- Add getDatabaseResourceType() helper to map database types to resource constants
- Use database-specific resourceType for CSV/JSON import/export instead of hardcoded TYPE_DATABASE
- Skip attribute validation for schemaless databases (DocumentsDB/VectorsDB) in exports
- Parse JSON export queries in migration worker
- Restore MigrationsBase from 1.9.x and append VectorsDB/DocumentsDB E2E tests
Query::groupByType() now returns a GroupedQueries readonly class instead
of an associative array. All bracket access ($grouped['filters'], etc.)
must use arrow syntax ($grouped->filters).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- general.php: add instanceof guard in error handler to prevent calling
isPrivileged() on a plain Document if getResource('user') returns
an unexpected type
- graphql.php: add setUser() calls on request/response in graphql group
init so sensitive field filtering works correctly for GraphQL routes
- api.php: fix session group init type hint from Document to User for
consistency with all other init blocks
https://claude.ai/code/session_01JLPDurUgyj7qViA8JqQFTH
The error handler in general.php was calling User::isPrivileged()
statically, but the method was converted to an instance method.
This caused a fatal error on every request.
https://claude.ai/code/session_01JLPDurUgyj7qViA8JqQFTH
All call sites now use $user->isApp() and $user->isPrivileged() instance
syntax instead of static User::isApp() / $user::isPrivileged() calls.
Added setUser() to Request class for consistency with Response.
https://claude.ai/code/session_01JLPDurUgyj7qViA8JqQFTH
PHPStan correctly flagged that Document::isPrivileged() doesn't exist.
Changed type hints from Document $user to User $user in all action
signatures where $user::isPrivileged() is called, since the runtime
instance is always a User (or subclass).
https://claude.ai/code/session_01JLPDurUgyj7qViA8JqQFTH
Replace all static User::isPrivileged() calls with $user::isPrivileged()
across the codebase. Since $user is resolved via setDocumentType, this
allows subclasses to override the privilege check without CE needing to
know about downstream-specific roles.
https://claude.ai/code/session_01JLPDurUgyj7qViA8JqQFTH
Jake Barnby
Prem Palanisamy
Darshan
Claude
Matej Bačo
ArnabChatterjee20k
Matej Bačo
eldadfux
ArnabChatterjee20k