Do not mark internal (relative) links as external and open in new tab in markdown blocks

Don't handle links as external by default. Instead distiguish internal (relative) and external (absolute) links.
Replace "range" indicators with mathematical tilde in LCSC provider (#989 )
2026-03-04 06:19:36 +00:00 · 2025-09-06 19:49:38 +02:00 · 2025-09-06 19:43:50 +02:00 · 2025-09-06 19:43:05 +02:00 · 2025-09-06 19:42:07 +02:00 · 2025-09-06 19:34:31 +02:00
31 changed files with 1383 additions and 1127 deletions
--- a/assets/controllers/common/markdown_controller.js
+++ b/assets/controllers/common/markdown_controller.js
@ -56,12 +56,16 @@ export default class MarkdownController extends Controller {
        this.element.innerHTML = DOMPurify.sanitize(MarkdownController._marked.parse(this.unescapeHTML(raw)));

        for(let a of this.element.querySelectorAll('a')) {
-            //Mark all links as external
-            a.classList.add('link-external');
-            //Open links in new tag
-            a.setAttribute('target', '_blank');
-            //Dont track
-            a.setAttribute('rel', 'noopener');
+            // test if link is absolute
+            var r = new RegExp('^(?:[a-z+]+:)?//', 'i');
+            if (r.test(a.getAttribute('href'))) {
+                //Mark all links as external
+                a.classList.add('link-external');
+                //Open links in new tag
+                a.setAttribute('target', '_blank');
+                //Dont track
+                a.setAttribute('rel', 'noopener');
+            }
        }

        //Apply bootstrap styles to tables
@ -108,4 +112,4 @@ export default class MarkdownController extends Controller {
            gfm: true,
        });
    }*/
-}
+}
--- a/assets/css/components/ckeditor.css
+++ b/assets/css/components/ckeditor.css
@ -71,6 +71,8 @@
    --ck-color-button-on-hover-background: var(--bs-secondary-bg);
    --ck-color-button-on-active-background: var(--bs-secondary-bg);
    --ck-color-button-on-disabled-background: var(--bs-secondary-bg);
-    --ck-color-button-on-color:	var(--bs-primary)
+    --ck-color-button-on-color:	var(--bs-primary);

-}
+    --ck-content-font-color: var(--ck-color-base-text);
+
+}
--- a/composer.json
+++ b/composer.json
@ -25,8 +25,7 @@
        "doctrine/doctrine-migrations-bundle": "^3.0",
        "doctrine/orm": "^3.2.0",
        "dompdf/dompdf": "^v3.0.0",
-        "florianv/swap": "^4.0",
-        "florianv/swap-bundle": "dev-master",
+        "part-db/swap-bundle": "^6.0.0",
        "gregwar/captcha-bundle": "^2.1.0",
        "hshn/base64-encoded-file": "^5.0",
        "jbtronics/2fa-webauthn": "^3.0.0",
--- a/composer.lock
+++ b/composer.lock
--- a/config/packages/swap.yaml
+++ b/config/packages/swap.yaml
@ -5,6 +5,12 @@ florianv_swap:

  providers:
    european_central_bank: ~                      # European Central Bank (only works for EUR base currency)
-    fixer:                                        # Fixer.io (needs an API key)
-      access_key: "%env(string:default:settings:exchange_rate:fixerApiKey:INVALID)%"
-    #exchange_rates_api: ~
+    central_bank_of_czech_republic: ~
+    central_bank_of_republic_turkey: ~
+    national_bank_of_romania: ~
+
+    fixer: # Fixer.io (needs an API key)
+        access_key: "%env(string:settings:exchange_rate:fixerApiKey)%"
+
+    frankfurter: ~
+    fawazahmed_currency_api: ~
--- a/config/permissions.yaml
+++ b/config/permissions.yaml
@ -359,6 +359,10 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
        label: "perm.revert_elements"
        alsoSet: ['read_profiles', 'edit_profiles', 'create_profiles', 'delete_profiles']
        apiTokenRole: ROLE_API_EDIT
+      import:
+        label: "perm.import"
+        alsoSet: ['read_profiles', 'edit_profiles', 'create_profiles' ]
+        apiTokenRole: ROLE_API_EDIT

  api:
    label: "perm.api"
--- a/docs/installation/installation_guide-debian.md
+++ b/docs/installation/installation_guide-debian.md
@ -28,9 +28,14 @@ It is recommended to install Part-DB on a 64-bit system, as the 32-bit version o
 For the installation of Part-DB, we need some prerequisites. They can be installed by running the following command:

 ```bash
-sudo apt install git curl zip ca-certificates software-properties-common apt-transport-https lsb-release nano wget
+sudo apt update && apt upgrade
+sudo apt install git curl zip ca-certificates software-properties-common \
+  apt-transport-https lsb-release nano wget sqlite3
 ```

+Please run `sqlite3 --version` to assert that the SQLite version is 3.35 or higher.
+Otherwise some database migrations will not succeed.
+
 ### Install PHP and apache2

 Part-DB is written in [PHP](https://php.net) and therefore needs a PHP interpreter to run. Part-DB needs PHP 8.2 or
--- a/src/DataFixtures/CurrencyFixtures.php
+++ b/src/DataFixtures/CurrencyFixtures.php
@ -0,0 +1,64 @@
+<?php
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+
+namespace App\DataFixtures;
+
+use App\Entity\PriceInformations\Currency;
+use Brick\Math\BigDecimal;
+use Doctrine\Bundle\FixturesBundle\Fixture;
+use Doctrine\Persistence\ObjectManager;
+
+class CurrencyFixtures extends Fixture
+{
+    public function load(ObjectManager $manager): void
+    {
+        $currency1 = new Currency();
+        $currency1->setName('US-Dollar');
+        $currency1->setIsoCode('USD');
+        $manager->persist($currency1);
+
+        $currency2 = new Currency();
+        $currency2->setName('Swiss Franc');
+        $currency2->setIsoCode('CHF');
+        $currency2->setExchangeRate(BigDecimal::of('0.91'));
+        $manager->persist($currency2);
+
+        $currency3 = new Currency();
+        $currency3->setName('Great British Pound');
+        $currency3->setIsoCode('GBP');
+        $currency3->setExchangeRate(BigDecimal::of('0.78'));
+        $manager->persist($currency3);
+
+        $currency7 = new Currency();
+        $currency7->setName('Test Currency with long name');
+        $currency7->setIsoCode('CNY');
+        $manager->persist($currency7);
+
+        $manager->flush();
+
+
+        //Ensure that currency 7 gets ID 7
+        $manager->getRepository(Currency::class)->changeID($currency7, 7);
+        $manager->flush();
+    }
+}
--- a/src/Security/Voter/AttachmentVoter.php
+++ b/src/Security/Voter/AttachmentVoter.php
@ -41,6 +41,7 @@ use App\Entity\Attachments\UserAttachment;
 use RuntimeException;

 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 use function in_array;
@ -56,7 +57,7 @@ final class AttachmentVoter extends Voter
    {
    }

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {

        //This voter only works for attachments
@ -65,7 +66,8 @@ final class AttachmentVoter extends Voter
        }

        if ($attribute === 'show_private') {
-            return $this->helper->isGranted($token, 'attachments', 'show_private');
+            $vote?->addReason('User is not allowed to view private attachments.');
+            return $this->helper->isGranted($token, 'attachments', 'show_private', $vote);
        }


@ -111,7 +113,8 @@ final class AttachmentVoter extends Voter
                throw new RuntimeException('Encountered unknown Parameter type: ' . $subject);
            }

-            return $this->helper->isGranted($token, $param, $this->mapOperation($attribute));
+            $vote?->addReason('User is not allowed to '.$this->mapOperation($attribute).' attachments of type '.$param.'.');
+            return $this->helper->isGranted($token, $param, $this->mapOperation($attribute), $vote);
        }

        return false;
--- a/src/Security/Voter/GroupVoter.php
+++ b/src/Security/Voter/GroupVoter.php
@ -25,6 +25,7 @@ namespace App\Security\Voter;
 use App\Entity\UserSystem\Group;
 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -43,9 +44,9 @@ final class GroupVoter extends Voter
     *
     * @param  string  $attribute
     */
-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
-        return $this->helper->isGranted($token, 'groups', $attribute);
+        return $this->helper->isGranted($token, 'groups', $attribute, $vote);
    }

    /**
--- a/src/Security/Voter/ImpersonateUserVoter.php
+++ b/src/Security/Voter/ImpersonateUserVoter.php
@ -26,6 +26,7 @@ namespace App\Security\Voter;
 use App\Entity\UserSystem\User;
 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;
 use Symfony\Component\Security\Core\User\UserInterface;

@ -47,9 +48,16 @@ final class ImpersonateUserVoter extends Voter
            && $subject instanceof UserInterface;
    }

-    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
-        return $this->helper->isGranted($token, 'users', 'impersonate');
+        $result = $this->helper->isGranted($token, 'users', 'impersonate');
+
+        if ($result === false) {
+            $vote?->addReason('User is not allowed to impersonate other users.');
+            $this->helper->addReason($vote, 'users', 'impersonate');
+        }
+
+        return $result;
    }

    public function supportsAttribute(string $attribute): bool
@ -61,4 +69,4 @@ final class ImpersonateUserVoter extends Voter
    {
        return is_a($subjectType, User::class, true);
    }
-}
+}
--- a/src/Security/Voter/LabelProfileVoter.php
+++ b/src/Security/Voter/LabelProfileVoter.php
@ -44,6 +44,7 @@ namespace App\Security\Voter;
 use App\Entity\LabelSystem\LabelProfile;
 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -58,14 +59,15 @@ final class LabelProfileVoter extends Voter
        'delete' => 'delete_profiles',
        'show_history' => 'show_history',
        'revert_element' => 'revert_element',
+        'import' => 'import',
    ];

    public function __construct(private readonly VoterHelper $helper)
    {}

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
-        return $this->helper->isGranted($token, 'labels', self::MAPPING[$attribute]);
+        return $this->helper->isGranted($token, 'labels', self::MAPPING[$attribute], $vote);
    }

    protected function supports($attribute, $subject): bool
--- a/src/Security/Voter/LogEntryVoter.php
+++ b/src/Security/Voter/LogEntryVoter.php
@ -26,6 +26,7 @@ use App\Services\UserSystem\VoterHelper;
 use Symfony\Bundle\SecurityBundle\Security;
 use App\Entity\LogSystem\AbstractLogEntry;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -39,7 +40,7 @@ final class LogEntryVoter extends Voter
    {
    }

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        $user = $this->helper->resolveUser($token);

@ -48,19 +49,19 @@ final class LogEntryVoter extends Voter
        }

        if ('delete' === $attribute) {
-            return $this->helper->isGranted($token, 'system', 'delete_logs');
+            return $this->helper->isGranted($token, 'system', 'delete_logs', $vote);
        }

        if ('read' === $attribute) {
            //Allow read of the users own log entries
            if (
                $subject->getUser() === $user
-                && $this->helper->isGranted($token, 'self', 'show_logs')
+                && $this->helper->isGranted($token, 'self', 'show_logs', $vote)
            ) {
                return true;
            }

-            return $this->helper->isGranted($token, 'system', 'show_logs');
+            return $this->helper->isGranted($token, 'system', 'show_logs', $vote);
        }

        if ('show_details' === $attribute) {
--- a/src/Security/Voter/OrderdetailVoter.php
+++ b/src/Security/Voter/OrderdetailVoter.php
@ -46,6 +46,7 @@ use Symfony\Bundle\SecurityBundle\Security;
 use App\Entity\Parts\Part;
 use App\Entity\PriceInformations\Orderdetail;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -59,7 +60,7 @@ final class OrderdetailVoter extends Voter

    protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element'];

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        if (! is_a($subject, Orderdetail::class, true)) {
            throw new \RuntimeException('This voter can only handle Orderdetail objects!');
@ -75,7 +76,7 @@ final class OrderdetailVoter extends Voter

        //If we have no part associated use the generic part permission
        if (is_string($subject) || !$subject->getPart() instanceof Part) {
-            return $this->helper->isGranted($token, 'parts', $operation);
+            return $this->helper->isGranted($token, 'parts', $operation, $vote);
        }

        //Otherwise vote on the part
--- a/src/Security/Voter/ParameterVoter.php
+++ b/src/Security/Voter/ParameterVoter.php
@ -39,6 +39,7 @@ use App\Entity\Parameters\StorageLocationParameter;
 use App\Entity\Parameters\SupplierParameter;
 use RuntimeException;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -53,7 +54,7 @@ final class ParameterVoter extends Voter
    {
    }

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        //return $this->resolver->inherit($user, 'attachments', $attribute) ?? false;

@ -108,7 +109,7 @@ final class ParameterVoter extends Voter
            throw new RuntimeException('Encountered unknown Parameter type: ' . (is_object($subject) ? $subject::class : $subject));
        }

-        return $this->helper->isGranted($token, $param, $attribute);
+        return $this->helper->isGranted($token, $param, $attribute, $vote);
    }

    protected function supports(string $attribute, $subject): bool
--- a/src/Security/Voter/PartAssociationVoter.php
+++ b/src/Security/Voter/PartAssociationVoter.php
@ -46,6 +46,7 @@ use App\Services\UserSystem\VoterHelper;
 use Symfony\Bundle\SecurityBundle\Security;
 use App\Entity\Parts\Part;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -61,7 +62,7 @@ final class PartAssociationVoter extends Voter

    protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element'];

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        if (!is_string($subject) && !$subject instanceof PartAssociation) {
            throw new \RuntimeException('Invalid subject type!');
@ -77,7 +78,7 @@ final class PartAssociationVoter extends Voter

        //If we have no part associated use the generic part permission
        if (is_string($subject) ||  !$subject->getOwner() instanceof Part) {
-            return $this->helper->isGranted($token, 'parts', $operation);
+            return $this->helper->isGranted($token, 'parts', $operation, $vote);
        }

        //Otherwise vote on the part
--- a/src/Security/Voter/PartLotVoter.php
+++ b/src/Security/Voter/PartLotVoter.php
@ -46,6 +46,7 @@ use Symfony\Bundle\SecurityBundle\Security;
 use App\Entity\Parts\Part;
 use App\Entity\Parts\PartLot;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -59,13 +60,13 @@ final class PartLotVoter extends Voter

    protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element', 'withdraw', 'add', 'move'];

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        $user = $this->helper->resolveUser($token);

        if (in_array($attribute, ['withdraw', 'add', 'move'], true))
        {
-            $base_permission = $this->helper->isGranted($token, 'parts_stock', $attribute);
+            $base_permission = $this->helper->isGranted($token, 'parts_stock', $attribute, $vote);

            $lot_permission = true;
            //If the lot has an owner, we need to check if the user is the owner of the lot to be allowed to withdraw it.
@ -73,6 +74,10 @@ final class PartLotVoter extends Voter
                $lot_permission = $subject->getOwner() === $user || $subject->getOwner()->getID() === $user->getID();
            }

+            if (!$lot_permission) {
+                $vote->addReason('User is not the owner of the lot.');
+            }
+
            return $base_permission && $lot_permission;
        }

@ -86,7 +91,7 @@ final class PartLotVoter extends Voter

        //If we have no part associated use the generic part permission
        if (is_string($subject) || !$subject->getPart() instanceof Part) {
-            return $this->helper->isGranted($token, 'parts', $operation);
+            return $this->helper->isGranted($token, 'parts', $operation, $vote);
        }

        //Otherwise vote on the part
--- a/src/Security/Voter/PartVoter.php
+++ b/src/Security/Voter/PartVoter.php
@ -25,6 +25,7 @@ namespace App\Security\Voter;
 use App\Entity\Parts\Part;
 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -52,10 +53,9 @@ final class PartVoter extends Voter
        return false;
    }

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
-        //Null concealing operator means, that no
-        return $this->helper->isGranted($token, 'parts', $attribute);
+        return $this->helper->isGranted($token, 'parts', $attribute, $vote);
    }

    public function supportsAttribute(string $attribute): bool
--- a/src/Security/Voter/PermissionVoter.php
+++ b/src/Security/Voter/PermissionVoter.php
@ -24,6 +24,7 @@ namespace App\Security\Voter;

 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -39,12 +40,17 @@ final class PermissionVoter extends Voter

    }

-    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        $attribute = ltrim($attribute, '@');
        [$perm, $op] = explode('.', $attribute);

-        return $this->helper->isGranted($token, $perm, $op);
+        $result = $this->helper->isGranted($token, $perm, $op);
+        if ($result === false) {
+            $this->helper->addReason($vote, $perm, $op);
+        }
+
+        return $result;
    }

    public function supportsAttribute(string $attribute): bool
--- a/src/Security/Voter/PricedetailVoter.php
+++ b/src/Security/Voter/PricedetailVoter.php
@ -47,6 +47,7 @@ use App\Entity\PriceInformations\Orderdetail;
 use App\Entity\Parts\Part;
 use App\Entity\PriceInformations\Pricedetail;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 /**
@ -60,7 +61,7 @@ final class PricedetailVoter extends Voter

    protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element'];

-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        $operation = match ($attribute) {
            'read' => 'read',
@ -72,7 +73,7 @@ final class PricedetailVoter extends Voter

        //If we have no part associated use the generic part permission
        if (is_string($subject) || !$subject->getOrderdetail() instanceof Orderdetail || !$subject->getOrderdetail()->getPart() instanceof Part) {
-            return $this->helper->isGranted($token, 'parts', $operation);
+            return $this->helper->isGranted($token, 'parts', $operation, $vote);
        }

        //Otherwise vote on the part
--- a/src/Security/Voter/StructureVoter.php
+++ b/src/Security/Voter/StructureVoter.php
@ -33,6 +33,7 @@ use App\Entity\Parts\Supplier;
 use App\Entity\PriceInformations\Currency;
 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 use function is_object;
@ -113,10 +114,10 @@ final class StructureVoter extends Voter
     *
     * @param  string  $attribute
     */
-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        $permission_name = $this->instanceToPermissionName($subject);
        //Just resolve the permission
-        return $this->helper->isGranted($token, $permission_name, $attribute);
+        return $this->helper->isGranted($token, $permission_name, $attribute, $vote);
    }
 }
--- a/src/Security/Voter/UserVoter.php
+++ b/src/Security/Voter/UserVoter.php
@ -26,6 +26,7 @@ use App\Entity\UserSystem\User;
 use App\Services\UserSystem\PermissionManager;
 use App\Services\UserSystem\VoterHelper;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;

 use function in_array;
@ -79,7 +80,7 @@ final class UserVoter extends Voter
     *
     * @param  string  $attribute
     */
-    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
+    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        $user = $this->helper->resolveUser($token);

@ -97,7 +98,7 @@ final class UserVoter extends Voter
        if (($subject instanceof User) && $subject->getID() === $user->getID() &&
            $this->helper->isValidOperation('self', $attribute)) {
            //Then we also need to check the self permission
-            $tmp = $this->helper->isGranted($token, 'self', $attribute);
+            $tmp = $this->helper->isGranted($token, 'self', $attribute, $vote);
            //But if the self value is not allowed then use just the user value:
            if ($tmp) {
                return $tmp;
@ -106,7 +107,7 @@ final class UserVoter extends Voter

        //Else just check user permission:
        if ($this->helper->isValidOperation('users', $attribute)) {
-            return $this->helper->isGranted($token, 'users', $attribute);
+            return $this->helper->isGranted($token, 'users', $attribute, $vote);
        }

        return false;
--- a/src/Services/InfoProviderSystem/Providers/LCSCProvider.php
+++ b/src/Services/InfoProviderSystem/Providers/LCSCProvider.php
@ -123,11 +123,11 @@ class LCSCProvider implements InfoProviderInterface
     */
    private function queryByTerm(string $term): array
    {
-        $response = $this->lcscClient->request('GET', self::ENDPOINT_URL . "/search/global", [
+        $response = $this->lcscClient->request('POST', self::ENDPOINT_URL . "/search/v2/global", [
            'headers' => [
                'Cookie' => new Cookie('currencyCode', $this->settings->currency)
            ],
-            'query' => [
+            'json' => [
                'keyword' => $term,
            ],
        ]);
@ -165,6 +165,9 @@ class LCSCProvider implements InfoProviderInterface
        if ($field === null) {
            return null;
        }
+        // Replace "range" indicators with mathematical tilde symbols
+        // so they don't get rendered as strikethrough by Markdown
+        $field = preg_replace("/~/", "\u{223c}", $field);

        return strip_tags($field);
    }
@ -197,9 +200,6 @@ class LCSCProvider implements InfoProviderInterface
        $category = $product['parentCatalogName'] ?? null;
        if (isset($product['catalogName'])) {
            $category = ($category ?? '') . ' -> ' . $product['catalogName'];
-
-            // Replace the / with a -> for better readability
-            $category = str_replace('/', ' -> ', $category);
        }

        return new PartDetailDTO(
--- a/src/Services/Tools/ExchangeRateUpdater.php
+++ b/src/Services/Tools/ExchangeRateUpdater.php
@ -26,6 +26,8 @@ use App\Entity\PriceInformations\Currency;
 use App\Settings\SystemSettings\LocalizationSettings;
 use Brick\Math\BigDecimal;
 use Brick\Math\RoundingMode;
+use Exchanger\Exception\UnsupportedCurrencyPairException;
+use Exchanger\Exception\UnsupportedExchangeQueryException;
 use Swap\Swap;

 class ExchangeRateUpdater
@ -39,15 +41,21 @@ class ExchangeRateUpdater
     */
    public function update(Currency $currency): Currency
    {
-        //Currency pairs are always in the format "BASE/QUOTE"
-        $rate = $this->swap->latest($this->localizationSettings->baseCurrency.'/'.$currency->getIsoCode());
-        //The rate says how many quote units are worth one base unit
-        //So we need to invert it to get the exchange rate
+        try {
+            //Try it in the direction QUOTE/BASE first, as most providers provide rates in this direction
+            $rate = $this->swap->latest($currency->getIsoCode().'/'.$this->localizationSettings->baseCurrency);
+            $effective_rate = BigDecimal::of($rate->getValue());
+        } catch (UnsupportedCurrencyPairException|UnsupportedExchangeQueryException $exception) {
+            //Otherwise try to get it inverse and calculate it ourselfes, from the format "BASE/QUOTE"
+            $rate = $this->swap->latest($this->localizationSettings->baseCurrency.'/'.$currency->getIsoCode());
+            //The rate says how many quote units are worth one base unit
+            //So we need to invert it to get the exchange rate

-        $rate_bd = BigDecimal::of($rate->getValue());
-        $rate_inverted = BigDecimal::one()->dividedBy($rate_bd, Currency::PRICE_SCALE, RoundingMode::HALF_UP);
+            $rate_bd = BigDecimal::of($rate->getValue());
+            $effective_rate = BigDecimal::one()->dividedBy($rate_bd, Currency::PRICE_SCALE, RoundingMode::HALF_UP);
+        }

-        $currency->setExchangeRate($rate_inverted);
+        $currency->setExchangeRate($effective_rate);

        return $currency;
    }
--- a/src/Services/UserSystem/VoterHelper.php
+++ b/src/Services/UserSystem/VoterHelper.php
@ -28,6 +28,9 @@ use App\Repository\UserRepository;
 use App\Security\ApiTokenAuthenticatedToken;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Vote;
+use Symfony\Component\Security\Core\Authorization\Voter\Voter;
+use Symfony\Contracts\Translation\TranslatorInterface;

 /**
 * @see \App\Tests\Services\UserSystem\VoterHelperTest
@ -35,10 +38,14 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 final class VoterHelper
 {
    private readonly UserRepository $userRepository;
+    private readonly array $permissionStructure;

-    public function __construct(private readonly PermissionManager $permissionManager, private readonly EntityManagerInterface $entityManager)
+    public function __construct(private readonly PermissionManager $permissionManager,
+        private readonly TranslatorInterface $translator,
+        private readonly EntityManagerInterface $entityManager)
    {
        $this->userRepository = $this->entityManager->getRepository(User::class);
+        $this->permissionStructure = $this->permissionManager->getPermissionStructure();
    }

    /**
@ -47,11 +54,16 @@ final class VoterHelper
     * @param  TokenInterface  $token  The token to check
     * @param  string  $permission  The permission to check
     * @param  string  $operation  The operation to check
+     * @param  Vote|null $vote  The vote object to add reasons to (optional). If null, no reasons are added.
     * @return bool
     */
-    public function isGranted(TokenInterface $token, string $permission, string $operation): bool
+    public function isGranted(TokenInterface $token, string $permission, string $operation, ?Vote $vote = null): bool
    {
-        return $this->isGrantedTrinary($token, $permission, $operation) ?? false;
+        $tmp = $this->isGrantedTrinary($token, $permission, $operation) ?? false;
+        if ($tmp === false) {
+            $this->addReason($vote, $permission, $operation);
+        }
+        return $tmp;
    }

    /**
@ -124,4 +136,17 @@ final class VoterHelper
    {
        return $this->permissionManager->isValidOperation($permission, $operation);
    }
-}
+
+    public function addReason(?Vote $voter, string $permission, $operation): void
+    {
+        if ($voter !== null) {
+            $voter->addReason(sprintf("User does not have permission %s -> %s -> %s (%s.%s).",
+                $this->translator->trans('perm.group.'.($this->permissionStructure['perms'][$permission]['group'] ?? 'unknown') ),
+                $this->translator->trans($this->permissionStructure['perms'][$permission]['label'] ?? $permission),
+                $this->translator->trans($this->permissionStructure['perms'][$permission]['operations'][$operation]['label'] ?? $operation),
+                $permission,
+                $operation
+            ));
+        }
+    }
+}
--- a/symfony.lock
+++ b/symfony.lock
@ -133,15 +133,6 @@
    "ekino/phpstan-banned-code": {
        "version": "v0.3.1"
    },
-    "florianv/exchanger": {
-        "version": "1.4.1"
-    },
-    "florianv/swap": {
-        "version": "3.5.0"
-    },
-    "florianv/swap-bundle": {
-        "version": "5.0.x-dev"
-    },
    "gregwar/captcha": {
        "version": "v1.1.7"
    },
@ -254,6 +245,9 @@
            "./config/packages/datatables.yaml"
        ]
    },
+    "part-db/swap-bundle": {
+        "version": "v6.0.0"
+    },
    "php-http/discovery": {
        "version": "1.18",
        "recipe": {
--- a/templates/bundles/TwigBundle/Exception/error403.html.twig
+++ b/templates/bundles/TwigBundle/Exception/error403.html.twig
@ -1,6 +1,9 @@
 {% extends "bundles/TwigBundle/Exception/error.html.twig" %}

 {% block status_comment %}
-    Nice try! But you are not allowed to do this!
+    Nice try! But you are not allowed to do this!<br>
+    <code>{{ exception.message }}</code>
    <br> <small>If you think you should have access to this ressource, contact the adminstrator.</small>
-{% endblock %}
+
+
+{% endblock %}
--- a/templates/info_providers/providers.macro.html.twig
+++ b/templates/info_providers/providers.macro.html.twig
@ -23,7 +23,7 @@
                        </div>
                        <div class="col-6">
                            {% if provider.providerInfo.settings_class is defined %}
-                                <a href="{{ path('info_providers_provider_settings', {'provider': provider.providerKey}) }}" class="btn btn-primary btn-sm"
+                                <a href="{{ path('info_providers_provider_settings', {'provider': provider.providerKey}) }}" class="btn btn-primary btn-sm {% if not is_granted('@config.change_system_settings') %}disabled{% endif %}"
                                   title="{% trans %}info_providers.settings.title{% endtrans %}"
                                ><i class="fa-solid fa-cog"></i></a>
                            {% endif %}
--- a/tests/Controller/AdminPages/CurrencyController.php
+++ b/tests/Controller/AdminPages/CurrencyController.php
@ -0,0 +1,35 @@
+<?php
+/**
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ * Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+namespace App\Tests\Controller\AdminPages;
+
+use App\Entity\PriceInformations\Currency;
+use PHPUnit\Framework\Attributes\Group;
+use App\Entity\Parts\Manufacturer;
+
+#[Group('slow')]
+#[Group('DB')]
+class CurrencyController extends AbstractAdminController
+{
+    protected static string $base_path = '/en/currency';
+    protected static string $entity_class = Currency::class;
+}
--- a/translations/messages.en.xlf
+++ b/translations/messages.en.xlf
@ -7164,8 +7164,8 @@ Exampletown</target>
 Element 2
 Element 3

-Element 1 -&gt; Element 1.1
-Element 1 -&gt; Element 1.2]]></target>
+Element 1 -> Element 1.1
+Element 1 -> Element 1.2]]></target>
      </segment>
    </unit>
    <unit id="TWSqPFi" name="entity.mass_creation.btn">
--- a/yarn.lock
+++ b/yarn.lock
Author	SHA1	Message	Date
d-buchmann	0e9558e331	Do not mark internal (relative) links as external and open in new tab in markdown blocks Some checks are pending Build assets artifact / Build assets artifact (push) Waiting to run Details Docker Image Build / docker (push) Waiting to run Details Docker Image Build (FrankenPHP) / docker (push) Waiting to run Details Static analysis / Static analysis (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, sqlite) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, sqlite) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, sqlite) (push) Waiting to run Details Don't handle links as external by default. Instead distiguish internal (relative) and external (absolute) links.	2025-09-06 19:49:38 +02:00
d-buchmann	4e9e82d9f1	Replace "range" indicators with mathematical tilde in LCSC provider (#989 ) * Replace "range" indicators with mathematical tilde symbols in LCSC provider * Improve comment	2025-09-06 19:43:50 +02:00
Jan Böhmer	411ac500ba	New Crowdin updates (#1008 ) * New translations messages.en.xlf (Czech) * New translations messages.en.xlf (Czech) * New translations messages.en.xlf (Czech) * New translations messages.en.xlf (Czech) * New translations messages.en.xlf (German) * New translations messages.en.xlf (German) * New translations messages.en.xlf (German)	2025-09-06 19:43:05 +02:00
d-buchmann	b1443a817b	Add import permission for label profiles (#1021 )	2025-09-06 19:42:07 +02:00
Jan Böhmer	3e8ca06177	Fixed text color in ckeditor editors when in dark mode Fixes issue #1016	2025-09-06 19:34:31 +02:00
Jan Böhmer	c1b7272ab1	Updated frontend dependencies	2025-09-06 19:30:17 +02:00
Jan Böhmer	b093866d15	Do not replace LCSC category slashes with arrows, as these are actually their names, not level separators	2025-09-06 19:27:10 +02:00
Jan Böhmer	065ef9f8ae	Fixed LCSC provider LCSC has changed its search API, so it was broken. Fixes issue #1018	2025-09-06 19:22:59 +02:00
Jan Böhmer	9b17efc12c	Fixed phpstan issue Some checks are pending Build assets artifact / Build assets artifact (push) Waiting to run Details Docker Image Build / docker (push) Waiting to run Details Docker Image Build (FrankenPHP) / docker (push) Waiting to run Details Static analysis / Static analysis (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, sqlite) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, sqlite) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, sqlite) (push) Waiting to run Details	2025-09-06 00:39:23 +02:00
Jan Böhmer	fe7910a2f2	Fixed invalid name for currency in data fixture	2025-09-06 00:39:16 +02:00
Jan Böhmer	eb4258053e	Added voter reason explaination to the other voters	2025-09-06 00:24:55 +02:00
Jan Böhmer	117ff4484d	Allow to show what permissions a user is lacking in case of access denied message Should help with errors like 1026	2025-09-06 00:10:50 +02:00
Jan Böhmer	ba7d139f8a	Grey out info provider settings button if the user misses system settings permission Helps to make the problem in #1026 more clear	2025-09-05 23:33:05 +02:00
Jan Böhmer	d657b2ff04	Merge remote-tracking branch 'd-buchmann/fix-formatting-mass-creation'	2025-09-05 23:26:17 +02:00
Jan Böhmer	0637c05053	Merge remote-tracking branch 'd-buchmann/sqlite-min-version'	2025-09-05 23:26:13 +02:00
Jan Böhmer	88fbc46325	Added test for Currency Admin Controller	2025-09-05 23:25:20 +02:00
Jan Böhmer	379155e839	Allow for more currency exchange rate pairs, without need for fixer.io	2025-09-05 22:15:04 +02:00
Jan Böhmer	0717239296	Use central banks of czechia, turkey and romania as a free provider for their currencies exchange rates Some checks are pending Build assets artifact / Build assets artifact (push) Waiting to run Details Docker Image Build / docker (push) Waiting to run Details Docker Image Build (FrankenPHP) / docker (push) Waiting to run Details Static analysis / Static analysis (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, mysql) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, postgres) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, sqlite) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, sqlite) (push) Waiting to run Details PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, sqlite) (push) Waiting to run Details	2025-09-05 19:56:01 +02:00
Jan Böhmer	d3e3c4e3f8	Fixed currency admin page and modernized underlying swap packages Fixes issue #1009	2025-09-05 19:35:58 +02:00
d-buchmann	c9a1febc56	Fix formatting: Use literal '->' in CDATA context	2025-09-04 14:59:40 +02:00
d-buchmann	7f099972e1	Documentation - Require SQLite 3.35 That way, migrations that try to drop columns won't fail anymore (regardless if the user intended to use sqlite or not)	2025-09-04 14:50:59 +02:00