CI4MS Engineering

Developer Handbook

Reference this guide whenever you onboard, ship features, or maintain CI4MS. It merges environment requirements, coding conventions, workflow tips, and deployment best practices into a single companion for the engineering team.

1. System Requirements

Layer	Required	Notes
PHP	8.2+	Enable `intl`, `json`, `mbstring`, `gd`, `curl`, `openssl` extensions. Matches `composer.json` (8.2).
Composer	2.5+	Used for all PHP dependencies.
Database	MySQL / MariaDB	Any CodeIgniter-supported driver works. Configure via `.env`.
Web server	Apache / Nginx / `php spark serve`	Production deploys should point to the `public/` directory.
Docker	Docker Engine 24+ / Desktop	Optional but recommended for local development and CI.

2. Repository Layout Highlights

app/                 Application code (controllers, config, libraries, filters)
modules/             Feature modules (Auth, Backend, Blog, etc.)
public/
  index.php          Front controller
  be-assets/         Admin UI build artifacts (CSS/JS)
  templates/         Front-end themes (default shipped)
  media/             Media storage (ensure writable)
writable/            Cache, logs, temporary files (must be writable)
vendor/              Composer packages
.docker/             Dockerfile, Apache vhost, and php.ini
.github/workflows/   GitHub Actions CI pipeline
docs/                Developer documentation (this file and companions)

Key config files:

composer.json — PHP dependencies and scripts.
app/Config/DefaultRoutes.php — Routes template; copy to Routes.php on setup.
app/Config/Paths.php — Path constants including $supportDirectory (required by CI4 4.4+).
app/Config/*.php — Framework configuration; many classes consume cached settings populated at runtime.
.env — Environment overrides; generated from the env template.

3. Getting Started

3.1 Standard (local PHP)

Clone & install

git clone <repo-url> ci4ms
cd ci4ms
composer install

Environment
```
cp env .env
```
Update: app.baseURL, database.default.*, mail credentials, etc.

Prepare routes

cp app/Config/DefaultRoutes.php app/Config/Routes.php

One-command setup
```
php spark ci4ms:setup
```
This single command runs all migrations, seeds default data (admin user, sample pages, settings), and prepares the application.
Serve
```
php spark serve
```

3.2 Docker

cp env .env
cp app/Config/DefaultRoutes.php app/Config/Routes.php
# Edit .env: set database.default.hostname=db
docker compose up -d --build
docker exec ci4ms_app composer install
docker exec ci4ms_app php spark ci4ms:setup

Refer to DOCKER_SETUP.md for full configuration details.

4. Dependency Management

Composer packages

The project depends on CodeIgniter 4 and several packages:

codeigniter4/framework — Core framework.
codeigniter4/shield — Auth and RBAC.
ci4commonmodel — Database abstraction.
ci4seopro — SEO, JSON-LD, feeds.
sql2migration — CLI migration tooling.
ext_module_generator — Module scaffolding.

composer install
composer update vendor/package
composer outdated

Frontend Assets

The admin panel and templates use static JS/CSS packages (Tagify, Monaco, etc.). To keep the repository small and performant, we do not use npm or node_modules by default. Hosted statically in plugins/ and vendor/.

If you introduce a bundler (like Vite) in the future, be sure to compile assets and exclude node_modules from version control.

5. Coding Guidelines

Namespaces: PSR-4 via Composer. Modules live under Modules\<Name>, app code under App\.
Controllers: Backend controllers extend Modules\Backend\Controllers\BaseController; frontend extends App\Controllers\BaseController.
Views: Stored per module (Modules\Blog\Views\list etc.).
Helpers/Filters: Keep helpers/filters modular; app/Config/Filters discovers them dynamically.
Configuration: Module-specific configs live in modules/<Module>/Config.
Translations: Use modules/<Module>/Language/<locale>. 11 languages are currently supported.
Testing: Run composer test; add linting tooling if desired.

6. Modules & Permissions

Permissions are stored in auth_permissions_pages (CRUD JSON flags) and auth_users_permissions (overrides). The Modules\Methods\Controllers\Methods::moduleScan() command inspects routes and helps keep permissions in sync.

Workflow for a new module:

Scaffold with php spark make:module <Name> (provided by ext_module_generator).
Define routes in modules/<Name>/Config/Routes.php with role metadata.
Implement controllers, models, views.
Update permissions (run module scan or insert records manually).
Create migrations/seeds for new tables if required.

Clear cached permissions with php spark cache:clear or cache()->delete("{userId}_permissions").

7. Configuration & Settings Cache

Settings: Stored in the settings table and cached for 24h. Clear via cache()->delete('settings').
Menus: Cached as menus; automatically refreshed when editing via the Menu module.
Maintenance mode: Controlled by settings.maintenanceMode; triggers redirect in App\Filters\Ci4ms.

8. Media, File, & Theme Handling

Media Manager

elFinder config in Modules\Media\Controllers\Media::elfinderConnection().
Allowed MIME types from settings.allowedFiles.
Optional WebP conversion via claviska/simpleimage.
Storage: public/media/ (ensure writable, include .trash folder).

File Editor & Themes

Fileeditor: Uses realpath guards; limit use to trusted roles.
Themes: Located under public/templates/<theme>; ZIP uploads extract to writable/tmp.
Migrations: Themes can ship migrations inside Database/Migrations/; run on activation.
Boilerplate: Generate a starter boilerplate ZIP directly from the Theme Manager panel.
Required theme files: info.xml, screenshot.png (checked by backend filter).

Backup & Restore

Backup: Database dumps via mysqldump or PHP fallback.
Restore: Restore from local ZIPs or server archives.
Storage: Backups saved in writable/uploads/backups. Restore directly from the backend or download archives.

9. Public Assets & Front Controller

public/index.php bootstraps CodeIgniter; production servers should expose only public/.
public/maintenance/ serves the maintenance splash when enabled.
public/be-assets/ houses admin CSS/JS, images, plugins, and package manifests.
public/media/ contains uploaded media (include in backups).
public/templates/default/ is the bundled theme—use it as a blueprint for custom themes.

10. Testing & QA

Unit tests live under tests/. Add module-specific tests in tests/Modules/<Module>.
The GitHub Actions workflow (.github/workflows/docker-test.yaml) runs on every push:
- Builds the Docker image.
- Runs composer install.
- Executes php spark ci4ms:setup.
- Syntax checks across app/ and modules/.
- Validates HTTP responses for homepage and backend.
Use maintenance mode to hide upcoming changes during manual QA.

11. Debugging Tips

Enable the debug toolbar via CI_ENVIRONMENT=development.
Logs reside in writable/logs/; ensure permissions allow writing or inspect them via the backend viewer at /backend/logs.
Clear cache via php spark cache:clear or delete contents of writable/cache/.
Migration issues? Check logs and the ci_migrations table for batch sync.
Mail issues? Trigger the AJAX Test Mail button in Settings after configuring SMTP.
Docker issues? Run docker compose logs app to inspect container output.

12. Deployment Checklist

Switch to CI_ENVIRONMENT=production.
Set the public app.baseURL.
Point the web server root to public/; restrict other directories.
Run migrations/seeds (php spark migrate --all, relevant seeders).
Optional cache warm-up via scripted requests.
Disable the debug toolbar in production.
Set secure permissions (775/664 depending on user/group).
Back up uploads, database, and .env before major upgrades.

13. Contribution Workflow

Branching: Prefix with scope (e.g., feature/blog-scheduling).
Commits: Reference modules/issues ([Blog] Add scheduling support).
Pull requests: Note migrations, env vars, npm steps.
Reviews: Highlight permission changes, cache impacts, and CHANGELOG.md updates.
Changelog: Update CHANGELOG.md (Keep a Changelog format) before merging.

14. Further Reading & Resources

Update this handbook whenever the stack or workflows evolve so the team always has a current source of truth.

Ship with Confidence

CI4MS is engineered for extensibility. Keep this page bookmarked, share it with the team, and iterate responsibly.

Project README Architecture Companion