add security, calendar and menu-builder docs

Author: jannes-io

src/app/navigation.json

@@ -18,6 +18,21 @@
         "type": "route",
         "path": "forum",
         "label": "Forums"
+      },
+      {
+        "type": "route",
+        "path": "calendar",
+        "label": "Calendar"
+      },
+      {
+        "type": "route",
+        "path": "menu-builder",
+        "label": "Menu Builder"
+      },
+      {
+        "type": "route",
+        "path": "security",
+        "label": "Security"
       }
     ]
   },

src/app/user-manual/admin-panel/page.mdx

@@ -68,7 +68,7 @@ On the settings page you can find all of the components that are less frequently
 
 Here you can find:
 - Badges,
-- Calendars,
+- <Link href="/user-manual/calendar">Calendars</Link>,
 - Menu Builder,
 - Plugins,
 - Reactions,

src/app/user-manual/calendar/page.mdx

@@ -1 +1,28 @@
-# Calendar
+import Link from 'next/link';
+import { Wrench, Calendar, Plus } from '@phosphor-icons/react/dist/ssr';
+
+# Calendar
+
+The calendar component brings basic event scheduling capabilities to your forumify.
+
+## Managing calendars
+
+To get started with this component, you first need to create one or more calendars in the <Link href="/user-manual/admin-panel">Admin Panel</Link>.
+You can find them under <Wrench /> Settings -> <Calendar /> Calendar.
+
+Calendars can be compared to buckets for events. Each calendar has its name, color, and permissions.
+
+## Managing events
+
+Events are managed entirely from the frontend.
+
+### Creating events
+
+When you have the "Manage Events" permission on at least 1 calendar,
+the <span className="btn-link"><Plus /> Create Event</span> button will appear.
+
+### Managing events
+
+Find the event you'd like to modify in the calendar and open it. 
+If you have the "Manage Events" permission you will be able to see the edit and delete icons in the top right of the event popup.
+

src/app/user-manual/cms/page.mdx

@@ -0,0 +1,6 @@
+# Content Management System
+
+The Content Management System, or CMS, is a powerful tool that allows you to add custom static and dynamic pages to your website.
+
+forumify isn't just a forum platform, it's an entire suite of tools that enable you to build your community hub.
+

src/app/user-manual/forum/page.mdx

@@ -1,5 +1,5 @@
 import Link from 'next/link';
-import { Plus } from '@phosphor-icons/react/dist/ssr';
+import { Plus, Chats } from '@phosphor-icons/react/dist/ssr';
 import Alert from '@/components/Alert';
 
 # Forums
@@ -9,7 +9,7 @@ keep an organized documentation library, give and/or receive help,...
 
 ## Managing the forum
 
-You can create and manage forums from the <Link href="/user-manual/admin-panel">Admin Panel</Link>, under Forums.
+You can create and manage forums from the <Link href="/user-manual/admin-panel">Admin Panel</Link>, under <Chats /> Forums.
 
 ### Groups
 
@@ -144,3 +144,26 @@ Let's look at some examples to see what is possible with the right forum type an
 *\*Ideally your Helpdesk Agent role should be a moderator role. This will allow them to mark comments as answers, and manage the forum.*
 
 *\*\*The "Show all topics" permission is not visible until you saved the forum with the display setting "only show own topics" enabled.*
+
+## Moderating forums
+
+Users who have been given moderator permissions get the ability to moderate forums.
+
+This allows them to:
+- Edit topic titles and images
+- Edit all topic comments
+- Pin topics at the top of the list
+- Hide topics from non-moderators
+- View hidden topics
+- Lock topics from receiving comments
+- Comment on locked topics
+- Move topics to a different forum*
+- Delete topics
+
+*\*Moderators can move topics to any forum they can see, but they do not need to be a moderator in the receiving forum.*
+
+<Alert severity="warning">
+    Currently to give moderator permissions you need to enable the "Moderator" checkbox on a role and assign that role.
+    In the near future, this will change, and moderator will become an ACL permission on forums instead.
+</Alert>
+

src/app/user-manual/menu-builder/page.mdx

@@ -0,0 +1,34 @@
+import Link from 'next/link';
+import Alert from '@components/Alert';
+import { Wrench, List, Plus } from '@phosphor-icons/react/dist/ssr';
+
+# Menu Builder
+
+The menu builder allows admins to configure the main frontend navigation for their users.
+
+## Managing the menu
+
+The menu builder can be access from the <Link href="/user-manual/admin-panel">Admin Panel</Link>. Under <Wrench /> Settings -> <List /> Menu Builder.
+
+Use the <span className="btn-link"><Plus /> Add Item</span> button to create a new item in your website's menu.
+Enter a label and select a type, then press "Save".
+
+### Menu item types
+
+forumify as well as plugins provide different types of entries for the menu.
+
+- **Collection**: Collections are just groups of menu items. You can nest collections as deep as you want.
+- **Url**: The URL type is the most basic menu item type. Ideally this should only be used for external URLs, to link to other websites.
+- **Route**: Routes are what forumify uses internally to link to different pages. Routes should be used for any internal links.
+When forumify updates, it's possible that the link that is generated behind a route changes, using routes would make sure your item continues to work as expected.
+- **Page**: Provides an easier way to link to a CMS Page.
+- **Forum**: Provides an easier way to link to a Forum.
+- **Calendar**: Provides an easier way to link to a Calendar.
+
+<Alert severity="info">
+    Menu item types are dynamic and new ones can be added by plugins for you to use. The above list are the ones provided by forumify.
+</Alert>
+
+### Permissions
+
+Menu items are tied into the <Link href="/user-manual/security">ACL permission system</Link>. Allowing you to hide/show menu items based on user roles.

src/app/user-manual/security/page.mdx

@@ -1 +1,67 @@
-# Security
+import Link from 'next/link';
+import { Wrench, LockKey, LockSimple } from '@phosphor-icons/react/dist/ssr';
+import Alert from '@/components/Alert';
+
+# Security
+
+Security is one of the most important parts of any system. Almost all forumify components have security built into them.
+
+forumify has 2 different ways of securing components, pages, entities,...
+
+- Access Control Lists: defined by entities, controls individual fine-grained access for each "action" per role and per item.
+- Role Permissions: defined statically by the platform or plugins, controls access to larger sections or entire components.
+
+## Roles
+
+Everyone visiting your website is given a role. Even users who are not logged in will have the "Guest" role.
+
+Users can have multiple roles. All permissions and ACLs from all the roles the user have are merged together to define what the user can or cannot do.
+
+### Managing roles
+
+You can manage roles in the <Link href="/user-manual/admin-panel">Admin Panel</Link>.
+You can find them under <Wrench /> Settings -> <LockKey /> Roles.
+
+<Alert severity="warning">
+    Security is a complicated topic. It's best practice to have a second account you can use to test and verify the setup of your roles before assigning any
+    real users to them. A misconfiguration of roles could lead to accidentally leaking sensitive data, griefing, or even a total loss of control over your website.
+</Alert>
+
+When creating a role, you can give it a title, and it is highly recommended to give them a description.
+
+Optionally, you can enable the "Administrator" checkbox. Enabling this setting will grant access to the admin panel for all users with this role.
+This checkbox does not grant the user permissions to do anything within the admin panel, the different components are still protected by permissions.
+
+On the role form, in the tab "Permissions", you can assign permissions to the role. The platform, and each plugin that defines permissions, are separated by tabs.
+These permissions are typically meant to (dis)allow access to entire components. For example, if you want to give access to the admin panel to a certain role,
+but only to manage badges, you only select "view" and "manage" under "Settings" -> "Badges".
+
+Finally, to add or remove roles from a user, you have to edit the user. You can then manage their roles using the Roles input.
+
+<Alert severity="info">
+    Roles use a simple 1 dimensional hiearchy. Meaning that you can only assign roles that are equal-or-below your own role. Roles can be sorted using the
+    arrows in front of the rows in the Roles table.
+</Alert>
+
+
+### System roles
+
+There are 3 roles within forumify that can not be deleted or modified:
+
+- **Super Admin**: The Super Admin role bypasses any and all security checks.
+It's the most powerful role in your system and should be treated with extreme care.
+Only the website's owner should have this role. It is given to the user who installed the platform.
+- **User**: The User role is automatically assigned to any user that is logged in.
+- **Guest**: The Guest role is automatically assigned to any user that is *not* logged in.
+
+So if you want to grant access to **all** users, all you have to do is assign the permission to both *User* and *Guest* roles.
+
+## ACL (Access Control Lists)
+
+The most common security mechanism you will see in action is ACL. ACL allows you to enable an action for each role.
+
+ACLs are not managed in the Role's setting, but they are managed in the entity that defines them. 
+Usually when you see a <LockSimple /> button, you are editing the access control for that entity.
+Entities that are governed by ACLs define their own permissions.
+For example, a forum defines the permissions "view", "create topic", "create comment",...
+

src/styles/index.scss

@@ -85,3 +85,7 @@ span {
     padding: var(--spacing-2);
   }
 }
+
+ol, ul {
+  margin-bottom: var(--spacing-2);
+}