2011-08-26 16:45:40 +01:00
|
|
|
CHANGELOG for 2.1.x
|
|
|
|
===================
|
|
|
|
|
|
|
|
This changelog references the relevant changes (bug and security fixes) done
|
|
|
|
in 2.1 minor versions.
|
|
|
|
|
|
|
|
To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash
|
|
|
|
To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.1.0...v2.1.1
|
|
|
|
|
2011-08-29 14:31:57 +01:00
|
|
|
2.1.0
|
|
|
|
-----
|
2011-08-26 16:45:40 +01:00
|
|
|
|
2011-10-07 13:12:01 +01:00
|
|
|
### DoctrineBrige
|
|
|
|
|
2011-10-15 02:39:16 +01:00
|
|
|
* added a default implementation of the ManagerRegistry
|
|
|
|
* added a session storage for Doctrine DBAL
|
2011-10-07 13:12:01 +01:00
|
|
|
|
2011-11-08 18:00:05 +00:00
|
|
|
### AbstractDoctrineBundle
|
2011-11-01 14:25:47 +00:00
|
|
|
|
|
|
|
* This bundle has been removed and the relevant code has been moved to the Doctrine bridge
|
|
|
|
|
2011-09-22 07:04:24 +01:00
|
|
|
### DoctrineBundle
|
|
|
|
|
2011-11-01 14:25:47 +00:00
|
|
|
* added optional `group_by` property to `EntityType` that supports either a `PropertyPath` or a `\Closure` that is evaluated on the entity choices
|
2011-09-22 07:04:24 +01:00
|
|
|
* The `em` option for the `UniqueEntity` constraint is now optional (and should probably not be used anymore).
|
|
|
|
|
2011-09-14 08:06:29 +01:00
|
|
|
### FrameworkBundle
|
|
|
|
|
2011-10-24 08:11:18 +01:00
|
|
|
* added a router:match command
|
2011-09-30 05:58:54 +01:00
|
|
|
* added kernel.event_subscriber tag
|
2011-09-28 16:40:20 +01:00
|
|
|
* added a way to create relative symlinks when running assets:install command (--relative option)
|
2011-09-28 08:17:08 +01:00
|
|
|
* added Controller::getUser()
|
2011-09-19 17:03:40 +01:00
|
|
|
* [BC BREAK] assets_base_urls and base_urls merging strategy has changed
|
2011-09-16 17:49:11 +01:00
|
|
|
* changed the default profiler storage to use the filesystem instead of SQLite
|
2011-09-14 08:19:55 +01:00
|
|
|
* added support for placeholders in route defaults and requirements (replaced by the value set in the service container)
|
2011-09-14 08:06:29 +01:00
|
|
|
|
2011-09-22 08:44:58 +01:00
|
|
|
### SecurityBundle
|
|
|
|
|
2011-11-22 08:26:42 +00:00
|
|
|
* [BC BREAK] The custom factories for the firewall configuration are now
|
|
|
|
registered during the build method of bundles instead of being registered
|
|
|
|
by the end-user (you need to remove the 'factories' keys in your security
|
|
|
|
configuration).
|
2011-11-17 19:16:17 +00:00
|
|
|
|
2011-11-22 08:26:42 +00:00
|
|
|
* [BC BREAK] The Firewall listener is now registered after the Router one. It
|
|
|
|
means that specific Firewall URLs (like /login_check and /logout must now
|
|
|
|
have proper route defined in your routing configuration)
|
merged branch stof/security_providers (PR #2454)
Commits
-------
d2195cc Fixed phpdoc and updated the changelog
9e41ff4 [SecurityBundle] Added a validation rule
b107a3f [SecurityBundle] Refactored the configuration
633f0e9 [DoctrineBundle] Moved the entity provider service to DoctrineBundle
74732dc [SecurityBundle] Added a way to extend the providers section of the config
Discussion
----------
[WIP][SecurityBundle] Added a way to extend the providers section of the config
Bug fix: no
Feature addition: yes
BC break: <del>no (for now)</del> yes
Tests pass: yes
This adds a way to extend the ``providers`` section of the security config so that other bundles can hook their stuff into it. An example is available in DoctrineBundle which is now responsible to handle the entity provider (<del>needs some cleanup as the service definition is still in SecurityBundle currently</del>). This will allow PropelBundle to provide a ``propel:`` provider for instance.
In order to keep BC with the existing configuration for the in-memory and the chain providers, I had to allow using a prototyped node instead of forcing using an array node with childrens. This introduces some issues:
- impossible to validate easily that a provider uses only one setup as prototyped node always have a default value (the empty array)
- the ``getFixableKey`` method is needed in the interface to support the XML format by pluralizing the name.
Here is my non-BC proposal for the configuration to clean this:
```yaml
security:
providers:
first:
memory: # BC break here by adding a level before the users
users:
joe: { password: foobar, roles: ROLE_USER }
john: { password: foobarbaz, roles: ROLE_USER }
second:
entity: # this one is BC
class: Acme\DemoBundle\Entity\User
third:
id: my_custom_provider # also BC
fourth:
chain: # BC break by adding a level before the providers
providers: [first, second, third]
```
What do you think about it ? Do we need to keep the BC in the config of the bundle or no ?
Btw note that the way to register the factories used by the firewall section should be refactored using the new way to provide extension points in the extensions (as done here) instead of relying on the end user to register factories, which would probably mean a BC break anyway.
---------------------------------------------------------------------------
by lsmith77 at 2011/10/23 09:19:23 -0700
i don't think we should keep BC. the security config is complex as is .. having BC stuff in there will just make it even harder and confusing.
---------------------------------------------------------------------------
by willdurand at 2011/10/23 09:41:25 -0700
Is the security component tagged with `@api` ?
So basically, we just have to create a factory (`ModelFactory` for instance) and to register it in the `security` extension, right ? Seems quite simple to extend and much better than the hardcoded version…
Why did you call the method to pluralize a key `getFixableKey` ?
---------------------------------------------------------------------------
by beberlei at 2011/10/23 14:48:26 -0700
Changing security config will introduce risk for users. We should avoid that
---------------------------------------------------------------------------
by stof at 2011/10/23 15:34:47 -0700
@beberlei as the config is validated, it will simply give them an exception during the loading of the config if they don't update their config.
---------------------------------------------------------------------------
by stof at 2011/10/24 01:01:42 -0700
@schmittjoh @fabpot Could you give your mind about it ?
---------------------------------------------------------------------------
by stof at 2011/10/31 17:08:12 -0700
@fabpot @schmittjoh ping
---------------------------------------------------------------------------
by stof at 2011/11/11 14:08:18 -0800
I updated the PR by implementing my proposal as the latest IRC meeting agreed that we don't need to keep the BC for this change. This allows to add the validation rule now.
---------------------------------------------------------------------------
by stof at 2011/11/16 11:16:06 -0800
@fabpot ping
---------------------------------------------------------------------------
by fabpot at 2011/11/16 22:29:05 -0800
@stof: Before merging, you must also add information about how to upgrade in the CHANGELOG-2.1.md file.
---------------------------------------------------------------------------
by stof at 2011/11/17 00:01:23 -0800
@fabpot done
2011-11-17 15:00:33 +00:00
|
|
|
|
2011-11-22 08:26:42 +00:00
|
|
|
* [BC BREAK] refactored the user provider configuration. The configuration
|
|
|
|
changed for the chain provider and the memory provider:
|
2011-11-17 07:59:41 +00:00
|
|
|
|
|
|
|
Before:
|
|
|
|
|
|
|
|
security:
|
|
|
|
providers:
|
|
|
|
my_chain_provider:
|
|
|
|
providers: [my_memory_provider, my_doctrine_provider]
|
|
|
|
my_memory_provider:
|
|
|
|
users:
|
|
|
|
toto: { password: foobar, roles: [ROLE_USER] }
|
|
|
|
foo: { password: bar, roles: [ROLE_USER, ROLE_ADMIN] }
|
|
|
|
|
|
|
|
After:
|
|
|
|
|
|
|
|
security:
|
|
|
|
providers:
|
|
|
|
my_chain_provider:
|
|
|
|
chain:
|
|
|
|
providers: [my_memory_provider, my_doctrine_provider]
|
|
|
|
my_memory_provider:
|
|
|
|
memory:
|
|
|
|
users:
|
|
|
|
toto: { password: foobar, roles: [ROLE_USER] }
|
|
|
|
foo: { password: bar, roles: [ROLE_USER, ROLE_ADMIN] }
|
|
|
|
|
2011-09-22 08:44:58 +01:00
|
|
|
* added a validator for the user password
|
2011-11-22 08:23:52 +00:00
|
|
|
* added 'erase_credentials' as a configuration key (true by default)
|
2011-11-22 13:49:42 +00:00
|
|
|
* added new events: `security.authentication.success` and `security.authentication.failure`
|
|
|
|
fired on authentication success/failure, regardless of authentication method,
|
|
|
|
events are defined in new event class: `Symfony\Component\Security\Core\AuthenticationEvents`.
|
2011-09-22 08:44:58 +01:00
|
|
|
|
2011-10-24 16:11:00 +01:00
|
|
|
### SwiftmailerBundle
|
|
|
|
|
|
|
|
* moved the data collector to the bridge
|
|
|
|
* replaced MessageLogger class with the one from Swiftmailer 4.1.3
|
|
|
|
|
2011-11-07 19:03:35 +00:00
|
|
|
### TwigBundle
|
|
|
|
|
|
|
|
* added the real template name when an error occurs in a Twig template
|
|
|
|
|
2011-09-22 07:28:07 +01:00
|
|
|
### WebProfilerBundle
|
|
|
|
|
2011-10-24 08:11:18 +01:00
|
|
|
* added a routing panel
|
2011-10-23 11:00:47 +01:00
|
|
|
* added a timeline panel
|
2011-09-22 07:28:07 +01:00
|
|
|
* The toolbar position can now be configured via the `position` option (can be `top` or `bottom`)
|
|
|
|
|
2011-11-01 14:30:43 +00:00
|
|
|
### Config
|
|
|
|
|
|
|
|
* implemented `Serializable` on resources
|
|
|
|
|
2011-09-29 13:52:52 +01:00
|
|
|
### Console
|
|
|
|
|
2011-10-25 16:11:49 +01:00
|
|
|
* made the defaults (helper set, commands, input definition) in Application more easily customizable
|
2011-09-29 13:52:52 +01:00
|
|
|
* added support for the shell even if readline is not available
|
|
|
|
|
2011-08-29 14:38:12 +01:00
|
|
|
### ClassLoader
|
|
|
|
|
|
|
|
* added support for loading globally-installed PEAR packages
|
|
|
|
|
2011-09-23 07:10:01 +01:00
|
|
|
### DomCrawler
|
|
|
|
|
2011-09-28 08:53:50 +01:00
|
|
|
* added a way to get parsing errors for Crawler::addHtmlContent() and Crawler::addXmlContent() via libxml functions
|
2011-09-23 07:10:01 +01:00
|
|
|
* added support for submitting a form without a submit button
|
|
|
|
|
2011-11-22 08:42:16 +00:00
|
|
|
### EventDispatcher
|
|
|
|
|
|
|
|
* added a reference to the EventDispatcher on the Event
|
2011-11-22 08:52:31 +00:00
|
|
|
* added a reference to the Event name on the event
|
2011-11-22 08:42:16 +00:00
|
|
|
|
2011-08-29 14:31:57 +01:00
|
|
|
### Finder
|
2011-08-29 13:45:37 +01:00
|
|
|
|
2011-08-29 14:31:57 +01:00
|
|
|
* Finder::exclude() now supports an array of directories as an argument
|
2011-08-29 13:45:37 +01:00
|
|
|
|
2011-09-24 14:29:19 +01:00
|
|
|
### Form
|
|
|
|
|
2011-11-08 08:06:23 +00:00
|
|
|
* added support for validation groups as callbacks
|
2011-10-10 18:47:28 +01:00
|
|
|
* made the translation catalogue configurable via the "translation_domain" option
|
2011-09-27 09:12:54 +01:00
|
|
|
* added Form::getErrorsAsString() to help debugging forms
|
2011-09-24 14:29:19 +01:00
|
|
|
* allowed setting different options for RepeatedType fields (like the label)
|
|
|
|
|
2011-08-29 14:31:57 +01:00
|
|
|
### HttpFoundation
|
2011-08-29 13:45:37 +01:00
|
|
|
|
2011-10-17 16:16:22 +01:00
|
|
|
* made Response::prepare() method the place to enforce HTTP specification
|
2011-10-05 10:09:51 +01:00
|
|
|
* [BC BREAK] moved management of the locale from the Session class to the Request class
|
2011-09-28 07:18:50 +01:00
|
|
|
* added a generic access to the PHP built-in filter mechanism: ParameterBag::filter()
|
2011-09-14 08:45:15 +01:00
|
|
|
* made FileBinaryMimeTypeGuesser command configurable
|
2011-09-13 07:48:32 +01:00
|
|
|
* added Request::getUser() and Request::getPassword()
|
2011-08-29 14:31:57 +01:00
|
|
|
* added support for the PATCH method in Request
|
|
|
|
* removed the ContentTypeMimeTypeGuesser class as it is deprecated and never used on PHP 5.3
|
2011-09-02 14:54:04 +01:00
|
|
|
* added ResponseHeaderBag::makeDisposition() (implements RFC 6266)
|
2011-09-06 07:59:53 +01:00
|
|
|
* made mimetype to extension conversion configurable
|
2011-08-29 13:45:37 +01:00
|
|
|
|
2011-09-06 06:47:18 +01:00
|
|
|
### HttpKernel
|
|
|
|
|
2011-10-23 11:00:47 +01:00
|
|
|
* added a Stopwatch class
|
|
|
|
* added WarmableInterface
|
2011-10-15 02:38:40 +01:00
|
|
|
* improved extensibility between bundles
|
2011-09-06 06:47:18 +01:00
|
|
|
* added a File-based profiler storage
|
2011-09-06 06:54:13 +01:00
|
|
|
* added a MongoDB-based profiler storage
|
2011-09-06 06:47:18 +01:00
|
|
|
|
2011-11-09 20:55:11 +00:00
|
|
|
### Locale
|
|
|
|
|
|
|
|
* added Locale::getIcuVersion() and Locale::getIcuDataVersion()
|
|
|
|
|
2011-09-30 06:48:34 +01:00
|
|
|
### Routing
|
|
|
|
|
2011-10-24 08:11:18 +01:00
|
|
|
* added a TraceableUrlMatcher
|
2011-10-23 10:56:23 +01:00
|
|
|
* added the possibility to define default values and requirements for placeholders in prefix
|
2011-09-30 06:48:34 +01:00
|
|
|
* added RouterInterface::getRouteCollection
|
|
|
|
|
2011-11-07 22:28:28 +00:00
|
|
|
### Security
|
|
|
|
|
2011-11-17 06:47:06 +00:00
|
|
|
* after login, the user is now redirected to `default_target_path` if `use_referer` is true and the referrer is the `login_path`.
|
2011-11-07 22:28:28 +00:00
|
|
|
* added a way to remove a token from a session
|
|
|
|
|
2011-08-29 14:31:57 +01:00
|
|
|
### Translation
|
2011-08-29 13:45:37 +01:00
|
|
|
|
2011-11-09 21:02:31 +00:00
|
|
|
* added support for gettext
|
2011-09-15 07:19:52 +01:00
|
|
|
* added support for more than one fallback locale
|
2011-09-13 07:49:25 +01:00
|
|
|
* added support for translations in ResourceBundles
|
2011-09-13 07:46:58 +01:00
|
|
|
* added support for extracting translation messages from templates (Twig and PHP)
|
2011-08-29 14:31:57 +01:00
|
|
|
* added dumpers for translation catalogs
|
2011-09-06 07:02:25 +01:00
|
|
|
* added support for QT translations
|
2011-09-02 08:25:13 +01:00
|
|
|
|
|
|
|
### Validator
|
|
|
|
|
2011-11-01 14:30:43 +00:00
|
|
|
* added support for `ctype_*` assertions in `TypeValidator`
|
2011-09-29 14:56:37 +01:00
|
|
|
* added a Size validator
|
2011-09-29 14:45:52 +01:00
|
|
|
* added a SizeLength validator
|
2011-09-06 07:19:05 +01:00
|
|
|
* improved the ImageValidator with min width, max width, min height, and max height constraints
|
2011-09-02 08:25:13 +01:00
|
|
|
* added support for MIME with wildcard in FileValidator
|
2011-11-07 15:43:15 +00:00
|
|
|
|
|
|
|
### Yaml
|
|
|
|
|
|
|
|
* Yaml::parse() does not evaluate loaded files as PHP files by default anymore (call Yaml::enablePhpParsing() to get back the old behavior)
|