Update laravel to 7.x

README.md

@@ -2,6 +2,11 @@
 
 The new doorcode system repository.
 
+## Running Code Coverage
+Code coverage is best generated with phpdbg as it is very fast. Inside the docker
+container in the `backend` directory, run the command `phpdbg -qrr vendor/bin/phpunit --coverage-html cov`.
+Visit the backend/cov/index.html file in a browser to see the report.
+
 
 ## Web Development Installation Instructions
 #### Requirements

src/web/backend/app/Exceptions/Handler.php

@@ -3,6 +3,7 @@
 namespace App\Exceptions;
 
 use Exception;
+use Throwable;
 use Illuminate\Http\Request;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Auth\AuthenticationException;
@@ -35,50 +36,38 @@ class Handler extends ExceptionHandler
      */
     public function respondWithError(string $message, int $code): JsonResponse
     {
-        return new JsonResponse(
-            [
-                'status'  => 'error',
-                'code'    => $code,
-                'message' => $message,
-            ],
-            $code
-        );
+        return new JsonResponse([
+            'status' => 'error',
+            'code' => $code,
+            'message' => $message,
+        ], $code);
     }
 
     /**
-     * Render an exception into an HTTP response.
-     *
-     * @param Request   $request
-     * @param Exception $exception
-     * @return Response
-     * @throws Exception
+     * @inheritDoc
      */
-    public function render($request, Exception $exception)
+    public function render($request, Throwable $e)
     {
         if (
-            $exception instanceof EntityNotFoundException ||
-            $exception instanceof EntityExistsException
+            $e instanceof EntityNotFoundException ||
+            $e instanceof EntityExistsException
         ) {
-            return $this->respondWithError($exception->getMessage(), $exception->getCode());
+            return $this->respondWithError($e->getMessage(), $e->getCode());
         }
 
-        if ($exception instanceof SourceAuthenticationException) {
-            return response()->json(['message' => $exception->getMessage()], 401);
+        if ($e instanceof SourceAuthenticationException) {
+            return response()->json(['message' => $e->getMessage()], 401);
         }
 
-        if ($exception instanceof AuthorizationException) {
-            return response()->json(['message' => $exception->getMessage()], 403);
+        if ($e instanceof AuthorizationException) {
+            return response()->json(['message' => $e->getMessage()], 403);
         }
 
-        return parent::render($request, $exception);
+        return parent::render($request, $e);
     }
 
     /**
-     * Convert an authentication exception into a response.
-     *
-     * @param Request                 $request
-     * @param AuthenticationException $exception
-     * @return Response
+     * @inheritDoc
      */
     protected function unauthenticated($request, AuthenticationException $exception)
     {
@@ -86,11 +75,7 @@ class Handler extends ExceptionHandler
     }
 
     /**
-     * Create a response object from the given validation exception.
-     *
-     * @param ValidationException $e
-     * @param Request             $request
-     * @return Response
+     * @inheritDoc
      */
     protected function convertValidationExceptionToResponse(ValidationException $e, $request)
     {

src/web/backend/app/Http/Kernel.php

@@ -2,6 +2,7 @@
 
 namespace App\Http;
 
+use Fruitcake\Cors\HandleCors;
 use App\Http\Middleware\TrimStrings;
 use App\Http\Middleware\Authenticate;
 use App\Http\Middleware\TrustProxies;
@@ -17,7 +18,6 @@ use Illuminate\Foundation\Http\Kernel as HttpKernel;
 use Illuminate\Routing\Middleware\ValidateSignature;
 use Illuminate\Auth\Middleware\EnsureEmailIsVerified;
 use Illuminate\Routing\Middleware\SubstituteBindings;
-use Illuminate\Session\Middleware\AuthenticateSession;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
 use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
 use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
@@ -35,6 +35,7 @@ class Kernel extends HttpKernel
      */
     protected $middleware = [
         TrustProxies::class,
+        HandleCors::class,
         CheckForMaintenanceMode::class,
         ValidatePostSize::class,
         TrimStrings::class,
@@ -87,21 +88,4 @@ class Kernel extends HttpKernel
         'throttle' => ThrottleRequests::class,
         'verified' => EnsureEmailIsVerified::class,
     ];
-
-    /**
-     * The priority-sorted list of middleware.
-     *
-     * This forces non-global middleware to always be in the given order.
-     *
-     * @var array
-     */
-    protected $middlewarePriority = [
-        StartSession::class,
-        ShareErrorsFromSession::class,
-        Authenticate::class,
-        ThrottleRequests::class,
-        AuthenticateSession::class,
-        SubstituteBindings::class,
-        Authorize::class,
-    ];
 }

src/web/backend/composer.json

@@ -11,16 +11,17 @@
         "php": "^7.4",
         "fideloper/proxy": "^4.0",
         "friendsofphp/php-cs-fixer": "^2.16",
-        "laravel/framework": "^6.2",
+        "fruitcake/laravel-cors": "^1.0",
+        "laravel/framework": "^7.0",
         "laravel/tinker": "^2.0"
     },
     "require-dev": {
         "roave/security-advisories": "dev-master",
-        "facade/ignition": "^1.4",
+        "facade/ignition": "^2.0",
         "fzaninotto/faker": "^1.4",
         "mockery/mockery": "^1.0",
-        "nunomaduro/collision": "^3.0",
-        "phpunit/phpunit": "^8.0"
+        "nunomaduro/collision": "^4.1",
+        "phpunit/phpunit": "^8.5"
     },
     "config": {
         "optimize-autoloader": true,

src/web/backend/config/cors.php

+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Cross-Origin Resource Sharing (CORS) Configuration
+    |--------------------------------------------------------------------------
+    |
+    | Here you may configure your settings for cross-origin resource sharing
+    | or "CORS". This determines what cross-origin operations may execute
+    | in web browsers. You are free to adjust these settings as needed.
+    |
+    | To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
+    |
+    */
+
+    'paths' => ['api/*'],
+
+    'allowed_methods' => ['*'],
+
+    'allowed_origins' => ['*'],
+
+    'allowed_origins_patterns' => [],
+
+    'allowed_headers' => ['*'],
+
+    'exposed_headers' => false,
+
+    'max_age' => false,
+
+    'supports_credentials' => false,
+
+];

src/web/backend/config/session.php

@@ -166,7 +166,7 @@ return [
     |
     */
 
-    'secure' => env('SESSION_SECURE_COOKIE', false),
+    'secure' => env('SESSION_SECURE_COOKIE', null),
 
     /*
     |--------------------------------------------------------------------------
@@ -194,6 +194,6 @@ return [
     |
     */
 
-    'same_site' => null,
+    'same_site' => 'lax',
 
 ];

src/web/backend/src/UseCases/Groups/DeleteGroup/DeleteGroup.php

@@ -2,6 +2,7 @@
 
 namespace Source\UseCases\Groups\DeleteGroup;
 
+use ReflectionClass;
 use Source\Authorization\Permissions;
 use Source\Exceptions\DeleteFailedException;
 use Source\Gateways\Groups\GroupsRepository;
@@ -30,7 +31,7 @@ class DeleteGroup implements DeleteGroupUseCase
             throw new EntityNotFoundException();
         }
 
-        $reflection = new \ReflectionClass(Permissions::class);
+        $reflection = new ReflectionClass(Permissions::class);
 
         if (in_array($group->getTitle(), $reflection->getConstants(), true)) {
             throw new DeleteFailedException('Cannot delete a default permission group');

src/web/backend/tests/Feature/Api/Groups/CreateGroupApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Groups;
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
 use Source\Exceptions\EntityNotFoundException;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Source\Gateways\Groups\InMemoryGroupsRepository;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 

src/web/backend/tests/Feature/Api/Groups/DeleteGroupApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Groups;
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
 use Source\Exceptions\EntityNotFoundException;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Tests\Doubles\InMemoryGroupsRepositoryStub;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 

src/web/backend/tests/Feature/Api/Groups/GetAllGroupsApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Groups;
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
 use Source\Exceptions\EntityNotFoundException;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 
 class GetAllGroupsApiTest extends AuthenticatesWithApplicationTestCase

src/web/backend/tests/Feature/Api/Groups/GetGroupApiTest.php

@@ -5,7 +5,7 @@ namespace Tests\Feature\Api\Groups;
 
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Source\Gateways\Groups\InMemoryGroupsRepository;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 

src/web/backend/tests/Feature/Api/Groups/GetUsersForGroupApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Groups;
 use Source\Entities\User;
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Source\Gateways\GroupUser\GroupUserRepository;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 

src/web/backend/tests/Feature/Api/Groups/UpdateGroupApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Groups;
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
 use Source\Exceptions\EntityNotFoundException;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Tests\Doubles\InMemoryGroupsRepositoryStub;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 

src/web/backend/tests/Feature/Api/Me/GetCurrentUserApiTest.php

@@ -3,7 +3,7 @@
 
 namespace Tests\Feature\Api\Me;
 
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 
 class GetCurrentUserApiTest extends AuthenticatesWithApplicationTestCase

src/web/backend/tests/Feature/Api/Me/GetCurrentUserGroupsApiTest.php

@@ -5,7 +5,7 @@ namespace Tests\Feature\Api\Me;
 
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Source\Gateways\GroupUser\GroupUserRepository;
 use Source\Gateways\Groups\InMemoryGroupsRepository;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;

src/web/backend/tests/Feature/Api/Me/UpdateCurrentUserApiTest.php

@@ -9,7 +9,7 @@ use Source\Gateways\Users\UsersRepository;
 use Source\Gateways\Groups\GroupsRepository;
 use Source\Exceptions\EntityNotFoundException;
 use Tests\Doubles\InMemoryUsersRepositoryStub;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Source\Gateways\GroupUser\GroupUserRepository;
 use Source\Gateways\Groups\InMemoryGroupsRepository;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;

src/web/backend/tests/Feature/Api/Users/AddUserToGroupApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Users;
 use Source\Entities\User;
 use Source\Entities\Group;
 use Source\Gateways\Groups\GroupsRepository;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Source\Gateways\GroupUser\GroupUserRepository;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 

src/web/backend/tests/Feature/Api/Users/CreateUserApiTest.php

@@ -6,7 +6,7 @@ namespace Tests\Feature\Api\Users;
 use Source\Entities\User;
 use Source\Entities\Doorcode;
 use Source\Exceptions\EntityNotFoundException;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 
 class CreateUserApiTest extends AuthenticatesWithApplicationTestCase

src/web/backend/tests/Feature/Api/Users/DeleteUserApiTest.php

@@ -5,7 +5,7 @@ namespace Tests\Feature\Api\Users;
 
 use Source\Entities\User;
 use Source\Exceptions\EntityNotFoundException;
-use Illuminate\Foundation\Testing\TestResponse;
+use Illuminate\Testing\TestResponse;
 use Tests\Feature\AuthenticatesWithApplicationTestCase;
 
 class DeleteUserApiTest extends AuthenticatesWithApplicationTestCase