Merge branch 'feature/PB-38276_13-cherry-pick-PB-38760' into 'release'

PB-38276 Bump version to v4.11.0-test.3 See merge request passbolt/passbolt-ce-api!327
passbolt · Jan 30, 2025 · df0af11 · df0af11
2 parents 8802062 + 660c6ae
commit df0af11
Show file tree

Hide file tree

Showing 5 changed files with 61 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,50 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [4.11.0-test.3] - 2025-01-30
+### Added
+- PB-35761 As an administrator I receive an email if zero_knowledge_key_share is set to true and a new user completed the setup
+- PB-36558 As an administrator I can mark metadata_keys as expired
+- PB-35986 As an administrator I can share missing metadata private keys for users that needs them
+- PB-35925 As an administrator I can see if users are missing access to metadata keys
+- PB-37069 As an administration I can run a command to share metadata private keys with users that need them
+- PB-37068 As a user I can see if I am missing metadata keys
+- PB-36600 As an administrator I should be notified when an administrator expires a metadata key
+- PB-35418 As an administrator I should receive an email notification when a metadata key is deleted
+- PB-37361 As an administrator I can rotate metadata keys encrypting resources metadata
+- PB-37697 As an administrator I can upgrade resources to v5 format
+- PB-35927 As an administrator I can define an allow_v4_v5_upgrade metadata type settings
+- PB-35923 As an administrator I cannot add a new metadata key if there is only 2 that are active
+- PB-34463 As an administrator I cannot reuse metadata keys as the account recovery key
+- PB-35929 Update edit resource to support allow_v4_v5_upgrade settings
+- PB-35932 Update edit folders to support allow_v4_v5_upgrade settings
+
+### Fixed
+- PB-37719 Fix resource types index controller should not return deleted resource types per default
+- PB-36925 Cast configure usage to avoid fatal type error on missing fullBaseUrl
+- PB-36576 Fix as a user I cannot create or edit a tag with an expired or deleted metadata key
+- PB-37097 Fix prevent to use v5 resource_type_ids if v5 flag is off
+- PB-36930 Fix some email sentences not translated and markers errors in translation
+- PB-37096 Fix healthcheck relying on symfony/process should fail gracefully in case of process run exception
+- PB-36989 Fix namespace composer warnings
+- PB-37343 Fixes postgres dump by adding PGPASSWORD env since .pgpass is not generated on the passbolt installation
+- PB-38026 As an administrator running the cleanup command I should not see issues on soft deleted groups
+- PB-38261 Fix always failing IsNotAccountRecoveryFingerprintRule for metadata keys
+- PB-38262 Fix always failing metadata key creation when zero-knowledge is disabled, and no metadata keys are present
+- PB-38166 Passbolt app router should not fall back on Host header if full-base url is not set
+
+### Security
+- PB-37974 Upgrade CakePHP to v4.5.9
+
+### Maintenance
+- PB-35785 Upgrade psalm/phpstan to latest version as applicable
+- PB-35119 Fix tests failing when full base url is not-https
+- PB-37000 Fix bug of wrong relation for Rbacs to Log.Actions.
+- PB-37072 Fix LatestVersionApplicationHealthcheck test failing due to github not reachable
+- PB-37071 Fix PHPUnit 10 deprecations
+- PB-36237 Fix frequently failing TOTP setup/verify tests
+- PB-38184 Fix synk vulnerability for nesbot/carbon PHP Remote File Inclusion
+
 ## [4.11.0-test.2] - 2025-01-29
 ### Added
 - PB-35761 As an administrator I receive an email if zero_knowledge_key_share is set to true and a new user completed the setup

diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
@@ -8,7 +8,7 @@ As one of the final updates in the v4 series, this version prepares administrato
 
 Thank you to the community for your feedback and support.
 
-## [4.11.0-test.2] - 2025-01-29
+## [4.11.0-test.3] - 2025-01-30
 ### Added
 - PB-35761 As an administrator I receive an email if zero_knowledge_key_share is set to true and a new user completed the setup
 - PB-36558 As an administrator I can mark metadata_keys as expired

diff --git a/config/version.php b/config/version.php
@@ -1,7 +1,7 @@
 <?php
 return [
     'passbolt' => [
-        'version' => '4.11.0-test.2',
+        'version' => '4.11.0-test.3',
         'name' => 'Fortunate Son',
     ],
     'php' => [

diff --git a/...PassboltCe/Metadata/tests/TestCase/Controller/Resources/ResourcesUpdateControllerTest.php b/...PassboltCe/Metadata/tests/TestCase/Controller/Resources/ResourcesUpdateControllerTest.php
@@ -59,12 +59,12 @@ public function testResourcesUpdateController_Success_SharedKey(): void
     {
         MetadataTypesSettingsFactory::make()->v5()->persist();
         /** @var \App\Model\Entity\User $user */
-        $user = UserFactory::make()->user()->persist();
+        [$user, $userWithPermission] = UserFactory::make(2)->user()->persist();
         $metadataKey = MetadataKeyFactory::make()->withCreatorAndModifier($user)->withServerPrivateKey()->persist();
         $v4ResourceTypeId = ResourceTypeFactory::make()->passwordString()->persist()->get('id');
         $resourceTypeId = ResourceTypeFactory::make()->v5Default()->persist()->get('id');
         $metadataKeyId = $metadataKey->get('id');
-        $resource = ResourceFactory::make(['resource_type_id' => $v4ResourceTypeId])->withPermissionsFor([$user])->persist();
+        $resource = ResourceFactory::make(['resource_type_id' => $v4ResourceTypeId])->withPermissionsFor([$user, $userWithPermission])->persist();
         $resourceDto = MetadataResourceDto::fromArray($resource->toArray());
         $clearTextMetadata = json_encode($resourceDto->getClearTextMetadata());
         $metadata = $this->encryptForMetadataKey($clearTextMetadata);
@@ -98,6 +98,12 @@ public function testResourcesUpdateController_Success_SharedKey(): void
             'isV5',
             true
         );
+        $this->assertEmailQueueCount(2);
+        $this->assertEmailIsInQueue(['email' => $user->username, 'subject' => 'You edited a resource']);
+        $this->assertEmailIsInQueue([
+            'email' => $userWithPermission->username,
+            'subject' => $user->profile->first_name . ' edited a resource',
+        ]);
     }
 
     public function testResourcesUpdateController_Success_UserKey(): void

diff --git a/src/Notification/Email/Redactor/Resource/ResourceUpdateEmailRedactor.php b/src/Notification/Email/Redactor/Resource/ResourceUpdateEmailRedactor.php
@@ -140,11 +140,16 @@ private function createUpdateEmail(
         $subject = (new LocaleService())->translateString(
             $recipient->locale,
             function () use ($recipient, $owner, $resource, $isV5) {
+                $isRecipientPerformingTheAction = $recipient->id === $owner->id;
                 if ($isV5) {
-                    $subject = __('You edited a resource');
+                    if ($isRecipientPerformingTheAction) {
+                        $subject = __('You edited a resource');
+                    } else {
+                        $subject = __('{0} edited a resource', Purifier::clean($owner->profile->first_name));
+                    }
                 } else {
                     $resourceName = Purifier::clean($resource->name);
-                    if ($recipient->id === $owner->id) {
+                    if ($isRecipientPerformingTheAction) {
                         $subject = __('You edited the resource {0}', $resourceName);
                     } else {
                         $subject = __('{0} edited the resource {1}', Purifier::clean($owner->profile->first_name), $resourceName); // phpcs:ignore