Skip to content

Commit

Permalink
Merge branch '3.4' into 4.4
Browse files Browse the repository at this point in the history 
* 3.4:
  Replace deprecated ObjectManager
  [Security] renamed memory provider
  [Security] Various minor fixes in XML config
  • Loading branch information
@HeahDude
HeahDude committed Feb 16, 2020
1 parent 2126435 commit 2ac7b57
Show file tree
Hide file tree
Showing 15 changed files with 77 additions and 73 deletions.
8 changes: 4 additions & 4 deletions doctrine.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -522,8 +522,8 @@ be able to go to ``/product/1`` to see your new product::
// in the template, print things with {{ product.name }}
// return $this->render('product/show.html.twig', ['product' => $product]);
}
Another possibility is to use the ``ProductRepository`` using Symfony's autowiring

Another possibility is to use the ``ProductRepository`` using Symfony's autowiring
and injected by the dependency injection container::

// src/Controller/ProductController.php
Expand All @@ -537,7 +537,7 @@ and injected by the dependency injection container::
{
$product = $productRepository
->find($id);

// ...
}

Expand Down Expand Up @@ -691,7 +691,7 @@ But what if you need a more complex query? When you generated your entity with

use App\Entity\Product;
use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
use Doctrine\Common\Persistence\ManagerRegistry;
use Doctrine\Persistence\ManagerRegistry;

class ProductRepository extends ServiceEntityRepository
{
Expand Down
6 changes: 3 additions & 3 deletions doctrine/events.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ do so, define a listener for the ``postPersist`` Doctrine event::
namespace App\EventListener;

use App\Entity\Product;
use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
use Doctrine\Persistence\Event\LifecycleEventArgs;

class SearchIndexer
{
Expand Down Expand Up @@ -233,7 +233,7 @@ define a listener for the ``postUpdate`` Doctrine event::
namespace App\EventListener;

use App\Entity\User;
use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
use Doctrine\Persistence\Event\LifecycleEventArgs;

class UserChangedNotifier
{
Expand Down Expand Up @@ -348,8 +348,8 @@ want to log all the database activity. To do so, define a subscriber for the

use App\Entity\Product;
use Doctrine\Common\EventSubscriber;
use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
use Doctrine\ORM\Events;
use Doctrine\Persistence\Event\LifecycleEventArgs;

class DatabaseActivitySubscriber implements EventSubscriber
{
Expand Down
9 changes: 4 additions & 5 deletions form/data_transformers.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ How to Use Data Transformers
Data transformers are used to translate the data for a field into a format that can
be displayed in a form (and back on submit). They're already used internally for
many field types. For example, the :doc:`DateType </reference/forms/types/date>` field
can be rendered as a ``yyyy-MM-dd``-formatted input textbox. Internally, a data transformer
can be rendered as a ``yyyy-MM-dd``-formatted input text box. Internally, a data transformer
converts the starting ``DateTime`` value of the field into the ``yyyy-MM-dd`` string
to render the form, and then back into a ``DateTime`` object on submit.

Expand Down Expand Up @@ -56,7 +56,7 @@ Suppose you have a Task form with a tags ``text`` type::
}

Internally the ``tags`` are stored as an array, but displayed to the user as a
comma separated string to make them easier to edit.
simple comma separated string to make them easier to edit.

This is a *perfect* time to attach a custom data transformer to the ``tags``
field. The easiest way to do this is with the :class:`Symfony\\Component\\Form\\CallbackTransformer`
Expand Down Expand Up @@ -119,9 +119,9 @@ Harder Example: Transforming an Issue Number into an Issue Entity
-----------------------------------------------------------------

Say you have a many-to-one relation from the Task entity to an Issue entity (i.e. each
Task has an optional foreign key to its related Issue). Adding a listbox with all
Task has an optional foreign key to its related Issue). Adding a list box with all
possible issues could eventually get *really* long and take a long time to load.
Instead, you decide you want to add a textbox, where the user can enter the
Instead, you decide you want to add a text box, where the user can enter the
issue number.

Start by setting up the text field like normal::
Expand Down Expand Up @@ -380,7 +380,6 @@ First, create the custom field type class::
namespace App\Form;

use App\Form\DataTransformer\IssueToNumberTransformer;
use Doctrine\Common\Persistence\ObjectManager;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\FormBuilderInterface;
Expand Down
2 changes: 1 addition & 1 deletion form/unit_testing.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ make sure the ``FormRegistry`` uses the created instance::
namespace App\Tests\Form\Type;

use App\Form\Type\TestedType;
use Doctrine\Common\Persistence\ObjectManager;
use Doctrine\Persistence\ObjectManager;
use Symfony\Component\Form\PreloadedExtension;
use Symfony\Component\Form\Test\TypeTestCase;
// ...
Expand Down
2 changes: 1 addition & 1 deletion reference/forms/types/entity.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ or the short alias name (as shown prior).
``em``
~~~~~~

**type**: ``string`` | ``Doctrine\Common\Persistence\ObjectManager`` **default**: the default entity manager
**type**: ``string`` | ``Doctrine\Persistence\ObjectManager`` **default**: the default entity manager

If specified, this entity manager will be used to load the choices
instead of the ``default`` entity manager.
Expand Down
12 changes: 7 additions & 5 deletions security.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,11 +153,13 @@ command will pre-configure this for you:
.. code-block:: php
// config/packages/security.php
use App\Entity\User;
$container->loadFromExtension('security', [
// ...
'encoders' => [
'App\Entity\User' => [
User::class => [
'algorithm' => 'auto',
'cost' => 12,
]
Expand Down Expand Up @@ -257,7 +259,7 @@ important section is ``firewalls``:
security="false"/>
<firewall name="main">
<anonymous/>
<anonymous lazy="true"/>
</firewall>
</config>
</srv:container>
Expand All @@ -268,11 +270,11 @@ important section is ``firewalls``:
$container->loadFromExtension('security', [
'firewalls' => [
'dev' => [
'pattern' => '^/(_(profiler|wdt)|css|images|js)/',
'security' => false,
'pattern' => '^/(_(profiler|wdt)|css|images|js)/',
'security' => false,
),
'main' => [
'anonymous' => null,
'anonymous' => 'lazy',
],
],
]);
Expand Down
4 changes: 2 additions & 2 deletions security/custom_authentication_provider.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ the value returned for the expected WSSE information, creates a token using
that information, and passes the token on to the authentication manager. If
the proper information is not provided, or the authentication manager throws
an :class:`Symfony\\Component\\Security\\Core\\Exception\\AuthenticationException`,
a 403 Response is returned.
a 401 Response is returned.

.. note::

Expand All @@ -184,7 +184,7 @@ a 403 Response is returned.

Returning prematurely from the listener is relevant only if you want to chain
authentication providers (for example to allow anonymous users). If you want
to forbid access to anonymous users and have a nice 403 error, you should set
to forbid access to anonymous users and have a 404 error, you should set
the status code of the response before returning.

The Authentication Provider
Expand Down
8 changes: 5 additions & 3 deletions security/force_https.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,14 +41,16 @@ access control:
<config>
<!-- ... -->
<rule path="^/secure" role="ROLE_ADMIN" requires_channel="https"/>
<rule path="^/secure"
role="ROLE_ADMIN"
requires-channel="https"/>
<rule path="^/login"
role="IS_AUTHENTICATED_ANONYMOUSLY"
requires_channel="https"
requires-channel="https"
/>
<rule path="^/"
role="IS_AUTHENTICATED_ANONYMOUSLY"
requires_channel="https"
requires-channel="https"
/>
</config>
</srv:container>
Expand Down
27 changes: 14 additions & 13 deletions security/guard_authentication.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,22 +100,20 @@ This requires you to implement several methods::
*/
public function getCredentials(Request $request)
{
return [
'token' => $request->headers->get('X-AUTH-TOKEN'),
];
return $request->headers->get('X-AUTH-TOKEN');
}

public function getUser($credentials, UserProviderInterface $userProvider)
{
$apiToken = $credentials['token'];

if (null === $apiToken) {
if (null === $credentials) {
// The token header was empty, authentication fails with 401
return;
}

// if a User object, checkCredentials() is called
// if a User is returned, checkCredentials() is called
return $this->em->getRepository(User::class)
->findOneBy(['apiToken' => $apiToken]);
->findOneBy(['apiToken' => $credentials])
;
}

public function checkCredentials($credentials, UserInterface $user)
Expand All @@ -136,13 +134,14 @@ This requires you to implement several methods::
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
$data = [
// you may ant to customize or obfuscate the message first
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

// or to translate this message
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
];

return new JsonResponse($data, Response::HTTP_FORBIDDEN);
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}

/**
Expand Down Expand Up @@ -211,10 +210,10 @@ Finally, configure your ``firewalls`` key in ``security.yaml`` to use this authe
<config>
<!-- ... -->
<firewall name="main"
pattern="^/"
anonymous="true"
>
<!-- if you want, disable storing the user in the session
add 'stateless="true"' to the firewall -->
<firewall name="main" pattern="^/">
<anonymous/>
<logout/>
<guard>
Expand Down Expand Up @@ -244,6 +243,8 @@ Finally, configure your ``firewalls`` key in ``security.yaml`` to use this authe
TokenAuthenticator::class,
],
],
// if you want, disable storing the user in the session
// 'stateless' => true,
// ...
],
],
Expand Down
4 changes: 2 additions & 2 deletions security/json_login_setup.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,8 +183,8 @@ The security configuration should be:
<firewall name="main">
<anonymous/>
<json-login check-path="login"
username-path="security.credentials.login"
password-path="security.credentials.password"/>
username-path="security.credentials.login"
password-path="security.credentials.password"/>
</firewall>
</config>
</srv:container>
Expand Down
45 changes: 22 additions & 23 deletions security/ldap.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,14 +169,12 @@ use the ``ldap`` user provider.
<config>
<provider name="my_ldap">
<ldap
service="Symfony\Component\Ldap\Ldap"
base-dn="dc=example,dc=com"
search-dn="cn=read-only-admin,dc=example,dc=com"
search-password="password"
default-roles="ROLE_USER"
uid-key="uid"
/>
<ldap service="Symfony\Component\Ldap\Ldap"
base-dn="dc=example,dc=com"
search-dn="cn=read-only-admin,dc=example,dc=com"
search-password="password"
default-roles="ROLE_USER"
uid-key="uid"/>
</provider>
</config>
</srv:container>
Expand Down Expand Up @@ -395,9 +393,8 @@ Configuration example for form login
<config>
<firewall name="main">
<form-login-ldap
service="Symfony\Component\Ldap\Ldap"
dn-string="uid={username},dc=example,dc=com"/>
<form-login-ldap service="Symfony\Component\Ldap\Ldap"
dn-string="uid={username},dc=example,dc=com"/>
</firewall>
</config>
</srv:container>
Expand Down Expand Up @@ -432,9 +429,8 @@ Configuration example for HTTP Basic
firewalls:
main:
# ...
stateless: true
http_basic_ldap:
# ...
service: Symfony\Component\Ldap\Ldap
dn_string: 'uid={username},dc=example,dc=com'
Expand All @@ -449,8 +445,11 @@ Configuration example for HTTP Basic
https://symfony.com/schema/dic/services/services-1.0.xsd">
<config>
<!-- ... -->
<firewall name="main" stateless="true">
<http-basic-ldap service="Symfony\Component\Ldap\Ldap" dn-string="uid={username},dc=example,dc=com"/>
<http-basic-ldap service="Symfony\Component\Ldap\Ldap"
dn-string="uid={username},dc=example,dc=com"/>
</firewall>
</config>
</srv:container>
Expand All @@ -461,12 +460,13 @@ Configuration example for HTTP Basic
use Symfony\Component\Ldap\Ldap;
$container->loadFromExtension('security', [
// ...
'firewalls' => [
'main' => [
'http_basic_ldap' => [
'service' => Ldap::class,
'dn_string' => 'uid={username},dc=example,dc=com',
// ...
],
'stateless' => true,
],
Expand All @@ -488,7 +488,6 @@ Configuration example for form login and query_string
main:
# ...
form_login_ldap:
# ...
service: Symfony\Component\Ldap\Ldap
dn_string: 'dc=example,dc=com'
query_string: '(&(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))'
Expand All @@ -507,12 +506,12 @@ Configuration example for form login and query_string
<config>
<firewall name="main">
<form-login-ldap
service="Symfony\Component\Ldap\Ldap"
dn-string="dc=example,dc=com"
query-string="(&amp;(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))"
search-dn="..."
search-password="the-raw-password"/>
<!-- ... -->
<form-login-ldap service="Symfony\Component\Ldap\Ldap"
dn-string="dc=example,dc=com"
query-string="(&amp;(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))"
search-dn="..."
search-password="the-raw-password"/>
</firewall>
</config>
</srv:container>
Expand All @@ -525,13 +524,13 @@ Configuration example for form login and query_string
$container->loadFromExtension('security', [
'firewalls' => [
'main' => [
// ...
'form_login_ldap' => [
'service' => Ldap::class,
'dn_string' => 'dc=example,dc=com',
'query_string' => '(&(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))',
'search_dn' => '...',
'search_password' => 'the-raw-password',
// ...
],
],
]
Expand Down
Loading

0 comments on commit 2ac7b57

Please sign in to comment.