summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* feature #15899 [3.0][Security] Remove deprecated features (WouterJ)Fabien Potencier2015-09-306-270/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 3.0-dev branch. Discussion ---------- [3.0][Security] Remove deprecated features | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | yes | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- c3c5989 Remove more tests 6f9e897 Remove AbstractVoter#isGranted() method 6b6de15 Removed supports{Attribute,Class}() methods
| * Remove more testsWouterJ2015-09-301-36/+0
| |
| * Remove AbstractVoter#isGranted() methodWouterJ2015-09-302-84/+1
| |
| * Removed supports{Attribute,Class}() methodsWouterJ2015-09-304-150/+1
| |
* | Merge branch '2.8'Fabien Potencier2015-09-301-1/+2
|\ \ | |/ |/| | | | | | | | | | | * 2.8: add dependency required by a replaced package Add a way to group toolbar info pieces Added general sf-toolbar-block-right class Bind input before executing the COMMAND event
| * add dependency required by a replaced packageChristian Flothmann2015-09-301-1/+2
| | | | | | | | | | | | | | Since #16007, the Security HTTP component requires the PropertyAccess component to access nested parameter bag values. Since the Security component replaces the Security HTTP component, all dependencies of the replaced packages must be mirrored here.
* | fixed composer.jsonFabien Potencier2015-09-301-1/+1
| |
* | Merge branch '2.8'Fabien Potencier2015-09-3010-16/+146
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: Remove profiler storages deprecate finding deep items in request parameters [CssSelector] updated README [CssSelector] remove ConverterInterface [DependencyInjection] improved a comment for reading fluency [HttpKernel] change a class in tests to avoid depending on SQLite [FrameworkBundle] Fix tests [Bridge\Twig] Fix form lowest version [ci] Display fastest results first when running tests in parallel [Yaml] Improve newline handling in folded scalar blocks
| * deprecate finding deep items in request parametersChristian Flothmann2015-09-3010-17/+147
| |
* | Merge branch '2.8'Tobias Schultze2015-09-299-54/+374
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: composer.json src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php src/Symfony/Bundle/FrameworkBundle/Command/RouterDebugCommand.php src/Symfony/Bundle/FrameworkBundle/Console/Descriptor/TextDescriptor.php src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php src/Symfony/Component/ClassLoader/ApcUniversalClassLoader.php src/Symfony/Component/ClassLoader/DebugClassLoader.php src/Symfony/Component/ClassLoader/UniversalClassLoader.php src/Symfony/Component/Console/Input/StringInput.php src/Symfony/Component/Debug/DebugClassLoader.php src/Symfony/Component/DependencyInjection/Container.php src/Symfony/Component/DependencyInjection/ContainerBuilder.php src/Symfony/Component/DependencyInjection/ContainerInterface.php src/Symfony/Component/DependencyInjection/Definition.php src/Symfony/Component/DependencyInjection/DefinitionDecorator.php src/Symfony/Component/DependencyInjection/Scope.php src/Symfony/Component/DependencyInjection/ScopeInterface.php src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/EventDispatcher/Event.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/HttpKernel/KernelInterface.php src/Symfony/Component/HttpKernel/Log/LoggerInterface.php src/Symfony/Component/HttpKernel/Log/NullLogger.php src/Symfony/Component/Security/Core/composer.json src/Symfony/Component/Security/Resources/translations/security.tr.xlf src/Symfony/Component/Security/composer.json src/Symfony/Component/Translation/Translator.php
| * Merge branch '2.7' into 2.8Tobias Schultze2015-09-291-6/+6
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/Symfony/Component/Console/Application.php src/Symfony/Component/Console/Command/Command.php src/Symfony/Component/Console/Formatter/OutputFormatter.php src/Symfony/Component/Console/Formatter/OutputFormatterStyle.php src/Symfony/Component/Console/Input/Input.php src/Symfony/Component/Console/Input/InputArgument.php src/Symfony/Component/Console/Input/InputDefinition.php src/Symfony/Component/Console/Input/InputOption.php src/Symfony/Component/Console/Output/OutputInterface.php src/Symfony/Component/Console/Output/StreamOutput.php src/Symfony/Component/CssSelector/CssSelector.php src/Symfony/Component/DependencyInjection/Container.php src/Symfony/Component/DependencyInjection/ContainerBuilder.php src/Symfony/Component/DependencyInjection/ContainerInterface.php src/Symfony/Component/DependencyInjection/Definition.php src/Symfony/Component/DependencyInjection/Scope.php src/Symfony/Component/DependencyInjection/ScopeInterface.php src/Symfony/Component/Validator/Constraints/Currency.php src/Symfony/Component/Validator/Constraints/CurrencyValidator.php
| | * Merge branch '2.3' into 2.7Tobias Schultze2015-09-291-6/+6
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/Symfony/Component/ClassLoader/ApcUniversalClassLoader.php src/Symfony/Component/ClassLoader/DebugClassLoader.php src/Symfony/Component/ClassLoader/UniversalClassLoader.php src/Symfony/Component/Console/Command/Command.php src/Symfony/Component/DependencyInjection/Definition.php src/Symfony/Component/DependencyInjection/DefinitionDecorator.php src/Symfony/Component/EventDispatcher/Event.php src/Symfony/Component/Filesystem/Exception/IOException.php src/Symfony/Component/HttpFoundation/File/File.php src/Symfony/Component/HttpFoundation/ResponseHeaderBag.php src/Symfony/Component/HttpFoundation/Session/SessionInterface.php src/Symfony/Component/HttpFoundation/StreamedResponse.php src/Symfony/Component/HttpKernel/Controller/ControllerResolver.php src/Symfony/Component/HttpKernel/Controller/ControllerResolverInterface.php src/Symfony/Component/HttpKernel/HttpKernel.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/HttpKernel/KernelInterface.php src/Symfony/Component/HttpKernel/Log/LoggerInterface.php src/Symfony/Component/HttpKernel/Log/NullLogger.php src/Symfony/Component/Process/Process.php src/Symfony/Component/Routing/RequestContext.php src/Symfony/Component/Routing/Route.php src/Symfony/Component/Templating/EngineInterface.php src/Symfony/Component/Templating/PhpEngine.php src/Symfony/Component/Templating/TemplateNameParser.php src/Symfony/Component/Templating/TemplateReference.php src/Symfony/Component/Templating/TemplateReferenceInterface.php src/Symfony/Component/Translation/IdentityTranslator.php src/Symfony/Component/Translation/Translator.php src/Symfony/Component/Validator/ConstraintViolationInterface.php src/Symfony/Component/Validator/Constraints/False.php src/Symfony/Component/Validator/Constraints/FalseValidator.php src/Symfony/Component/Validator/Constraints/GroupSequence.php src/Symfony/Component/Validator/Constraints/Image.php src/Symfony/Component/Validator/Constraints/Null.php src/Symfony/Component/Validator/Constraints/NullValidator.php src/Symfony/Component/Validator/Constraints/True.php src/Symfony/Component/Validator/Constraints/TrueValidator.php src/Symfony/Component/Validator/ExecutionContextInterface.php src/Symfony/Component/Validator/ValidatorInterface.php
| | | * Fixed incorrect and inconsistent translationslashae2015-09-281-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "Fiş" is a correct translation for "token", however "bilet" is also used, I fixed that inconsistency. Moreover, "kimlik bilgileri" is a better translation for "credentials" than "girdiler". "Girdiler" is the translation of "inputs", so I fixed sentences with "credentials". "Hesap engellenmiş" is better than "Hesap devre dışı bırakılmış" for "Account is disabled.". "Digest nonce has expired" can be translated better as "Derleme zaman aşımına uğradı." because "Derleme zaman aşımı gerçekleşti" has a confirmation sense like user requested it to expire and it has expired. References: token: http://tureng.com/search/token (3rd entry) credentials: http://www2.zargan.com/tr/q/credentials-ceviri-nedir (1st entry) disable: http://tureng.com/search/disable (15th entry)
| * | | [Ldap] add some missing license file headersChristian Flothmann2015-09-282-0/+18
| | | |
| * | | fix tests for the `AbstractVoter` classChristian Flothmann2015-09-282-44/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * The `LegacyAbstractVoterTest` class is not needed anymore, tests have been moved to the `AbstractVoterTest` class tagging them with the legacy group. * Tests are applied on `stdClass` object instances. Thus, the legacy voter fixture class must not support `AbstractVoterTest_Object` instances, but support `stdClass` objects instead.
| * | | Implemented LDAP authentication and LDAP user providerGrégoire Pineau2015-09-286-3/+346
| | | |
* | | | Merge branch '2.8'Fabien Potencier2015-09-283-63/+149
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: [Finder] simplified code Fix tests in 2.8 [Validator] Sync polish translation file Adding a class to make it easier to set custom authentication error messages Readd the correct tests
| * | | Fix tests in 2.8Wouter J2015-09-281-12/+42
| | | |
| * | | feature #15882 Easier Custom Authentication errors (weaverryan)Fabien Potencier2015-09-282-0/+105
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Easier Custom Authentication errors | Q | A | ------------- | --- | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | not yet This makes failing authentication with a custom message much easier: ```php throw CustomAuthenticationException::createWithSafeMessage( 'That was a ridiculous username' ); // or $e = new CustomAuthenticationException(); $e->setSafeMessage('That was a ridiculous username'); throw $e; ``` Currently, to do this, you'd need to create a new sub-class of `AuthenticationException`, which is way more work than it needs to be. The original design was so that all messages exposed are safe, which is why I've named the methods like I have. Thanks! Commits ------- d7c1463 Adding a class to make it easier to set custom authentication error messages
| | * | | Adding a class to make it easier to set custom authentication error messagesRyan Weaver2015-09-272-0/+105
| | | | |
| * | | | Merge branch '2.7' into 2.8Fabien Potencier2015-09-281-75/+26
| |\ \ \ \ | | | |/ / | | |/| | | | | | | | | | | | * 2.7: Readd the correct tests
| | * | | minor #15942 [Security] Improve AbstractVoter tests (WouterJ)Fabien Potencier2015-09-281-46/+30
| | |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.7 branch. Discussion ---------- [Security] Improve AbstractVoter tests Applying the improved tests from https://github.com/symfony/symfony/pull/15932 into the oldest possible branch. Merge conflicts from 2.7 into 2.8 caused by this PR do not need to be done carefully, I'll create a new PR for 2.8 updating the tests as soon as these changes are merged up. | Q | A | ------------- | --- | Fixed tickets | - | License | MIT Commits ------- 5ff741d Readd the correct tests
| | | * | | Readd the correct testsWouter J2015-09-271-46/+30
| | | | | |
| * | | | | Merge branch '2.7' into 2.8Fabien Potencier2015-09-281-1/+1
| |\ \ \ \ \ | | |/ / / / | | | | / / | | |_|/ / | |/| | | * 2.7: [Security] fixed composer.json
| | * | | [Security] fixed composer.jsonFabien Potencier2015-09-281-1/+1
| | |/ /
* | | | Merge branch '2.8'Fabien Potencier2015-09-279-46/+116
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: (28 commits) Detect Mintty for color support on Windows Detect Mintty for color support on Windows [WebProfilerBundle] Fix search button click listener [Form][Type Date/Time] added choice_translation_domain option. Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870 Making all "debug" messages use the debug router Making GuardTokenInterface extend TokenInterface Updating behavior to not continue after an authenticator has set the response Add a group for tests of the finder against the FTP server Fix trigger_error calls Fix legacy security tests tweaking message related to configuration edge case that we want to be helpful with Minor tweaks - lowering the required security-http requirement and nulling out a test field Fix license headers Fix license headers Fix license headers Ensure the ClockMock is loaded before using it in the testsuite Allow serializer 3.0 in the PropertyInfo component Add the replace rules for the security-guard component Forbid serializing a Crawler ...
| * | | Merge branch '2.7' into 2.8Fabien Potencier2015-09-272-2/+10
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: Detect Mintty for color support on Windows Detect Mintty for color support on Windows Add a group for tests of the finder against the FTP server Fix license headers Forbid serializing a Crawler Fix phpdoc block of NativeSessionStorage class Added exception when setAutoInitialize is called when locked [FrameworkBundle] Advanced search templates of bundles [Security] Allow user providers to be defined in many files Use random_bytes function if it is available for random number generation
| | * | Merge branch '2.3' into 2.7Fabien Potencier2015-09-272-2/+8
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Detect Mintty for color support on Windows Add a group for tests of the finder against the FTP server Fix license headers Forbid serializing a Crawler Fix phpdoc block of NativeSessionStorage class Added exception when setAutoInitialize is called when locked [FrameworkBundle] Advanced search templates of bundles [Security] Allow user providers to be defined in many files Use random_bytes function if it is available for random number generation
| | | * Use random_bytes function if it is available for random number generationPierre du Plessis2015-09-232-5/+10
| | | |
| * | | bug #15925 Updating behavior to not continue after an authenticator has set ↵Fabien Potencier2015-09-272-8/+47
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the response (weaverryan) This PR was merged into the 2.8 branch. Discussion ---------- Updating behavior to not continue after an authenticator has set the response | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | https://github.com/symfony/symfony/pull/14673/files#r40492765 | License | MIT | Doc PR | n/a This mirrors the behavior in core: *if* a listener sets a response (on success or failure), then the other listeners are not called. But if a response is *not* set (which is sometimes the case for success, like in BasicAuthenticationListener), then the other listeners are called, and can even fail. It's all a bit of an edge-case, as only one authenticator (like authentication listener) would normally be doing any work on a request, but I think matching the other listeners (since I'm not aware of anyone having issues with its behavior) is best. Commits ------- 5fa2684 Making all "debug" messages use the debug router f403444 Updating behavior to not continue after an authenticator has set the response
| | * | | Making all "debug" messages use the debug routerRyan Weaver2015-09-261-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | Only the "auth success" and "auth failed" messages remain at info. That's consistent with AbstractAuthenticationListener
| | * | | Updating behavior to not continue after an authenticator has set the responseRyan Weaver2015-09-262-1/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This mirrors the behavior in core: *if* a listener sets a response (on success or failure), then the other listeners are not called. But if a response is *not* set (which is sometimes the case for success, like in BasicAuthenticationListener), then the other listeners are called, and can even fail.
| * | | | bug #15921 Abstract voter tweaks (weaverryan)Fabien Potencier2015-09-272-26/+39
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Abstract voter tweaks | Q | A | ------------- | --- | Bug fix? | yes (a little) | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Based on suggestions from stof in #15870, this simplifies the BC and deprecation throwing code. This also adds a BadMethodCallException in case the user doesn't override `isGranted` *or* `voteOnAttribute`, because that's just plain wrong (as is calling `isGranted()` on the parent class directly, since that was formerly abstract). Commits ------- c03f5c2 Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870
| | * | | | Massively simplifying the BC and deprecated-throwing code thanks to ↵Ryan Weaver2015-09-262-26/+39
| | | | | | | | | | | | | | | | | | | | | | | | suggestions by stof in #15870
| * | | | | bug #15927 Making GuardTokenInterface extend TokenInterface (weaverryan)Fabien Potencier2015-09-271-1/+3
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Making GuardTokenInterface extend TokenInterface | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #15884 | License | MIT | Doc PR | n/a See #15884 Commits ------- 7f04fbb Making GuardTokenInterface extend TokenInterface
| | * | | | | Making GuardTokenInterface extend TokenInterfaceRyan Weaver2015-09-261-1/+3
| | | |/ / / | | |/| | | | | | | | | | | | | | | | | | | | | This makes some of our type-hints more honest: i.e. where we look for a GuardTokenInterface, but really also expect it to implement TokenInterface.
| * | | | | minor #15920 Guard minor tweaks (weaverryan)Fabien Potencier2015-09-272-1/+2
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Guard minor tweaks | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Various completely minor things, most from suggestions on #14673 Commits ------- 869d5a7 tweaking message related to configuration edge case that we want to be helpful with da4758a Minor tweaks - lowering the required security-http requirement and nulling out a test field
| | * | | | | Minor tweaks - lowering the required security-http requirement and nulling ↵Ryan Weaver2015-09-262-1/+2
| | |/ / / / | | | | | | | | | | | | | | | | | | out a test field
| * | | | | minor #15910 Add the replace rules for the security-guard component (stof)Fabien Potencier2015-09-271-0/+1
| |\ \ \ \ \ | | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Add the replace rules for the security-guard component | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a The update of composer replacements was forgotten in #14673 Commits ------- 5ef8abc Add the replace rules for the security-guard component
| | * | | | Add the replace rules for the security-guard componentChristophe Coevoet2015-09-261-0/+1
| | | | | |
| * | | | | minor #15923 Fix legacy security tests (stof)Christophe Coevoet2015-09-261-2/+2
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Fix legacy security tests | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a when merging legacy test classes together in #15893, use statements where not copied, making the tests fail. Commits ------- 8b615bb Fix legacy security tests
| | * | | | | Fix legacy security testsChristophe Coevoet2015-09-261-2/+2
| | | |/ / / | | |/| | |
| * | | | | Fix trigger_error callsWouterJ2015-09-262-7/+7
| |/ / / /
| * | | | Fix license headersGábor Egyed2015-09-261-0/+9
| |/ / /
| * | | minor #15893 Merged LegacySecurityContext tests (WouterJ)Fabien Potencier2015-09-262-31/+10
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Merged LegacySecurityContext tests I've no idea why this test was introduced in the wrong namespace in 2.8, but I merged it in the correct test case now. Commits ------- 2c4da3c Merged LegacySecurityContext tests
| | * | | Merged LegacySecurityContext testsWouterJ2015-09-252-31/+10
| | | | |
* | | | | Update the branch alias for new components in their 3.0 branchChristophe Coevoet2015-09-261-4/+4
| | | | |
* | | | | Merge branch '2.8'Fabien Potencier2015-09-268-7/+128
|\ \ \ \ \ | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: (23 commits) [Validator] added BIC (SWIFT-BIC) validation constraint [TwigBridge] Foundation form layout integration [Security] Deprecated supportsAttribute and supportsClass methods bumped Symfony version to 2.7.6 updated VERSION for 2.7.5 updated CHANGELOG for 2.7.5 bumped Symfony version to 2.3.34 updated VERSION for 2.3.33 update CONTRIBUTORS for 2.3.33 updated CHANGELOG for 2.3.33 [Console] Fix transient HHVM test [OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies fixed tests [DI] Support deprecated definitions in decorators [DI] Allow to change the deprecation message in Definition [DI] Trigger a deprecated error on the container builder [DI] Dump the deprecated status [DI] Supports the deprecated tag in loaders [DI] Add a deprecated status to definitions Fixing test locations ...
| * | | | feature #15151 [Security] Deprecated supportsAttribute and supportsClass ↵Fabien Potencier2015-09-258-5/+126
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | methods (WouterJ) This PR was squashed before being merged into the 2.8 branch (closes #15151). Discussion ---------- [Security] Deprecated supportsAttribute and supportsClass methods These methods aren't used at all in a Symfony application and don't make sense to use in the application. They are only used internally in the voters. This means the voter interface can be made much easier. I'm not sure how we do these deprecations, should we remove the methods from the interface now already? Also, I don't think it's possible to trigger deprecation notices for the voter methods? | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | one of #11742 | License | MIT | Doc PR | - Abstract Voter --- There is one remaining question about the abstract voter. This currently has abstract `getSupportedAttributes()` and `getSupportedClass()` methods. One of the reasons to remove the methods for the interface was that these methods are not flexible. Does it make sense to deprecate these methods as well and replace them by an abstract `protected vote(array $attributes, $class)` method in the `AbstractVoter` (which is called from `AbstractVoter#vote()`) ? Commits ------- 6588708 [Security] Deprecated supportsAttribute and supportsClass methods
| | * | | | [Security] Deprecated supportsAttribute and supportsClass methodsWouterJ2015-09-259-126/+197
| | |/ / /
| * | | | Merge branch '2.7' into 2.8Nicolas Grekas2015-09-252-3/+3
| |\ \ \ \ | | |/ / / | |/| / / | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [Console] Fix transient HHVM test [OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies fixed tests Fixing test locations [VarDumper] Fix dump comparison on large arrays [expression-language] Code Cleanup for GetAttrNode
| | * | fixed testsv2.7.5Fabien Potencier2015-09-251-1/+1
| | | |
| | * | Fixing test locationsRyan Weaver2015-09-232-2/+2
| | | |
* | | | Merge branch '2.8'Nicolas Grekas2015-09-2422-7/+1661
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: (29 commits) Updating AbstractVoter so that the method receives the TokenInterface Adding the necessary files so that Guard can be its own installable component Fix syntax in a test Normalize the way we check versions Avoid errors when generating the logout URL when there is no firewall key Removing unnecessary override fabbot Adding a new exception and throwing it when the User changes Fixing a bug where having an authentication failure would log you out. Tweaks thanks to Wouter Adding logging on this step and switching the order - not for any huge reason Adding a base class to assist with form login authentication Allowing for other authenticators to be checked meaningless author and license changes Adding missing factory registration Thanks again fabbot! A few more changes thanks to @iltar Splitting the getting of the user and checking credentials into two steps Tweaking docblock on interface thanks to @iltar Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar ... Conflicts: UPGRADE-2.8.md src/Symfony/Bridge/Twig/Tests/Node/DumpNodeTest.php src/Symfony/Bundle/FrameworkBundle/Command/ServerCommand.php src/Symfony/Component/Validator/Tests/Constraints/AbstractComparisonValidatorTestCase.php src/Symfony/Component/Validator/Tests/Constraints/IdenticalToValidatorTest.php src/Symfony/Component/Validator/Tests/Constraints/RangeValidatorTest.php
| * | | feature #14673 New Guard Authentication System (e.g. putting the joy back ↵Fabien Potencier2015-09-2420-3/+1587
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into security) (weaverryan) This PR was merged into the 2.8 branch. Discussion ---------- New Guard Authentication System (e.g. putting the joy back into security) | Q | A | ------------- | --- | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | at least partially: #14300, #11158, #11451, #10035, #10463, #8606, probably more | License | MIT | Doc PR | symfony/symfony-docs#5265 Hi guys! Though it got much easier in 2.4 with `pre_auth`, authentication is a pain in Symfony. This introduces a new authentication provider called guard, with one goal in mind: put everything you need for *any* authentication system into one spot. ### How it works With guard, you can perform custom authentication just by implementing the [GuardAuthenticatorInterface](https://github.com/weaverryan/symfony/blob/guard/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php) and registering it as a service. It has methods for every part of a custom authentication flow I can think of. For a working example, see https://github.com/weaverryan/symfony-demo/tree/guard-auth. This uses 2 authenticators simultaneously, creating a system that handles [form login](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/FormLoginAuthenticator.php) and [api token auth](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/TokenAuthenticator.php) with a respectable amount of code. The [security.yml](https://github.com/weaverryan/symfony-demo/blob/guard-auth/app/config/security.yml) is also quite simple. This also supports "manual login" without jumping through hoops: https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Controller/SecurityController.php#L45 I've also tested with "remember me" and "switch user" - no problems with either. I hope you like it :). ### What's Needed 1) **Other Use-Cases?**: Please think about the code and try it. What use-cases are we *not* covering? I want Guard to be simple, but cover the 99.9% use-cases. 2) **Remember me** functionality cannot be triggered via manual login. That's true now, and it's not fixed, and it's tricky. ### Deprecations? This is a new feature, so no deprecations. But, creating a login form with a guard authenticator is a whole heck of a lot easier to understand than `form_login` or even `simple_form`. In a perfect world, we'd either deprecate those or make them use "guard" internally so that we have just **one** way of performing authentication. Thanks! Commits ------- a01ed35 Adding the necessary files so that Guard can be its own installable component d763134 Removing unnecessary override e353833 fabbot dd485f4 Adding a new exception and throwing it when the User changes 302235e Fixing a bug where having an authentication failure would log you out. 396a162 Tweaks thanks to Wouter c9d9430 Adding logging on this step and switching the order - not for any huge reason 31f9cae Adding a base class to assist with form login authentication 0501761 Allowing for other authenticators to be checked 293c8a1 meaningless author and license changes 81432f9 Adding missing factory registration 7a94994 Thanks again fabbot! 7de05be A few more changes thanks to @iltar ffdbc66 Splitting the getting of the user and checking credentials into two steps 6edb9e1 Tweaking docblock on interface thanks to @iltar d693721 Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar eb158cb Updating interface method per suggestion - makes sense to me, Request is redundant c73c32e Thanks fabbot! 6c180c7 Adding an edge case - this should not happen anyways 180e2c7 Properly handles "post auth" tokens that have become not authenticated 873ed28 Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface a0bceb4 adding Guard tests 05af97c Initial commit (but after some polished work) of the new Guard authentication system 330aa7f Improving phpdoc on AuthenticationEntryPointInterface so people that implement this understand it
| | * | | Adding the necessary files so that Guard can be its own installable componentRyan Weaver2015-09-235-0/+113
| | | | |
| | * | | Removing unnecessary overrideRyan Weaver2015-09-221-12/+0
| | | | |
| | * | | fabbotRyan Weaver2015-09-203-14/+12
| | | | |
| | * | | Adding a new exception and throwing it when the User changesRyan Weaver2015-09-203-4/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is quite technical. As you can see in the provider, the method is called sometimes when the User changes, and so the token becomes de-authenticated (e.g. someone else changes the password between requests). In practice, the user should be unauthenticated. Using the anonymous token did this, but throwing an AccountStatusException seems like a better idea. It needs to be an AccountStatusException because the ExceptionListener from the Firewall looks for exceptions of this class and logs the user out when they are found (because this is their purpose).
| | * | | Fixing a bug where having an authentication failure would log you out.Ryan Weaver2015-09-204-8/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This solution is a copy of what AbstractAuthenticationListener does. Scenario: 1) Login 2) Go back to the log in page 3) Put in a bad user/pass You *should* still be logged in after a failed attempt. This commit gives that behavior.
| | * | | Tweaks thanks to WouterRyan Weaver2015-09-202-6/+3
| | | | |
| | * | | Adding logging on this step and switching the order - not for any huge reasonRyan Weaver2015-09-201-3/+7
| | | | |
| | * | | Adding a base class to assist with form login authenticationRyan Weaver2015-09-201-0/+104
| | | | |
| | * | | Allowing for other authenticators to be checkedRyan Weaver2015-09-201-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | If you have 2 firewalls, 2 GuardAuthenticationProviders are still created, so we need to be able to run through both of them.
| | * | | meaningless author and license changesRyan Weaver2015-09-208-11/+83
| | | | |
| | * | | Thanks again fabbot!Ryan Weaver2015-09-201-4/+4
| | | | |
| | * | | A few more changes thanks to @iltarRyan Weaver2015-09-201-4/+4
| | | | |
| | * | | Splitting the getting of the user and checking credentials into two stepsRyan Weaver2015-09-203-12/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This looks like a subjective change (one more method, but the method implementations are simpler), but it wasn't. The problem was that the UserChecker checkPreAuth should happen *after* we get the user, but *before* the credentials are checked, and that wasn't possible before this change. Now it is.
| | * | | Tweaking docblock on interface thanks to @iltarRyan Weaver2015-09-201-3/+4
| | | | |
| | * | | Adding periods at the end of exceptions, and changing one class name to ↵Ryan Weaver2015-09-204-8/+8
| | | | | | | | | | | | | | | | | | | | LogicException thanks to @iltar
| | * | | Updating interface method per suggestion - makes sense to me, Request is ↵Ryan Weaver2015-09-203-9/+9
| | | | | | | | | | | | | | | | | | | | redundant
| | * | | Thanks fabbot!Ryan Weaver2015-09-208-49/+60
| | | | |
| | * | | Adding an edge case - this should not happen anywaysRyan Weaver2015-09-202-1/+9
| | | | |
| | * | | Properly handles "post auth" tokens that have become not authenticatedRyan Weaver2015-09-202-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Here is the flow: A) You login using guard and are given a PostAuthGuardToken B) Your user changes between requests - AbstractToken::setUser() and hasUserChanged() - which results in the Token becoming "not authenticated" C) Something calls out to the security system, which then passes the no-longer-authed token back into the AuthenticationProviderManager D) Because the PostauthGuardToken implements GuardTokenInterface, the provider responds to it. But, seeing that this is a no-longer-authed PostAuthGuardToken, it returns an AnonymousToken, which triggers logout
| | * | | Renaming the tokens to be clear they are "post" and "pre" auth - also adding ↵Ryan Weaver2015-09-208-30/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | an interface The reason is that the GuardAuthenticationProvider *must* respond to *all* tokens created by the system - both "pre auth" and "post auth" tokens. The reason is that if a "post auth" token becomes not authenticated (e.g. because the user changes between requests), then it may be passed to the provider system. If no providers respond (which was the case before this commit), then AuthenticationProviderManager throws an exception. The next commit will properly handle these "post auth" + "no-longer-authenticated" tokens, which should cause a log out.
| | * | | adding Guard testsRyan Weaver2015-09-201-0/+1
| | | | |
| | * | | Initial commit (but after some polished work) of the new Guard ↵Ryan Weaver2015-09-2010-0/+1124
| | | | | | | | | | | | | | | | | | | | authentication system
| | * | | Improving phpdoc on AuthenticationEntryPointInterface so people that ↵Ryan Weaver2015-09-201-3/+13
| | | | | | | | | | | | | | | | | | | | implement this understand it
| * | | | Updating AbstractVoter so that the method receives the TokenInterfaceRyan Weaver2015-09-242-4/+74
| |/ / /
* | | | Updated CHANGELOGIltar van der Berg2015-09-221-1/+1
| | | |
* | | | Merge branch '2.8'Tobias Schultze2015-09-092-2/+2
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: CHANGELOG-2.7.md UPGRADE-2.8.md src/Symfony/Bundle/FrameworkBundle/Resources/config/form_debug.xml src/Symfony/Component/Config/CHANGELOG.md src/Symfony/Component/DependencyInjection/Tests/ContainerTest.php src/Symfony/Component/HttpKernel/Kernel.php
| * | | Merge branch '2.7' into 2.8Tobias Schultze2015-09-092-2/+2
| |\ \ \ | | |/ / | | | | | | | | | | | | Conflicts: src/Symfony/Component/HttpKernel/Kernel.php
| | * | fix leftover changes from previous mergeTobias Schultze2015-09-091-1/+1
| | | |
| | * | fix class use and in phpdocEvgeniy Sokolov2015-09-091-1/+1
| | | |
| * | | [Security\Http] Fix depNicolas Grekas2015-09-071-1/+1
| | | |
| * | | [2.8] CleanupNicolas Grekas2015-09-061-2/+2
| | | |
* | | | Fix branch-alias for security componentNicolas Grekas2015-09-061-1/+1
| | | |
* | | | [Security] Remove deprecated interfacesNicolas Grekas2015-09-0318-525/+17
| | | |
* | | | fixed composer.jsonFabien Potencier2015-09-011-3/+0
| | | |
* | | | Merge branch '2.8'Fabien Potencier2015-08-315-11/+25
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: bumped minimal version in appveyor to 5.3.9 [VarDumper] Fix missing support for dumping PHP7 return type Require security-acl 2.7 for BC [travis] disable symfony_debug ext when deps!=no Require actual version of ACL component until ACL/2.8 branch released Do not normalize the kernel root directory path (see symfony/symfony#15474). Don't trigger deprecation on interfaces [Debug] Ignore silencing for deprecations [ci] Run minimal versions on appveyor only Deprecated Security ClassUtils in favor of Acl ClassUtils Fix appveyor file consistently use str_replace to unify directory separators (remaining)
| * | | Merge branch '2.7' into 2.8Fabien Potencier2015-08-311-2/+0
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [VarDumper] Fix missing support for dumping PHP7 return type [travis] disable symfony_debug ext when deps!=no Do not normalize the kernel root directory path (see symfony/symfony#15474). Don't trigger deprecation on interfaces [Debug] Ignore silencing for deprecations [ci] Run minimal versions on appveyor only Fix appveyor file consistently use str_replace to unify directory separators (remaining)
| | * | Don't trigger deprecation on interfacesv2.7.4Nicolas Grekas2015-08-301-2/+0
| | | |
| * | | Require security-acl 2.7 for BCPavel Batanov2015-08-311-3/+1
| | | |
| * | | Deprecated Security ClassUtils in favor of Acl ClassUtilsIltar van der Berg2015-08-273-2/+14
| | | |
* | | | Merge branch '2.8'Nicolas Grekas2015-08-272-1/+8
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: (21 commits) Fix merge Fix typo Various fixes esp. on Windows Fix the validation of form resources to register the default theme Fix the retrieval of the value with property path when using a loader [appveyor] minor enhancements [Process] Disable failing tests on Windows [Translation] Fix the string casting in the XliffFileLoader Windows and Intl fixes Add appveyor.yml for C.I. on Windows [VarDumper] fixed HtmlDumper to target specific the head tag [travis] merge php: nightly and deps=high test-matrix lines consistently use str_replace to unify directory separators Support omitting the <target> node in an .xlf file. Fix the handling of values for multiple choice types moved PHP nightly to PHP 7.0 fixed tests using deprecation features [Form] made deprecation notice more precise fixed CS Fix BC break after split of ACL from core ... Conflicts: .travis.yml composer.json src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php src/Symfony/Component/Locale/Tests/LocaleTest.php
| * | | Merge branch '2.7' into 2.8Nicolas Grekas2015-08-272-1/+8
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: Various fixes esp. on Windows Fix the validation of form resources to register the default theme Fix the retrieval of the value with property path when using a loader [appveyor] minor enhancements [Process] Disable failing tests on Windows [Translation] Fix the string casting in the XliffFileLoader Windows and Intl fixes Add appveyor.yml for C.I. on Windows [VarDumper] fixed HtmlDumper to target specific the head tag [travis] merge php: nightly and deps=high test-matrix lines consistently use str_replace to unify directory separators Support omitting the <target> node in an .xlf file. Fix the handling of values for multiple choice types moved PHP nightly to PHP 7.0 [Security] Add missing docblock in PreAuthenticatedToken Conflicts: .travis.yml
| | * | Merge branch '2.3' into 2.7Nicolas Grekas2015-08-262-1/+8
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Windows and Intl fixes Add appveyor.yml for C.I. on Windows [travis] merge php: nightly and deps=high test-matrix lines [Security] Add missing docblock in PreAuthenticatedToken Conflicts: .travis.yml src/Symfony/Component/Filesystem/Tests/FilesystemTest.php src/Symfony/Component/HttpFoundation/JsonResponse.php src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php
| | | * [Security] Add missing docblock in PreAuthenticatedTokenv2.3.33v2.3.32Titouan Galopin2015-08-072-1/+8
| | | |
* | | | Merge branch '2.8'Fabien Potencier2015-08-2420-18/+31
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: fixes CS fixed CS [DependencyInjection] Add missing file headers fixed typo made Symfony compatible with both Twig 1.x and 2.x [FrameworkBundle] Fix precedence of xdebug.file_link_format
| * | | Merge branch '2.7' into 2.8Fabien Potencier2015-08-2420-18/+31
| |\ \ \ | | |/ / | | | | | | | | | | | | * 2.7: fixes CS
generated by cgit v1.1 at 2025-06-05 22:00:12 +0000