fix(auth): scope media ACL checks to the namespace

Media files have no per-file ACLs; permissions must be evaluated against
the namespace they live in. Several call sites passed the raw media ID
to

fix(auth): scope media ACL checks to the namespace

Media files have no per-file ACLs; permissions must be evaluated against
the namespace they live in. Several call sites passed the raw media ID
to auth_quickaclcheck(), so a page-intended exact-ID rule (e.g. on
wiki:secret.png) could silently apply to a media file sharing that ID.

Introduce mediaAclPath() that builds the correct namespace wildcard
path (handling root-namespace media) and route all media-related ACL
checks through it. Also normalize the lone `:X` sentinel variant in
fetch.functions.php to the standard `:*` form.

fixes: #4647

show more ...

�� Rector and PHPCS fixes

fix EXIF-rotated images shown cropped in previews, closes #4482

JPEGs with EXIF orientation 5/6/7/8 were rendered cropped in the
mediamanager detail view, the image diff view and the fullscreen
deta

fix EXIF-rotated images shown cropped in previews, closes #4482

JPEGs with EXIF orientation 5/6/7/8 were rendered cropped in the
mediamanager detail view, the image diff view and the fullscreen
detail page: getimagesize() / JpegMeta report raw (rotation-unaware)
pixel dimensions, and passing both w and h to fetch.php defaults to
center-crop.

- Bump splitbrain/slika to 1.1, which ships ImageInfo: a rotation-
aware, metadata-only dimension simulator mirroring Adapter's
fluent API (autorotate/resize/crop).
- Add fit=1 to fetch.php: when both w and h are given, route to
media_resize_image() (bbox fit) instead of media_crop_image().
Token hashes only (id, w, h) so existing tokens stay valid.
- Add MediaFile::getDisplayDimensions($w, $h, $crop) which delegates
to ImageInfo and returns the dims fetch.php would produce.
- Add Display::getDetailHtml() and retire media_preview() / the old
media_image_preview_size() helper. media_tab_view and MediaDiff
now share the Display-based renderer.
- Rewrite tpl_img() (lib/tpl/*/detail.php) to use MediaFile dims +
fit=1 URL; drops the manual ratio math.
- Tests: MediaFileTest covers the dims math, DisplayTest covers the
detail-view HTML (rotated dims, rev-vs-timestamp URL selection,
structure), fetch_imagetoken gains a fit-token compat test.
Fixture _test/data/media/wiki/exif-orient-6.jpg: 20x30 JPEG with
EXIF orientation 6.

show more ...

Feed creation refactoring

This breaks up the humongous functions from feed.php into multiple
classes. To keep compatibility with existing Plugin events, the basic
principle of how the feed is assemb

Feed creation refactoring

This breaks up the humongous functions from feed.php into multiple
classes. To keep compatibility with existing Plugin events, the basic
principle of how the feed is assembled has not been changed:

* depending on the given mode and other options lose arrays of items are
gathered
* these items are then converted (again based on the various options)
into proper FeedItems
* the FeedItems are then added to the Feed

The conversion from loosely typed item data to something more structured
is now done by the FeedItemProcessor classes. Some very basic tests have
been added. It does not cover erverything but covers more than before
(which was nothing).

Manual testing before merging this is highly recommended. I am not
confident that I ported over everything correctly.

No new features have been added, but especially media support could and
should be improved in the future.

show more ...

Use str_starts_with/str_ends_with

code style: operator spacing

coding style: control flow whitespaces

Apply rector fixes to inc/File

import classes, replace dbglog, simplify, remove unused statements, and other warnings from IntelliJ

update phpdocs,
rename dokuwiki/Ui/Draft to PageDraft

rename namespace Media to File

This is a bit more generic and allows us to have additional File
abstractions in here later.