summaryrefslogtreecommitdiffstats
path: root/Tests
Commit message (Collapse)AuthorAgeFilesLines
* bug #21136 [Security] use authenticated token for json authentication ↵HEADorigin/masterorigin/HEADmasterFabien Potencier2017-01-031-1/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (fbourigault) This PR was merged into the 3.3-dev branch. Discussion ---------- [Security] use authenticated token for json authentication | Q | A | ------------- | --- | Branch? | master | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #21123 | License | MIT | Doc PR | N/A When using `UsernamePasswordJsonAuthenticationListener` with [LexikJWTAuthenticationBundle](https://github.com/lexik/LexikJWTAuthenticationBundle), we get a type exception > Type error: Argument 1 passed to Lexik\Bundle\JWTAuthenticationBundle\Security\Http\Authentication\AuthenticationSuccessHandler::handleAuthenticationSuccess() must implement interface Symfony\Component\Security\Core\User\UserInterface, string given, called in .../vendor/lexik/jwt-authentication-bundle/Security/Http/Authentication/AuthenticationSuccessHandler.php on line 47 This error occurs because the `UsernamePasswordJsonAuthenticationListener` send to the authentication success handler the token which have the user as a string and not the authenticated one that have a UserInterface as user. Commits ------- 208c617716 use authenticated token for json authentication
| * use authenticated token for json authenticationFabien Bourigault2017-01-021-1/+4
| |
* | [Security] Typo fixKévin Dunglas2017-01-031-1/+1
|/
* fixed obsolete getMock() usageFabien Potencier2016-12-191-12/+12
|
* Merge branch '3.2'Fabien Potencier2016-12-191-7/+7
|\ | | | | | | | | | | | | | | | | | | | | | | * 3.2: fixed obsolete getMock() usage fixed obsolete getMock() usage fixed obsolete getMock() usage fixed obsolete getMock() usage [WebProfilerBundle] Display multiple HTTP headers in WDT do not remove the Twig ExceptionController service removed obsolete condition do not try to register incomplete definitions
| * fixed obsolete getMock() usageFabien Potencier2016-12-191-7/+7
| |
* | [Security] Add a JSON authentication listenerKévin Dunglas2016-12-031-0/+145
|/
* Merge branch '2.8' into 3.0Fabien Potencier2016-05-091-0/+78
|\ | | | | | | | | * 2.8: limited the maximum length of a submitted username
| * Merge branch '2.3' into 2.7v2.7.13Fabien Potencier2016-05-091-0/+78
| |\ | | | | | | | | | | | | * 2.3: limited the maximum length of a submitted username
| | * limited the maximum length of a submitted usernamev2.3.42v2.3.41origin/2.3Fabien Potencier2016-05-091-0/+78
| | |
| | * remove unused variablev2.3.40Christian Flothmann2016-04-051-1/+0
| | |
| | * [Security] Fixed SwitchUserListener when exiting an impersonication with ↵Grégoire Pineau2016-04-041-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | AnonymousToken If you configure a firewall with switch user with `role: IS_AUTHENTICATED_ANONYMOUSLY` it's impossible to exit the impersonation because the next line `$this->provider->refreshUser($original->getUser())` will fail. It fails because `RefreshUser` expects an instance of `UserInterface` and here it's a string. Therefore, it does not make sense to refresh an Anonymous Token, right ?
| | * fix mocksChristian Flothmann2016-03-252-12/+16
| | | | | | | | | | | | | | | * fix a typo in a method name (`setResponse` instead of `seetResopnse`) * fix mocking a method that is not part of the `DomainObjectInterface`
* | | fixed testsv3.0.3Fabien Potencier2016-02-261-31/+0
| | |
* | | Merge branch '2.8' into 3.0Fabien Potencier2016-02-261-0/+31
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * 2.8: [2.8] [Form] minor fix some tests with placeholder in AbstractLayout [DependencyInjection] fix tests Validate XLIFF translation files [DependencyInjection] replace alias in factories replace alias in factory services
| * | Merge branch '2.3' into 2.7Fabien Potencier2016-02-231-0/+31
| |\ \ | | |/ | | | | | | | | | | | | * 2.3: Validate XLIFF translation files replace alias in factory services
| | * Validate XLIFF translation filesv2.3.38Javier Eguiluz2016-02-231-0/+31
| | |
| | * PhpUnitNoDedicateAssertFixer resultsSpacePossum2016-02-211-1/+1
| | |
| | * [appveyor] Fix failure reportingNicolas Grekas2016-02-011-0/+9
| | |
| | * minor #17480 Static code analysis (Koc)Fabien Potencier2016-01-272-3/+2
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- Static code analysis | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Things that done: * fix case in method calls * removed unused imports * use shorter concat where it possible * optimize some css * removed duplicated array keys * removed redurant return statements * removed one-time variables * do not pass arguments that not used in functions Commits ------- 8db691a Static code analysis
| | | * Static code analysisKonstantin.Myakshin2016-01-252-3/+2
| | | |
| | * | Fixer findings.Possum2016-01-221-0/+4
| | |/
| | * removed obsolete tests, fixed composer.jsonv2.3.37Fabien Potencier2016-01-141-201/+0
| | |
| | * use requires annotationv2.3.36Christian Flothmann2015-12-221-13/+9
| | |
| | * skip bcrypt tests on incompatible platformsChristian Flothmann2015-12-191-0/+13
| | | | | | | | | | | | | | | | | | Not all PHP versions before 5.3.7 have backported fixes that make it possible to use `password_hash()` function. Therefore, we have to skip tests on not supported platforms.
| | * [Security] Enable bcrypt validation and result length tests on all PHP versionsJakub Zalas2015-12-171-6/+0
| | |
| | * [Security] Verify if a password encoded with bcrypt is no longer than 72 ↵Jakub Zalas2015-12-171-2/+4
| | | | | | | | | | | | characters
| | * migrate session after remember me authenticationChristian Flothmann2015-11-231-0/+63
| | |
| | * removed all @covers annotationsFabien Potencier2015-11-012-49/+0
| | |
| | * [Routing] use constants in testsv2.3.34Tobias Schultze2015-10-181-1/+2
| | |
| | * [ci] Fix tests requirementsNicolas Grekas2015-10-123-19/+12
| | |
| | * minor #16145 [FrameworkBundle] Fix deps=low/high tests (nicolas-grekas)Fabien Potencier2015-10-061-0/+5
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [FrameworkBundle] Fix deps=low/high tests | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- 26ca3dc [FrameworkBundle] Fix deps=low/high tests
| | | * [FrameworkBundle] Fix deps=low/high testsNicolas Grekas2015-10-061-0/+5
| | | |
| | * | [2.3][SECURITY] Add remember me cookie configurationKlaas Cuvelier2015-10-063-24/+0
| | |/
| | * [Security\Core] Fix test failure after sebastianbergmann/phpunit#1821Nicolas Grekas2015-10-061-1/+1
| | |
| | * bug #14842 [Security][bugfix] "Remember me" cookie cleared on logout with ↵Fabien Potencier2015-10-053-5/+49
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | custom "secure"/"httponly" config options [1] (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14842). Discussion ---------- [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1] | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14822 | License | MIT | Doc PR | ~ * test now always pass "secure" and "httponly" options, as they are required * could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required * I can squash the commits before merging * Alternative solution: #14843 Commits ------- 18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| | | * [Security][bugfix] "Remember me" cookie cleared on logout with custom ↵Dawid Nowak2015-10-053-5/+49
| | | | | | | | | | | | | | | | "secure"/"httponly" config options [1]
| | * | [Security] InMemoryUserProvider now concerns whether user's password is ↵Issei.M2015-08-101-6/+27
| | | | | | | | | | | | | | | | changed when refreshing
| | * | trigger event with right user (add test)v2.3.31Christian Flothmann2015-06-281-0/+52
| | | |
| | * | Standardize the name of the exception variablesJavier Eguiluz2015-06-154-9/+9
| | |/
| | * minor #14474 [2.3] Static Code Analysis for Components (kalessil)Fabien Potencier2015-06-011-1/+1
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [2.3] Static Code Analysis for Components | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Static Code Analysis with Php Inspections (EA Extended), no functional changes: - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString - resolved callable name case mismatches Commits ------- 9eb2b14 Php Inspections (EA Extended): - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches
| | | * Php Inspections (EA Extended): - resolved possible PHP Fatal in ↵Vladimir Reznichenko2015-05-291-1/+1
| | | | | | | | | | | | | | | | \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches
| | * | [Security][Acl] enforce string identifiersChristian Flothmann2015-05-311-1/+23
| | |/
| | * minor #14670 [Security] TokenBasedRememberMeServices test to show why ↵v2.3.30v2.3.29Fabien Potencier2015-05-211-3/+16
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | encoding username is required (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14670). Discussion ---------- [Security] TokenBasedRememberMeServices test to show why encoding username is required | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14577 | License | MIT | Doc PR | no 241538d shows that it's not actually tested, 257b796 reimplements it with test. I can remove the POC commit if it's not needed. Commits ------- 63a9736 [Security] TokenBasedRememberMeServices test to show why encoding username is required
| | | * [Security] TokenBasedRememberMeServices test to show why encoding username ↵Dawid Nowak2015-05-211-3/+16
| | | | | | | | | | | | | | | | is required
| | * | [Security] AbstractRememberMeServices::encodeCookie() validates cookie partsDawid Nowak2015-05-211-0/+34
| | |/
| | * minor #14121 CS: Pre incrementation/decrementation should be used if ↵Fabien Potencier2015-05-156-17/+17
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | possible (gharlan) This PR was merged into the 2.3 branch. Discussion ---------- CS: Pre incrementation/decrementation should be used if possible | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Fixes provided by new fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1113 If this pr is merged I would change the level of the fixer to `symfony`. Commits ------- c5123d6 CS: Pre incrementation/decrementation should be used if possible
| | | * CS: Pre incrementation/decrementation should be used if possibleGregor Harlan2015-04-076-17/+17
| | | |
| | * | Fix tests in HHVMDiego Saint Esteben2015-05-111-1/+1
| | |/
| | * minor #14089 CS: Binary operators should be arounded by at least one space ↵Fabien Potencier2015-03-303-12/+12
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (keradus) This PR was merged into the 2.3 branch. Discussion ---------- CS: Binary operators should be arounded by at least one space | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | ? | Fixed tickets | N/A | License | MIT | Doc PR | N/A Update before upcoming changes on PHP CS Fixer 1.7 To keep fabbot.io happy ;) Commits ------- ec2cec6 CS: Binary operators should be arounded by at least one space
| | | * CS: Binary operators should be arounded by at least one spaceDariusz Ruminski2015-03-273-12/+12
| | | |
| | * | remove useless tests that fail in php 7Tobias Schultze2015-03-271-17/+0
| | |/
| | * CS: Convert double quotes to single quotesDariusz Ruminski2015-03-213-7/+7
| | |
| | * minor #13862 [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] ↵Fabien Potencier2015-03-073-11/+11
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup (kalessil) This PR was squashed before being merged into the 2.3 branch (closes #13862). Discussion ---------- [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Split <a href="https://github.com/symfony/symfony/pull/13813">PR 13813</a>: part 1 - targeting v2.3 Following is included (no functional changes, found with <a href="https://plugins.jetbrains.com/plugin/7622?pr=phpStorm">Php Inspections (EA Extended)</a>): - Fixed couple of concatenation as array index warnings - Unset calls can be merged inspection fixes - array_search in in_array context inspection fixes - Is null usage inspection fixes - Prefixed increment/decrement inspection fixes - Elvis operator can be used inspection fixes - Alias functions usage inspection fixes - Ternary operator simplification inspection fixes - _ _ DIR _ _ equivalent inspection fixes Commits ------- f13b5f7 [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup
| | | * [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] ↵Vladimir Reznichenko2015-03-073-11/+11
| | | | | | | | | | | | | | | | [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup
| | * | CS fixesDariusz Ruminski2015-03-022-10/+10
| | |/
| | * [Security] Remove ContextListener's onKernelResponse listener as it is usedDave Marshall2015-02-051-3/+33
| | |
| | * [Security] Don't destroy the session on buggy php releases.v2.3.24Alexander M. Turek2015-01-071-0/+17
| | |
| | * minor #13206 [2.3] Cleanup deprecations (nicolas-grekas)Fabien Potencier2015-01-0336-322/+0
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [2.3] Cleanup deprecations | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | let's see | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- d649bef [2.3] Remove useless tests skips 1d68ad3 [2.3] Cleanup deprecations
| | | * [2.3] Remove useless tests skipsNicolas Grekas2015-01-0336-322/+0
| | | |
| | * | adapted previous commit for 2.3Fabien Potencier2015-01-031-1/+0
| | | |
| | * | [Security] Don't send remember cookie for sub requestblanchonvincent2015-01-031-2/+20
| | |/
| | * Fix phpdoc and coding standardsChristophe Coevoet2014-12-295-6/+0
| | | | | | | | | | | | | | | | | | This removes the unused use statements which were not catched by PHP-CS-Fixer because of string occurences. It also fixes some invalid phpdoc (scalar is not recognized as a valid type for instance).
| | * [2.3] CS And DocBlock FixesGraham Campbell2014-12-223-6/+8
| | |
| | * [Security] Delete old session on auth strategy migrateAlexander Schwenn2014-12-201-1/+1
| | |
| | * CS fixesGraham Campbell2014-12-035-6/+0
| | |
| | * PSR-2 fixesv2.3.23Graham Campbell2014-12-024-12/+12
| | |
| | * Docblock fixesGraham Campbell2014-11-301-0/+1
| | |
| | * compare version using PHP_VERSION_IDChristian Flothmann2014-11-171-1/+1
| | | | | | | | | | | | | | | | | | To let opcode caches optimize cached code, the `PHP_VERSION_ID` constant is used to detect the current PHP version instead of calling `version_compare()` with `PHP_VERSION`.
* | | Fix merge, removing legacy TranslationSyncStatusTestNicolas Grekas2015-10-071-63/+0
|/ /
* | [Security] sync translations and add a test for itChristian Flothmann2015-10-061-0/+63
| |
* | Fixing test locationsRyan Weaver2015-09-232-121/+0
| |
* | fixes CSFabien Potencier2015-08-242-2/+2
| |
* | [PhpUnitBridge] Enforce @-silencing of deprecation notices according to new ↵Nicolas Grekas2015-06-181-2/+0
| | | | | | | | policy
* | [2.6] add @group legacyv2.6.5Nicolas Grekas2015-03-131-0/+3
| |
* | Changed visibility of setUp() and tearDown to protectedsarah khalil2015-03-131-1/+1
| |
* | Merge branch '2.5' into 2.6Fabien Potencier2015-01-084-437/+0
|\ \ | | | | | | | | | | | | * 2.5: [Security] moved test files into the right place
| * | [Security] moved test files into the right placeFabien Potencier2015-01-084-437/+0
| | |
* | | [2.6] fix deprecation silencing...Nicolas Grekas2015-01-051-1/+1
| | |
* | | [2.6] cleanup deprecated usesNicolas Grekas2015-01-051-3/+3
| | |
* | | Merge branch '2.5'Fabien Potencier2014-10-261-2/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.5: Remove aligned '=>' and '=' Break infinite loop while resolving aliases [Security][listener] change priority of switchuser Improved the phpdoc for security token classes bumped Symfony version to 2.5.7 updated VERSION for 2.5.6 updated CHANGELOG for 2.5.6 bumped Symfony version to 2.3.22 updated VERSION for 2.3.21 update CONTRIBUTORS for 2.3.21 updated CHANGELOG for 2.3.21 Conflicts: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php src/Symfony/Component/Debug/ErrorHandler.php src/Symfony/Component/Debug/ExceptionHandler.php src/Symfony/Component/Form/Extension/Core/Type/BaseType.php src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php src/Symfony/Component/Form/Extension/Core/Type/DateTimeType.php src/Symfony/Component/Form/Extension/Core/Type/DateType.php src/Symfony/Component/Form/Extension/Core/Type/TimeType.php src/Symfony/Component/Form/Extension/Validator/Type/FormTypeValidatorExtension.php src/Symfony/Component/HttpFoundation/Request.php src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php src/Symfony/Component/HttpFoundation/Session/Storage/Handler/PdoSessionHandler.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/Security/Core/SecurityContextInterface.php src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php src/Symfony/Component/Serializer/Serializer.php src/Symfony/Component/Validator/Constraints/File.php
| * | Merge branch '2.3' into 2.5Fabien Potencier2014-10-261-2/+2
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Remove aligned '=>' and '=' Break infinite loop while resolving aliases [Security][listener] change priority of switchuser Improved the phpdoc for security token classes bumped Symfony version to 2.3.22 updated VERSION for 2.3.21 update CONTRIBUTORS for 2.3.21 updated CHANGELOG for 2.3.21 Conflicts: src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php src/Symfony/Bridge/Propel1/Form/Type/ModelType.php src/Symfony/Bridge/Propel1/Logger/PropelLogger.php src/Symfony/Bridge/Propel1/Tests/Fixtures/ItemQuery.php src/Symfony/Bundle/FrameworkBundle/Command/RouterDebugCommand.php src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php src/Symfony/Bundle/FrameworkBundle/Translation/Translator.php src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LocalizedController.php src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php src/Symfony/Component/Console/Descriptor/JsonDescriptor.php src/Symfony/Component/Console/Formatter/OutputFormatterStyle.php src/Symfony/Component/Console/Helper/ProgressHelper.php src/Symfony/Component/Debug/ErrorHandler.php src/Symfony/Component/DependencyInjection/Container.php src/Symfony/Component/Finder/Shell/Command.php src/Symfony/Component/Form/Extension/Core/DataTransformer/NumberToLocalizedStringTransformer.php src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php src/Symfony/Component/Form/Extension/Core/Type/FormType.php src/Symfony/Component/Form/Extension/Core/Type/IntegerType.php src/Symfony/Component/Form/Extension/Core/Type/NumberType.php src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php src/Symfony/Component/HttpFoundation/File/UploadedFile.php src/Symfony/Component/HttpKernel/DataCollector/LoggerDataCollector.php src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/HttpKernel/Tests/EventListener/TestSessionListenerTest.php src/Symfony/Component/HttpKernel/Tests/HttpCache/TestMultipleHttpKernel.php src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php src/Symfony/Component/Routing/Loader/AnnotationClassLoader.php src/Symfony/Component/Routing/Route.php src/Symfony/Component/Routing/Tests/Loader/AnnotationClassLoaderTest.php src/Symfony/Component/Security/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php src/Symfony/Component/Templating/PhpEngine.php src/Symfony/Component/Validator/Constraints/ImageValidator.php src/Symfony/Component/Validator/Constraints/TypeValidator.php
| | * Remove aligned '=>' and '='Disquedur2014-10-266-11/+11
| | |
| | * bug #10242 Missing checkPreAuth from RememberMeAuthenticationProviderv2.3.20Mathieu Morlon2014-09-241-12/+8
| | |
| | * fixed CSFabien Potencier2014-09-2222-75/+88
| | |
| | * [Security] Added more testsMarc Torres2014-09-151-0/+42
| | |
| | * [Security] Add more tests for StringUtils::equalsKévin Dunglas2014-09-041-3/+41
| | |
| | * [Security] Add check for supported attributes in AclVoterv2.3.16v2.3.15v2.3.14Arturs Vonda2014-05-081-2/+29
| | |
| | * Fixed incompatibility of x509 auth with nginxalcaeus2014-04-221-18/+33
| | |
| | * [Security] Replace exception mocks with actual exception instances.v2.3.12Jakub Zalas2014-04-015-13/+17
| | | | | | | | | | | | | | | | | | It is done for two reasons: * consistency - we use real exception objects in most of the code * latest phpunit does not like the way we were creating mocks for exceptions (it could be also fixed by letting phpunit to call the original constructor)
| | * fixed various inconsistenciesv2.3.10Fabien Potencier2014-02-118-48/+48
| | |
* | | [DX] Moved constants to a final classIltar van der Berg2014-09-291-0/+30
| | |
* | | [Security] add an AbstractVoter implementationRoman Marintšenko2014-09-231-0/+90
|/ /
* | Merge branch '2.3' into 2.4Fabien Potencier2013-12-313-0/+253
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [Security] fixed pre/post authentication checks Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term. Fixed CSS [HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class addressed == -> === suggestion Fixed #9020 - Added support for collections in service#parameters fixes PSR-0 issues in tests adjusted behavior to always copy override on url files Skips test that need full lib-intl. Conflicts: src/Symfony/Component/Security/Acl/Tests/Permission/MaskBuilderTest.php src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememerMeTokenTest.php src/Symfony/Component/Security/Core/Tests/User/AccountCheckerTest.php src/Symfony/Component/Security/Core/Tests/User/InMemoryProviderTest.php src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememberMeTokenTest.php src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememerMeTokenTest.php src/Symfony/Component/Security/Tests/Core/User/AccountCheckerTest.php src/Symfony/Component/Security/Tests/Core/User/InMemoryProviderTest.php src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php src/Symfony/Component/Security/Tests/Core/User/UserCheckerTest.php
| * [Security] fixed pre/post authentication checksFabien Potencier2013-12-311-16/+16
| |
| * fixes PSR-0 issues in testsFabien Potencier2013-12-307-4/+4
| |
| * bug #8997 [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. ↵Fabien Potencier2013-12-291-1/+43
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (pawaclawczyk) This PR was squashed before being merged into the 2.3 branch (closes #8997). Discussion ---------- [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. <table> <tr> <td><b>Q</b></td> <td><b>A</b></td> </tr> <tr> <td>Bug fix?</td> <td>yes</td> </tr> <tr> <td>New feature</td> <td>no</td> </tr> <tr> <td>BC breaks?</td> <td>no</td> </tr> <tr> <td>Deprecations?</td> <td>no</td> </tr> <tr> <td>Tests pass?</td> <td>yes</td> </tr> <tr> <td>Fixed tickets</td> <td>#3085, #8974</td> </tr> <tr> <td>License</td> <td>MIT</td> </tr> <tr> <td>Doc PR</td> <td>n/a</td> </tr> </table> Problem occurs while user is impersonated. Authentication process generates new token and doeas not preserve role ```ROLE_PREVIOUS_ADMIN```. Ex. when parameter ```security.always_authenticate_before_granting``` is enabled. Commits ------- a7baa3b [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
| | * [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.Paweł Wacławczyk2013-12-291-1/+43
| | |
| * | [Security] removed obsolete commentFabien Potencier2013-12-291-1/+0
| | |
* | | [Security] simplified some unit testsFabien Potencier2013-12-291-7/+1
| | |
generated by cgit v1.1 at 2025-05-12 13:33:37 +0000