From 7df9ca2aebb1886d0d3ec54647aa110d019d5564 Mon Sep 17 00:00:00 2001 From: Jules Pietri Date: Sat, 26 Mar 2016 06:35:01 +0100 Subject: [PATCH 1/4] [Form] fix "prototype" not required when parent form is not required --- .../Extension/Core/Type/CollectionType.php | 3 +- .../Core/Type/CollectionTypeTest.php | 42 +++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php b/src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php index d739a3513d..cf0ed2cb70 100644 --- a/src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php +++ b/src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php @@ -55,7 +55,8 @@ class CollectionType extends AbstractType )); if ($form->getConfig()->hasAttribute('prototype')) { - $view->vars['prototype'] = $form->getConfig()->getAttribute('prototype')->createView($view); + $prototype = $form->getConfig()->getAttribute('prototype'); + $view->vars['prototype'] = $prototype->setParent($form)->createView($view); } } diff --git a/src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php b/src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php index 6a5775ea84..b8d7645a53 100644 --- a/src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php +++ b/src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php @@ -221,4 +221,46 @@ class CollectionTypeTest extends \Symfony\Component\Form\Test\TypeTestCase $this->assertFalse($form->createView()->vars['required'], 'collection is not required'); $this->assertFalse($form->createView()->vars['prototype']->vars['required'], '"prototype" should not be required'); } + + public function testPrototypeSetNotRequiredIfParentNotRequired() + { + $child = $this->factory->create('collection', array(), array( + 'type' => 'file', + 'allow_add' => true, + 'prototype' => true, + 'prototype_name' => '__test__', + )); + + $parent = $this->factory->create('form', array(), array( + 'required' => false, + )); + + $child->setParent($parent); + $this->assertFalse($parent->createView()->vars['required'], 'Parent is not required'); + $this->assertFalse($child->createView()->vars['required'], 'Child is not required'); + $this->assertFalse($child->createView()->vars['prototype']->vars['required'], '"Prototype" should not be required'); + } + + public function testPrototypeNotOverrideRequiredByEntryOptionsInFavorOfParent() + { + $child = $this->factory->create('collection', array(), array( + 'type' => 'file', + 'allow_add' => true, + 'prototype' => true, + 'prototype_name' => '__test__', + 'options' => array( + 'required' => true, + ), + )); + + $parent = $this->factory->create('form', array(), array( + 'required' => false, + )); + + $child->setParent($parent); + + $this->assertFalse($parent->createView()->vars['required'], 'Parent is not required'); + $this->assertFalse($child->createView()->vars['required'], 'Child is not required'); + $this->assertFalse($child->createView()->vars['prototype']->vars['required'], '"Prototype" should not be required'); + } } From 59fea72a438a4533ab299c7f17f58741aca4f187 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9goire=20Pineau?= Date: Sun, 3 Apr 2016 22:28:33 +0200 Subject: [PATCH 2/4] [Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken If you configure a firewall with switch user with `role: IS_AUTHENTICATED_ANONYMOUSLY` it's impossible to exit the impersonation because the next line `$this->provider->refreshUser($original->getUser())` will fail. It fails because `RefreshUser` expects an instance of `UserInterface` and here it's a string. Therefore, it does not make sense to refresh an Anonymous Token, right ? --- .../Http/Firewall/SwitchUserListener.php | 3 +- .../Http/Firewall/SwitchUserListenerTest.php | 48 +++++++++++++++++++ 2 files changed, 50 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php b/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php index 79b715aa3c..b983b689a6 100644 --- a/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php @@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\SecurityContextInterface; +use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; @@ -162,7 +163,7 @@ class SwitchUserListener implements ListenerInterface throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.'); } - if (null !== $this->dispatcher) { + if (null !== $this->dispatcher && $original->getUser() instanceof UserInterface) { $user = $this->provider->refreshUser($original->getUser()); $switchEvent = new SwitchUserEvent($request, $user); $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); diff --git a/src/Symfony/Component/Security/Tests/Http/Firewall/SwitchUserListenerTest.php b/src/Symfony/Component/Security/Tests/Http/Firewall/SwitchUserListenerTest.php index 18527518ca..1ee6ea5e52 100644 --- a/src/Symfony/Component/Security/Tests/Http/Firewall/SwitchUserListenerTest.php +++ b/src/Symfony/Component/Security/Tests/Http/Firewall/SwitchUserListenerTest.php @@ -149,6 +149,54 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $listener->handle($this->event); } + public function testExitUserDoesNotDispatchEventWithStringUser() + { + $originalUser = 'anon.'; + $refreshedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); + $this + ->userProvider + ->expects($this->never()) + ->method('refreshUser'); + $originalToken = $this->getToken(); + $originalToken + ->expects($this->any()) + ->method('getUser') + ->willReturn($originalUser); + $role = $this + ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') + ->disableOriginalConstructor() + ->getMock(); + $role + ->expects($this->any()) + ->method('getSource') + ->willReturn($originalToken); + $this + ->securityContext + ->expects($this->any()) + ->method('getToken') + ->willReturn($this->getToken(array($role))); + $this + ->request + ->expects($this->any()) + ->method('get') + ->with('_switch_user') + ->willReturn('_exit'); + $this + ->request + ->expects($this->any()) + ->method('getUri') + ->willReturn('/'); + + $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + $dispatcher + ->expects($this->never()) + ->method('dispatch') + ; + + $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); + $listener->handle($this->event); + } + /** * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException */ From c8efc4dfc2a451ec05f74172f6c85121239deaef Mon Sep 17 00:00:00 2001 From: Arjen van der Meijden Date: Mon, 4 Apr 2016 20:48:53 +0200 Subject: [PATCH 3/4] [Logging] Add support for firefox in ChromePhpHandler --- src/Symfony/Bridge/Monolog/Handler/ChromePhpHandler.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Bridge/Monolog/Handler/ChromePhpHandler.php b/src/Symfony/Bridge/Monolog/Handler/ChromePhpHandler.php index 97ce308983..43f54b536a 100644 --- a/src/Symfony/Bridge/Monolog/Handler/ChromePhpHandler.php +++ b/src/Symfony/Bridge/Monolog/Handler/ChromePhpHandler.php @@ -42,7 +42,7 @@ class ChromePhpHandler extends BaseChromePhpHandler return; } - if (!preg_match('{\bChrome/\d+[\.\d+]*\b}', $event->getRequest()->headers->get('User-Agent'))) { + if (!preg_match('{\b(?:Chrome/\d+(?:\.\d+)*|Firefox/(?:4[3-9]|[5-9]\d|\d{3,})(?:\.\d)*)\b}', $event->getRequest()->headers->get('User-Agent'))) { $this->sendHeaders = false; $this->headers = array(); From 6bfbb2e25f554d552a65b979e6d7adceca3c4683 Mon Sep 17 00:00:00 2001 From: Matthieu Napoli Date: Tue, 5 Apr 2016 11:24:23 +0200 Subject: [PATCH 4/4] [HttpFoundation] Improve phpdoc Improve the phpdoc for the `$default` parameter of the `get()` method. It wasn't clear when the default value would be used (whether the key would not exist or the value was `null` or nullish). The comment is now in sync with `Symfony\Component\HttpFoundation\ParameterBag::get()`. --- src/Symfony/Component/HttpFoundation/Request.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/Request.php b/src/Symfony/Component/HttpFoundation/Request.php index 0423323b62..84177087c9 100644 --- a/src/Symfony/Component/HttpFoundation/Request.php +++ b/src/Symfony/Component/HttpFoundation/Request.php @@ -674,7 +674,7 @@ class Request * public property instead (query, attributes, request). * * @param string $key the key - * @param mixed $default the default value + * @param mixed $default the default value if the parameter key does not exist * @param bool $deep is parameter deep in multidimensional array * * @return mixed