Many fixes, began user feed generator

7 files changed, 10 insertions, 15 deletions

diff --git a/main/app/sprinkles/account/src/Authenticate/Authenticator.php b/main/app/sprinkles/account/src/Authenticate/Authenticator.php
index 8ee51b8..735a688 100644
--- a/main/app/sprinkles/account/src/Authenticate/Authenticator.php
+++ b/main/app/sprinkles/account/src/Authenticate/Authenticator.php
@@ -181,7 +181,7 @@ class Authenticator
      * This method logs in the specified user, allowing the client to assume the user's identity for the duration of the session.
      * @param User $user The user to log in.
      * @param bool $rememberMe Set to true to make this a "persistent session", i.e. one that will re-login even after the session expires.
-     * @todo Figure out a way to update the currentUser service to reflect the logged-in user *immediately* in the service provider.
+     * @odo Figure out a way to update the currentUser service to reflect the logged-in user *immediately* in the service provider.
      * As it stands, the currentUser service will still reflect a "guest user" for the remainder of the request.
      */
     public function login($user, $rememberMe = FALSE) {
diff --git a/main/app/sprinkles/account/src/Controller/AccountController.php b/main/app/sprinkles/account/src/Controller/AccountController.php
index 25961ec..7373923 100644
--- a/main/app/sprinkles/account/src/Controller/AccountController.php
+++ b/main/app/sprinkles/account/src/Controller/AccountController.php
@@ -65,7 +65,7 @@ class AccountController extends SimpleController
         // Validate, and halt on validation errors.
         $validator = new ServerSideValidator($schema, $this->ci->translator);
         if (!$validator->validate($data)) {
-            // TODO: encapsulate the communication of error messages from ServerSideValidator to the BadRequestException
+            // O: encapsulate the communication of error messages from ServerSideValidator to the BadRequestException
             $e = new BadRequestException('Missing or malformed request data!');
             foreach ($validator->errors() as $idx => $field) {
                 foreach ($field as $eidx => $error) {
@@ -163,8 +163,8 @@ class AccountController extends SimpleController
      * This is because we need to allow users to re-request a reset, even if they lose the first reset email.
      * This route is "public access".
      * Request type: POST
-     * @todo require additional user information
-     * @todo prevent password reset requests for root account?
+     * @odo require additional user information
+     * @odo prevent password reset requests for root account?
      *
      * @param  Request $request
      * @param  Response $response
@@ -244,8 +244,6 @@ class AccountController extends SimpleController
             }
         });
 
-        // TODO: create delay to prevent timing-based attacks
-
         $ms->addMessageTranslated('success', 'PASSWORD.FORGET.REQUEST_SENT', ['email' => $data['email']]);
         return $response->withStatus(200);
     }
@@ -1191,7 +1189,7 @@ class AccountController extends SimpleController
      *
      * This route is "public access".
      * Request type: GET
-     * @todo Can this route be abused for account enumeration?  If so we should throttle it as well.
+     * @odo Can this route be abused for account enumeration?  If so we should throttle it as well.
      *
      * @param  Request $request
      * @param  Response $response
diff --git a/main/app/sprinkles/account/src/Database/Models/Group.php b/main/app/sprinkles/account/src/Database/Models/Group.php
index b904eb5..f0a1e1f 100644
--- a/main/app/sprinkles/account/src/Database/Models/Group.php
+++ b/main/app/sprinkles/account/src/Database/Models/Group.php
@@ -47,7 +47,7 @@ class Group extends Model
     /**
      * Delete this group from the database, along with any user associations
      *
-     * @todo What do we do with users when their group is deleted?  Reassign them?  Or, can a user be "groupless"?
+     * @odo What do we do with users when their group is deleted?  Reassign them?  Or, can a user be "groupless"?
      */
     public function delete() {
         // Delete the group
diff --git a/main/app/sprinkles/account/src/Database/Models/User.php b/main/app/sprinkles/account/src/Database/Models/User.php
index 6a7996a..b401db2 100644
--- a/main/app/sprinkles/account/src/Database/Models/User.php
+++ b/main/app/sprinkles/account/src/Database/Models/User.php
@@ -178,8 +178,6 @@ class User extends Model
             $classMapper->staticMethod('password_reset', 'where', 'user_id', $this->id)->delete();
             $classMapper->staticMethod('verification', 'where', 'user_id', $this->id)->delete();
 
-            // TODO: remove any persistences
-
             // Delete the user
             $result = parent::forceDelete();
         } else {
@@ -332,7 +330,7 @@ class User extends Model
      *
      * By default, adds a new sign-in activity and updates any legacy hash.
      * @param mixed[] $params Optional array of parameters used for this event handler.
-     * @todo Transition to Laravel Event dispatcher to handle this
+     * @odo Transition to Laravel Event dispatcher to handle this
      */
     public function onLogin($params = []) {
         // Add a sign in activity (time is automatically set by database)
@@ -369,7 +367,7 @@ class User extends Model
      *
      * By default, adds a new sign-out activity.
      * @param mixed[] $params Optional array of parameters used for this event handler.
-     * @todo Transition to Laravel Event dispatcher to handle this
+     * @do Transition to Laravel Event dispatcher to handle this
      */
     public function onLogout($params = []) {
         static::$ci->userActivityLogger->info("User {$this->user_name} signed out.", [
diff --git a/main/app/sprinkles/account/src/Repository/PasswordResetRepository.php b/main/app/sprinkles/account/src/Repository/PasswordResetRepository.php
index e21b5d6..21ff548 100644
--- a/main/app/sprinkles/account/src/Repository/PasswordResetRepository.php
+++ b/main/app/sprinkles/account/src/Repository/PasswordResetRepository.php
@@ -28,7 +28,7 @@ class PasswordResetRepository extends TokenRepository
      */
     protected function updateUser($user, $args) {
         $user->password = Password::hash($args['password']);
-        // TODO: generate user activity? or do this in controller?
+        // DO: generate user activity? or do this in controller?
         $user->save();
     }
 }
diff --git a/main/app/sprinkles/account/src/Repository/VerificationRepository.php b/main/app/sprinkles/account/src/Repository/VerificationRepository.php
index 405efc5..d714dce 100644
--- a/main/app/sprinkles/account/src/Repository/VerificationRepository.php
+++ b/main/app/sprinkles/account/src/Repository/VerificationRepository.php
@@ -26,7 +26,6 @@ class VerificationRepository extends TokenRepository
      */
     protected function updateUser($user, $args) {
         $user->flag_verified = 1;
-        // TODO: generate user activity? or do this in controller?
         $user->save();
     }
 }
diff --git a/main/app/sprinkles/account/src/ServicesProvider/ServicesProvider.php b/main/app/sprinkles/account/src/ServicesProvider/ServicesProvider.php
index 5c1bf20..38d81d5 100644
--- a/main/app/sprinkles/account/src/ServicesProvider/ServicesProvider.php
+++ b/main/app/sprinkles/account/src/ServicesProvider/ServicesProvider.php
@@ -346,7 +346,7 @@ class ServicesProvider
             /**
              * This method is invoked when a user attempts to perform certain public actions when they are already logged in.
              *
-             * @todo Forward to user's landing page or last visited page
+             *  Forward to user's landing page or last visited page
              * @param \Psr\Http\Message\ServerRequestInterface $request
              * @param \Psr\Http\Message\ResponseInterface $response
              * @param array $args