookStack\Model;
+use BookStack\App\Model;
+use BookStack\Permissions\Models\JointPermission;
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 

app/Activity/Models/Loggable.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Interfaces;
+namespace BookStack\Activity\Models;
 
 interface Loggable
 {

app/Activity/Models/Tag.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
-use BookStack\Auth\Permissions\JointPermission;
-use BookStack\Model;
+use BookStack\App\Model;
+use BookStack\Permissions\Models\JointPermission;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\MorphTo;

app/Activity/Models/View.php

@@ -1,10 +1,9 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
-use BookStack\Auth\Permissions\JointPermission;
-use BookStack\Interfaces\Viewable;
-use BookStack\Model;
+use BookStack\App\Model;
+use BookStack\Permissions\Models\JointPermission;
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 
@@ -55,12 +54,4 @@ class View extends Model
 
         return $view->views;
     }
-
-    /**
-     * Clear all views from the system.
-     */
-    public static function clearAll()
-    {
-        static::query()->truncate();
-    }
 }

app/Activity/Models/Viewable.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Interfaces;
+namespace BookStack\Activity\Models;
 
 use Illuminate\Database\Eloquent\Relations\MorphMany;
 

app/Activity/Models/Webhook.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
-use BookStack\Interfaces\Loggable;
+use BookStack\Activity\ActivityType;
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Database\Eloquent\Factories\HasFactory;

app/Activity/Models/WebhookTrackedEvent.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Models;
 
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;

app/Activity/Queries/WebhooksAllPaginatedAndSorted.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Actions\Queries;
+namespace BookStack\Activity\Queries;
 
-use BookStack\Actions\Webhook;
+use BookStack\Activity\Models\Webhook;
 use BookStack\Util\SimpleListOptions;
 use Illuminate\Pagination\LengthAwarePaginator;
 

app/Activity/TagRepo.php

@@ -1,9 +1,10 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity;
 
-use BookStack\Auth\Permissions\PermissionApplicator;
+use BookStack\Activity\Models\Tag;
 use BookStack\Entities\Models\Entity;
+use BookStack\Permissions\PermissionApplicator;
 use BookStack\Util\SimpleListOptions;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Collection;
@@ -11,11 +12,9 @@ use Illuminate\Support\Facades\DB;
 
 class TagRepo
 {
-    protected PermissionApplicator $permissions;
-
-    public function __construct(PermissionApplicator $permissions)
-    {
-        $this->permissions = $permissions;
+    public function __construct(
+        protected PermissionApplicator $permissions
+    ) {
     }
 
     /**
@@ -90,6 +89,7 @@ class TagRepo
     {
         $query = Tag::query()
             ->select('*', DB::raw('count(*) as count'))
+            ->where('value', '!=', '')
             ->groupBy('value');
 
         if ($searchTerm) {

app/Activity/Tools/ActivityLogger.php

@@ -1,10 +1,13 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Tools;
 
+use BookStack\Activity\DispatchWebhookJob;
+use BookStack\Activity\Models\Activity;
+use BookStack\Activity\Models\Loggable;
+use BookStack\Activity\Models\Webhook;
 use BookStack\Entities\Models\Entity;
 use BookStack\Facades\Theme;
-use BookStack\Interfaces\Loggable;
 use BookStack\Theming\ThemeEvents;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Log;

app/Activity/Tools/CommentTree.php

@@ -0,0 +1,102 @@
+<?php
+
+namespace BookStack\Activity\Tools;
+
+use BookStack\Activity\Models\Comment;
+use BookStack\Entities\Models\Page;
+
+class CommentTree
+{
+    /**
+     * The built nested tree structure array.
+     * @var array{comment: Comment, depth: int, children: array}[]
+     */
+    protected array $tree;
+    protected array $comments;
+
+    public function __construct(
+        protected Page $page
+    ) {
+        $this->comments = $this->loadComments();
+        $this->tree = $this->createTree($this->comments);
+    }
+
+    public function enabled(): bool
+    {
+        return !setting('app-disable-comments');
+    }
+
+    public function empty(): bool
+    {
+        return count($this->tree) === 0;
+    }
+
+    public function count(): int
+    {
+        return count($this->comments);
+    }
+
+    public function get(): array
+    {
+        return $this->tree;
+    }
+
+    /**
+     * @param Comment[] $comments
+     */
+    protected function createTree(array $comments): array
+    {
+        $byId = [];
+        foreach ($comments as $comment) {
+            $byId[$comment->local_id] = $comment;
+        }
+
+        $childMap = [];
+        foreach ($comments as $comment) {
+            $parent = $comment->parent_id;
+            if (is_null($parent) || !isset($byId[$parent])) {
+                $parent = 0;
+            }
+
+            if (!isset($childMap[$parent])) {
+                $childMap[$parent] = [];
+            }
+            $childMap[$parent][] = $comment->local_id;
+        }
+
+        $tree = [];
+        foreach ($childMap[0] ?? [] as $childId) {
+            $tree[] = $this->createTreeForId($childId, 0, $byId, $childMap);
+        }
+
+        return $tree;
+    }
+
+    protected function createTreeForId(int $id, int $depth, array &$byId, array &$childMap): array
+    {
+        $childIds = $childMap[$id] ?? [];
+        $children = [];
+
+        foreach ($childIds as $childId) {
+            $children[] = $this->createTreeForId($childId, $depth + 1, $byId, $childMap);
+        }
+
+        return [
+            'comment' => $byId[$id],
+            'depth' => $depth,
+            'children' => $children,
+        ];
+    }
+
+    protected function loadComments(): array
+    {
+        if (!$this->enabled()) {
+            return [];
+        }
+
+        return $this->page->comments()
+            ->with('createdBy')
+            ->get()
+            ->all();
+    }
+}

app/Activity/Tools/IpFormatter.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Tools;
 
 class IpFormatter
 {

app/Activity/Tools/TagClassGenerator.php

@@ -1,6 +1,8 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Tools;
+
+use BookStack\Activity\Models\Tag;
 
 class TagClassGenerator
 {

app/Activity/Tools/WebhookFormatter.php

@@ -1,12 +1,14 @@
 <?php
 
-namespace BookStack\Actions;
+namespace BookStack\Activity\Tools;
 
-use BookStack\Auth\User;
+use BookStack\Activity\ActivityType;
+use BookStack\Activity\Models\Loggable;
+use BookStack\Activity\Models\Webhook;
+use BookStack\App\Model;
 use BookStack\Entities\Models\Entity;
 use BookStack\Entities\Models\Page;
-use BookStack\Interfaces\Loggable;
-use BookStack\Model;
+use BookStack\Users\Models\User;
 use Illuminate\Support\Carbon;
 
 class WebhookFormatter

app/Api/ApiDocsController.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Http\Controllers\Api;
+namespace BookStack\Api;
 
-use BookStack\Api\ApiDocsGenerator;
+use BookStack\Http\ApiController;
 
 class ApiDocsController extends ApiController
 {
@@ -28,4 +28,12 @@ class ApiDocsController extends ApiController
 
         return response()->json($docs);
     }
+
+    /**
+     * Redirect to the API docs page.
+     */
+    public function redirect()
+    {
+        return redirect('/api/docs');
+    }
 }

app/Api/ApiDocsGenerator.php

@@ -2,7 +2,7 @@
 
 namespace BookStack\Api;
 
-use BookStack\Http\Controllers\Api\ApiController;
+use BookStack\Http\ApiController;
 use Exception;
 use Illuminate\Contracts\Container\BindingResolutionException;
 use Illuminate\Support\Collection;
@@ -16,8 +16,8 @@ use ReflectionMethod;
 
 class ApiDocsGenerator
 {
-    protected $reflectionClasses = [];
-    protected $controllerClasses = [];
+    protected array $reflectionClasses = [];
+    protected array $controllerClasses = [];
 
     /**
      * Load the docs form the cache if existing
@@ -139,9 +139,10 @@ class ApiDocsGenerator
     protected function parseDescriptionFromMethodComment(string $comment): string
     {
         $matches = [];
-        preg_match_all('/^\s*?\*\s((?![@\s]).*?)$/m', $comment, $matches);
+        preg_match_all('/^\s*?\*\s?($|((?![\/@\s]).*?))$/m', $comment, $matches);
 
-        return implode(' ', $matches[1] ?? []);
+        $text = implode(' ', $matches[1] ?? []);
+        return str_replace('  ', "\n", $text);
     }
 
     /**

app/Api/ApiToken.php

@@ -2,8 +2,8 @@
 
 namespace BookStack\Api;
 
-use BookStack\Auth\User;
-use BookStack\Interfaces\Loggable;
+use BookStack\Activity\Models\Loggable;
+use BookStack\Users\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Support\Carbon;

app/Api/ApiTokenGuard.php

@@ -2,7 +2,7 @@
 
 namespace BookStack\Api;
 
-use BookStack\Auth\Access\LoginService;
+use BookStack\Access\LoginService;
 use BookStack\Exceptions\ApiAuthException;
 use Illuminate\Auth\GuardHelpers;
 use Illuminate\Contracts\Auth\Authenticatable;

app/Api/UserApiTokenController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\Api;
 
-use BookStack\Actions\ActivityType;
-use BookStack\Api\ApiToken;
-use BookStack\Auth\User;
+use BookStack\Activity\ActivityType;
+use BookStack\Http\Controller;
+use BookStack\Users\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Str;
@@ -58,7 +58,6 @@ class UserApiTokenController extends Controller
         $token->save();
 
         session()->flash('api-token-secret:' . $token->id, $secret);
-        $this->showSuccessNotification(trans('settings.user_api_token_create_success'));
         $this->logActivity(ActivityType::API_TOKEN_CREATE, $token);
 
         return redirect($user->getEditUrl('/api-tokens/' . $token->id));
@@ -96,7 +95,6 @@ class UserApiTokenController extends Controller
             'expires_at' => $request->get('expires_at') ?: ApiToken::defaultExpiry(),
         ])->save();
 
-        $this->showSuccessNotification(trans('settings.user_api_token_update_success'));
         $this->logActivity(ActivityType::API_TOKEN_UPDATE, $token);
 
         return redirect($user->getEditUrl('/api-tokens/' . $token->id));
@@ -123,7 +121,6 @@ class UserApiTokenController extends Controller
         [$user, $token] = $this->checkPermissionAndFetchUserToken($userId, $tokenId);
         $token->delete();
 
-        $this->showSuccessNotification(trans('settings.user_api_token_delete_success'));
         $this->logActivity(ActivityType::API_TOKEN_DELETE, $token);
 
         return redirect($user->getEditUrl('#api_tokens'));

app/App/Application.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack;
+namespace BookStack\App;
 
 class Application extends \Illuminate\Foundation\Application
 {

app/App/HomeController.php

@@ -1,8 +1,8 @@
 <?php
 
-namespace BookStack\Http\Controllers;
+namespace BookStack\App;
 
-use BookStack\Actions\ActivityQueries;
+use BookStack\Activity\ActivityQueries;
 use BookStack\Entities\Models\Book;
 use BookStack\Entities\Models\Page;
 use BookStack\Entities\Queries\RecentlyViewed;
@@ -10,6 +10,8 @@ use BookStack\Entities\Queries\TopFavourites;
 use BookStack\Entities\Repos\BookRepo;
 use BookStack\Entities\Repos\BookshelfRepo;
 use BookStack\Entities\Tools\PageContent;
+use BookStack\Http\Controller;
+use BookStack\Uploads\FaviconHandler;
 use BookStack\Util\SimpleListOptions;
 use Illuminate\Http\Request;
 
@@ -127,4 +129,15 @@ class HomeController extends Controller
     {
         return response()->view('errors.404', [], 404);
     }
+
+    /**
+     * Serve the application favicon.
+     * Ensures a 'favicon.ico' file exists at the web root location (if writable) to be served
+     * directly by the webserver in the future.
+     */
+    public function favicon(FaviconHandler $favicons)
+    {
+        $exists = $favicons->restoreOriginalIfNotExists();
+        return response()->file($exists ? $favicons->getPath() : $favicons->getOriginalPath());
+    }
 }

app/App/Model.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack;
+namespace BookStack\App;
 
 use Illuminate\Database\Eloquent\Model as EloquentModel;
 

app/App/Providers/AppServiceProvider.php

@@ -1,23 +1,23 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
-use BookStack\Actions\ActivityLogger;
-use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Access\SocialAuthService;
+use BookStack\Activity\Tools\ActivityLogger;
 use BookStack\Entities\Models\Book;
 use BookStack\Entities\Models\Bookshelf;
 use BookStack\Entities\Models\Chapter;
 use BookStack\Entities\Models\Page;
-use BookStack\Exceptions\WhoopsBookStackPrettyHandler;
+use BookStack\Exceptions\BookStackExceptionHandlerPage;
 use BookStack\Settings\SettingService;
 use BookStack\Util\CspService;
 use GuzzleHttp\Client;
+use Illuminate\Contracts\Foundation\ExceptionRenderer;
 use Illuminate\Database\Eloquent\Relations\Relation;
 use Illuminate\Support\Facades\Schema;
 use Illuminate\Support\Facades\URL;
 use Illuminate\Support\ServiceProvider;
 use Psr\Http\Client\ClientInterface as HttpClientInterface;
-use Whoops\Handler\HandlerInterface;
 
 class AppServiceProvider extends ServiceProvider
 {
@@ -26,7 +26,7 @@ class AppServiceProvider extends ServiceProvider
      * @var string[]
      */
     public $bindings = [
-        HandlerInterface::class => WhoopsBookStackPrettyHandler::class,
+        ExceptionRenderer::class => BookStackExceptionHandlerPage::class,
     ];
 
     /**

app/App/Providers/AuthServiceProvider.php

@@ -1,14 +1,14 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
+use BookStack\Access\ExternalBaseUserProvider;
+use BookStack\Access\Guards\AsyncExternalBaseSessionGuard;
+use BookStack\Access\Guards\LdapSessionGuard;
+use BookStack\Access\LdapService;
+use BookStack\Access\LoginService;
+use BookStack\Access\RegistrationService;
 use BookStack\Api\ApiTokenGuard;
-use BookStack\Auth\Access\ExternalBaseUserProvider;
-use BookStack\Auth\Access\Guards\AsyncExternalBaseSessionGuard;
-use BookStack\Auth\Access\Guards\LdapSessionGuard;
-use BookStack\Auth\Access\LdapService;
-use BookStack\Auth\Access\LoginService;
-use BookStack\Auth\Access\RegistrationService;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Validation\Rules\Password;

app/App/Providers/EventServiceProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
 use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
 use SocialiteProviders\Manager\SocialiteWasCalled;
@@ -24,11 +24,22 @@ class EventServiceProvider extends ServiceProvider
     ];
 
     /**
-     * Register any other events for your application.
+     * Register any events for your application.
      *
      * @return void
      */
     public function boot()
     {
+        //
+    }
+
+    /**
+     * Determine if events and listeners should be automatically discovered.
+     *
+     * @return bool
+     */
+    public function shouldDiscoverEvents()
+    {
+        return false;
     }
 }

app/App/Providers/RouteServiceProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
 use Illuminate\Cache\RateLimiting\Limit;
 use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
@@ -77,7 +77,7 @@ class RouteServiceProvider extends ServiceProvider
     protected function configureRateLimiting()
     {
         RateLimiter::for('api', function (Request $request) {
-            return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip());
+            return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
         });
     }
 }

app/App/Providers/ThemeServiceProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
 use BookStack\Theming\ThemeEvents;
 use BookStack\Theming\ThemeService;

app/App/Providers/TranslationServiceProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
 use BookStack\Translation\FileLoader;
 use BookStack\Translation\MessageSelector;

app/App/Providers/ValidationRuleServiceProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
 use BookStack\Uploads\ImageService;
 use Illuminate\Support\Facades\Validator;
@@ -21,8 +21,8 @@ class ValidationRuleServiceProvider extends ServiceProvider
 
         Validator::extend('safe_url', function ($attribute, $value, $parameters, $validator) {
             $cleanLinkName = strtolower(trim($value));
-            $isJs = strpos($cleanLinkName, 'javascript:') === 0;
-            $isData = strpos($cleanLinkName, 'data:') === 0;
+            $isJs = str_starts_with($cleanLinkName, 'javascript:');
+            $isData = str_starts_with($cleanLinkName, 'data:');
 
             return !$isJs && !$isData;
         });

app/App/Providers/ViewTweaksServiceProvider.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Providers;
+namespace BookStack\App\Providers;
 
 use BookStack\Entities\BreadcrumbsViewComposer;
 use Illuminate\Pagination\Paginator;

app/App/Sluggable.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace BookStack\Interfaces;
+namespace BookStack\App;
 
 /**
  * Assigned to models that can have slugs.

app/App/helpers.php

@@ -1,9 +1,9 @@
 <?php
 
-use BookStack\Auth\Permissions\PermissionApplicator;
-use BookStack\Auth\User;
-use BookStack\Model;
+use BookStack\App\Model;
+use BookStack\Permissions\PermissionApplicator;
 use BookStack\Settings\SettingService;
+use BookStack\Users\Models\User;
 
 /**
  * Get the path to a versioned file.
@@ -147,7 +147,7 @@ function icon(string $name, array $attrs = []): string
 }
 
 /**
- * Generate a url with multiple parameters for sorting purposes.
+ * Generate a URL with multiple parameters for sorting purposes.
  * Works out the logic to set the correct sorting direction
  * Discards empty parameters and allows overriding.
  */
@@ -172,7 +172,7 @@ function sortUrl(string $path, array $data, array $overrideData = []): string
     }
 
     if (count($queryStringSections) === 0) {
-        return $path;
+        return url($path);
     }
 
     return url($path . '?' . implode('&', $queryStringSections));

app/Auth/Access/Ldap.php

@@ -1,136 +0,0 @@
-<?php
-
-namespace BookStack\Auth\Access;
-
-/**
- * Class Ldap
- * An object-orientated thin abstraction wrapper for common PHP LDAP functions.
- * Allows the standard LDAP functions to be mocked for testing.
- */
-class Ldap
-{
-    /**
-     * Connect to an LDAP server.
-     *
-     * @return resource
-     */
-    public function connect(string $hostName, int $port)
-    {
-        return ldap_connect($hostName, $port);
-    }
-
-    /**
-     * Set the value of a LDAP option for the given connection.
-     *
-     * @param resource $ldapConnection
-     * @param mixed    $value
-     */
-    public function setOption($ldapConnection, int $option, $value): bool
-    {
-        return ldap_set_option($ldapConnection, $option, $value);
-    }
-
-    /**
-     * Start TLS on the given LDAP connection.
-     */
-    public function startTls($ldapConnection): bool
-    {
-        return ldap_start_tls($ldapConnection);
-    }
-
-    /**
-     * Set the version number for the given ldap connection.
-     *
-     * @param resource $ldapConnection
-     */
-    public function setVersion($ldapConnection, int $version): bool
-    {
-        return $this->setOption($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, $version);
-    }
-
-    /**
-     * Search LDAP tree using the provided filter.
-     *
-     * @param resource   $ldapConnection
-     * @param string     $baseDn
-     * @param string     $filter
-     * @param array|null $attributes
-     *
-     * @return resource
-     */
-    public function search($ldapConnection, $baseDn, $filter, array $attributes = null)
-    {
-        return ldap_search($ldapConnection, $baseDn, $filter, $attributes);
-    }
-
-    /**
-     * Get entries from an ldap search result.
-     *
-     * @param resource $ldapConnection
-     * @param resource $ldapSearchResult
-     *
-     * @return array
-     */
-    public function getEntries($ldapConnection, $ldapSearchResult)
-    {
-        return ldap_get_entries($ldapConnection, $ldapSearchResult);
-    }
-
-    /**
-     * Search and get entries immediately.
-     *
-     * @param resource   $ldapConnection
-     * @param string     $baseDn
-     * @param string     $filter
-     * @param array|null $attributes
-     *
-     * @return resource
-     */
-    public function searchAndGetEntries($ldapConnection, $baseDn, $filter, array $attributes = null)
-    {
-        $search = $this->search($ldapConnection, $baseDn, $filter, $attributes);
-
-        return $this->getEntries($ldapConnection, $search);
-    }
-
-    /**
-     * Bind to LDAP directory.
-     *
-     * @param resource $ldapConnection
-     * @param string   $bindRdn
-     * @param string   $bindPassword
-     *
-     * @return bool
-     */
-    public function bind($ldapConnection, $bindRdn = null, $bindPassword = null)
-    {
-        return ldap_bind($ldapConnection, $bindRdn, $bindPassword);
-    }
-
-    /**
-     * Explode a LDAP dn string into an array of components.
-     *
-     * @param string $dn
-     * @param int    $withAttrib
-     *
-     * @return array
-     */
-    public function explodeDn(string $dn, int $withAttrib)
-    {
-        return ldap_explode_dn($dn, $withAttrib);
-    }
-
-    /**
-     * Escape a string for use in an LDAP filter.
-     *
-     * @param string $value
-     * @param string $ignore
-     * @param int    $flags
-     *
-     * @return string
-     */
-    public function escape(string $value, string $ignore = '', int $flags = 0)
-    {
-        return ldap_escape($value, $ignore, $flags);
-    }
-}

app/Config/app.php

@@ -8,6 +8,8 @@
  * Do not edit this file unless you're happy to maintain any changes yourself.
  */
 
+use Illuminate\Support\Facades\Facade;
+
 return [
 
     // The environment to run BookStack in.
@@ -98,7 +100,13 @@ return [
     // Encryption cipher
     'cipher' => 'AES-256-CBC',
 
-    // Application Services Provides
+    // Maintenance Mode Driver
+    'maintenance' => [
+        'driver' => 'file',
+        // 'store'  => 'redis',
+    ],
+
+    // Application Service Providers
     'providers' => [
 
         // Laravel Framework Service Providers...
@@ -131,68 +139,19 @@ return [
         SocialiteProviders\Manager\ServiceProvider::class,
 
         // BookStack custom service providers
-        BookStack\Providers\ThemeServiceProvider::class,
-        BookStack\Providers\AppServiceProvider::class,
-        BookStack\Providers\AuthServiceProvider::class,
-        BookStack\Providers\EventServiceProvider::class,
-        BookStack\Providers\RouteServiceProvider::class,
-        BookStack\Providers\TranslationServiceProvider::class,
-        BookStack\Providers\ValidationRuleServiceProvider::class,
-        BookStack\Providers\ViewTweaksServiceProvider::class,
+        \BookStack\App\Providers\ThemeServiceProvider::class,
+        \BookStack\App\Providers\AppServiceProvider::class,
+        \BookStack\App\Providers\AuthServiceProvider::class,
+        \BookStack\App\Providers\EventServiceProvider::class,
+        \BookStack\App\Providers\RouteServiceProvider::class,
+        \BookStack\App\Providers\TranslationServiceProvider::class,
+        \BookStack\App\Providers\ValidationRuleServiceProvider::class,
+        \BookStack\App\Providers\ViewTweaksServiceProvider::class,
     ],
 
-    /*
-    |--------------------------------------------------------------------------
-    | Class Aliases
-    |--------------------------------------------------------------------------
-    |
-    | This array of class aliases will be registered when this application
-    | is started. However, feel free to register as many as you wish as
-    | the aliases are "lazy" loaded so they don't hinder performance.
-    |
-    */
-
-    // Class aliases, Registered on application start
-    'aliases' => [
-        // Laravel
-        'App'          => Illuminate\Support\Facades\App::class,
-        'Arr'          => Illuminate\Support\Arr::class,
-        'Artisan'      => Illuminate\Support\Facades\Artisan::class,
-        'Auth'         => Illuminate\Support\Facades\Auth::class,
-        'Blade'        => Illuminate\Support\Facades\Blade::class,
-        'Bus'          => Illuminate\Support\Facades\Bus::class,
-        'Cache'        => Illuminate\Support\Facades\Cache::class,
-        'Config'       => Illuminate\Support\Facades\Config::class,
-        'Cookie'       => Illuminate\Support\Facades\Cookie::class,
-        'Crypt'        => Illuminate\Support\Facades\Crypt::class,
-        'Date'         => Illuminate\Support\Facades\Date::class,
-        'DB'           => Illuminate\Support\Facades\DB::class,
-        'Eloquent'     => Illuminate\Database\Eloquent\Model::class,
-        'Event'        => Illuminate\Support\Facades\Event::class,
-        'File'         => Illuminate\Support\Facades\File::class,
-        'Gate'         => Illuminate\Support\Facades\Gate::class,
-        'Hash'         => Illuminate\Support\Facades\Hash::class,
-        'Http'         => Illuminate\Support\Facades\Http::class,
-        'Lang'         => Illuminate\Support\Facades\Lang::class,
-        'Log'          => Illuminate\Support\Facades\Log::class,
-        'Mail'         => Illuminate\Support\Facades\Mail::class,
-        'Notification' => Illuminate\Support\Facades\Notification::class,
-        'Password'     => Illuminate\Support\Facades\Password::class,
-        'Queue'        => Illuminate\Support\Facades\Queue::class,
-        'RateLimiter'  => Illuminate\Support\Facades\RateLimiter::class,
-        'Redirect'     => Illuminate\Support\Facades\Redirect::class,
-        // 'Redis'        => Illuminate\Support\Facades\Redis::class,
-        'Request'      => Illuminate\Support\Facades\Request::class,
-        'Response'     => Illuminate\Support\Facades\Response::class,
-        'Route'        => Illuminate\Support\Facades\Route::class,
-        'Schema'       => Illuminate\Support\Facades\Schema::class,
-        'Session'      => Illuminate\Support\Facades\Session::class,
-        'Storage'      => Illuminate\Support\Facades\Storage::class,
-        'Str'          => Illuminate\Support\Str::class,
-        'URL'          => Illuminate\Support\Facades\URL::class,
-        'Validator'    => Illuminate\Support\Facades\Validator::class,
-        'View'         => Illuminate\Support\Facades\View::class,
-
+    // Class Aliases
+    // This array of class aliases to be registered on application start.
+    'aliases' => Facade::defaultAliases()->merge([
         // Laravel Packages
         'Socialite'    => Laravel\Socialite\Facades\Socialite::class,
 
@@ -202,7 +161,7 @@ return [
         // Custom BookStack
         'Activity'    => BookStack\Facades\Activity::class,
         'Theme'       => BookStack\Facades\Theme::class,
-    ],
+    ])->toArray(),
 
     // Proxy configuration
     'proxies' => env('APP_PROXIES', ''),

app/Config/auth.php

@@ -59,12 +59,12 @@ return [
     'providers' => [
         'users' => [
             'driver' => 'eloquent',
-            'model'  => \BookStack\Auth\User::class,
+            'model'  => \BookStack\Users\Models\User::class,
         ],
 
         'external' => [
             'driver' => 'external-users',
-            'model'  => \BookStack\Auth\User::class,
+            'model'  => \BookStack\Users\Models\User::class,
         ],
 
         // 'users' => [

app/Config/broadcasting.php

@@ -14,7 +14,7 @@ return [
     // This option controls the default broadcaster that will be used by the
     // framework when an event needs to be broadcast. This can be set to
     // any of the connections defined in the "connections" array below.
-    'default' => env('BROADCAST_DRIVER', 'pusher'),
+    'default' => 'null',
 
     // Broadcast Connections
     // Here you may define all of the broadcast connections that will be used
@@ -22,21 +22,7 @@ return [
     // each available type of connection are provided inside this array.
     'connections' => [
 
-        'pusher' => [
-            'driver'  => 'pusher',
-            'key'     => env('PUSHER_APP_KEY'),
-            'secret'  => env('PUSHER_APP_SECRET'),
-            'app_id'  => env('PUSHER_APP_ID'),
-            'options' => [
-                'cluster' => env('PUSHER_APP_CLUSTER'),
-                'useTLS'  => true,
-            ],
-        ],
-
-        'redis' => [
-            'driver'     => 'redis',
-            'connection' => 'default',
-        ],
+        // Default options removed since we don't use broadcasting.
 
         'log' => [
             'driver' => 'log',