Upgrade to 3.9.0

kirby/src/Cms/UserRules.php

@@ -8,6 +8,7 @@ use Kirby\Exception\LogicException;
 use Kirby\Exception\PermissionException;
 use Kirby\Toolkit\Str;
 use Kirby\Toolkit\V;
+use SensitiveParameter;
 
 /**
  * Validators for all user actions
@@ -83,13 +84,13 @@ class UserRules
 	/**
 	 * Validates if the password can be changed
 	 *
-	 * @param \Kirby\Cms\User $user
-	 * @param string $password
-	 * @return bool
 	 * @throws \Kirby\Exception\PermissionException If the user is not allowed to change the password
 	 */
-	public static function changePassword(User $user, string $password): bool
-	{
+	public static function changePassword(
+		User $user,
+		#[SensitiveParameter]
+		string $password
+	): bool {
 		if ($user->permissions()->changePassword() !== true) {
 			throw new PermissionException([
 				'key'  => 'user.changePassword.permission',
@@ -193,12 +194,13 @@ class UserRules
 		}
 
 		// check user permissions (if not on install)
-		if ($user->kirby()->users()->count() > 0) {
-			if ($user->permissions()->create() !== true) {
-				throw new PermissionException([
-					'key' => 'user.create.permission'
-				]);
-			}
+		if (
+			$user->kirby()->users()->count() > 0 &&
+			$user->permissions()->create() !== true
+		) {
+			throw new PermissionException([
+				'key' => 'user.create.permission'
+			]);
 		}
 
 		return true;
@@ -332,13 +334,13 @@ class UserRules
 	/**
 	 * Validates a password
 	 *
-	 * @param \Kirby\Cms\User $user
-	 * @param string $password
-	 * @return bool
 	 * @throws \Kirby\Exception\InvalidArgumentException If the password is too short
 	 */
-	public static function validPassword(User $user, string $password): bool
-	{
+	public static function validPassword(
+		User $user,
+		#[SensitiveParameter]
+		string $password
+	): bool {
 		if (Str::length($password ?? null) < 8) {
 			throw new InvalidArgumentException([
 				'key' => 'user.password.invalid',