Merge branch 'codeigniter4:develop' into multilevel-permissions

.github/workflows/no-merge-commits.yml

@@ -19,6 +19,6 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Run test
-        uses: NexusPHP/no-merge-commits@v2.1.0
+        uses: NexusPHP/no-merge-commits@v2.2.1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}

docs/customization/user_provider.md

@@ -54,3 +54,17 @@ class UserModel extends ShieldUserModel
     }
 }
 ```
+
+## Creating a Custom User Entity
+
+Starting from v1.2.0, `UserModel` in Shield has the `createNewUser()` method to
+create a new User Entity.
+
+```php
+$user = $userModel->createNewUser($data);
+```
+
+It takes an optional user data array as the first argument, and passes it to the
+constructor of the `$returnType` class.
+
+If your custom User entity cannot be instantiated in this way, override this method.

docs/references/authentication/hmac.md

@@ -119,14 +119,14 @@ permissions the token grants to the user. Scopes are provided when the token is
 cannot be modified afterword.
 
 ```php
-$token = $user->gererateHmacToken('Work Laptop', ['posts.manage', 'forums.manage']);
+$token = $user->generateHmacToken('Work Laptop', ['posts.manage', 'forums.manage']);
 ```
 
 By default, a user is granted a wildcard scope which provides access to all scopes. This is the
 same as:
 
 ```php
-$token = $user->gererateHmacToken('Work Laptop', ['*']);
+$token = $user->generateHmacToken('Work Laptop', ['*']);
 ```
 
 During authentication, the HMAC Keys the user used is stored on the user. Once authenticated, you

docs/user_management/forcing_password_reset.md

@@ -38,7 +38,7 @@ if ($user->requiresPasswordReset()) {
 
 !!! note
 
-    You can use the [force-reset](../references/controller_filters/#forcing-password-reset)
+    You can use the [force-reset](../references/controller_filters.md/#forcing-password-reset)
     filter to check.
 
 ### Force Password Reset On a User

src/Collectors/Auth.php

@@ -83,7 +83,7 @@ public function display(): string
 
             $html = '<h3>Current User</h3>';
             $html .= '<table><tbody>';
-            $html .= "<tr><td style='width:150px;'>User ID</td><td>#{$user->id}</td></tr>";
+            $html .= "<tr><td width=\"150\">User ID</td><td>#{$user->id}</td></tr>";
             $html .= "<tr><td>Username</td><td>{$user->username}</td></tr>";
             $html .= "<tr><td>Email</td><td>{$user->email}</td></tr>";
             $html .= "<tr><td>Groups</td><td>{$groupsForUser}</td></tr>";

src/Controllers/RegisterController.php

@@ -103,8 +103,7 @@ public function registerAction(): RedirectResponse
 
         // Save the user
         $allowedPostFields = array_keys($rules);
-        $user              = $this->getUserEntity();
-        $user->fill($this->request->getPost($allowedPostFields));
+        $user              = $users->createNewUser($this->request->getPost($allowedPostFields));
 
         // Workaround for email only registration/login
         if ($user->username === null) {
@@ -160,10 +159,14 @@ protected function getUserProvider(): UserModel
 
     /**
      * Returns the Entity class that should be used
+     *
+     * @deprecated 1.2.0 No longer used.
      */
     protected function getUserEntity(): User
     {
-        return new User();
+        $userProvider = $this->getUserProvider();
+
+        return $userProvider->createNewUser();
     }
 
     /**

src/Models/UserModel.php

@@ -397,4 +397,14 @@ private function checkReturnType(): void
             throw new LogicException('Return type must be a subclass of ' . User::class);
         }
     }
+
+    /**
+     * Returns a new User Entity.
+     *
+     * @param array<string, array<array-key, mixed>|bool|float|int|object|string|null> $data (Optional) user data
+     */
+    public function createNewUser(array $data = []): User
+    {
+        return new $this->returnType($data);
+    }
 }