This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle][TwigBridge] do not render empty form action attributes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13852, #15995
| License | MIT
| Doc PR |
Commits
-------
1307043 do not render empty form action attributes
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Tag deprecated services
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Tag deprecated services as such. Some are deprecated by transitivity with their class definition.
Having given some workshops on migrating to sf 3.0, the deprecation triggered at the class level is cryptic to most. Triggering a more tailored one about the service is really important to me in order to help users migrate.
Commits
-------
87e8e8f [FrameworkBundle] Tag deprecated services
In #15973, the `searchResultsAction()` of the `ProfilerController` was
updated to pass the current request to the rendered template. However,
this change was not reflected in the test thus letting it fail.
This PR was merged into the 2.8 branch.
Discussion
----------
added logging of unused tags
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11511, #11744
| License | MIT
| Doc PR | -
This is the same as #11744 but with some minor tweaks and some unit tests for the compiler pass.
Commits
-------
95c9f50 added some tests
d3271e1 missing tags in whitelist
f51fe4a [FrameworkBundle] [DependencyInjection] added logging of unused tags during container compilation
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBundle] removed usage of Templating classes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes (but frankly, I don't see how that would break anything out there)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
ff3c107 [TwigBundle] removed usage of Templating classes
7f13f95 [WebProfilerBundle] fixed a template reference
* Restore View Latest button
* In order to fit into the horizontal space available, shorten the names of the Latest Profiles and View Latest buttons and adjust the buttons' margin and padding.
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] [Ldap] Added support for LDAP (New Component + integration in the Security Component).
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet
| Fixed tickets | -
| License | MIT
| Doc PR | not yet
Current state:
- [x] Implement logic
- [x] Post-review tuning and stabilization
- [x] Fix tests
This PR is a follow-up to #5189, which was in a stand-still for a few years now. It tries to fix the remaining issues which were mentioned in the discussion.
There are still a few issues with the PR, as it is. For example, it introduces two new firewall factories, whereas the base factories (`form_login` and `http_basic`) could simply introduce new configuration options.
Also, for a user to use an LDAP server as an authentication provider, he first needs to define a service which should be an instance of `Symfony\Component\Security\Ldap\Ldap`.
For example:
```yml
services:
my_ldap:
class: Symfony\Component\Security\Ldap\Ldap
arguments: [ "ldap.mydomain.tld" ]
```
Then, in `security.yml`, this service can be used in both the user provider and the firewalls:
```yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
ldap_users:
ldap:
service: my_ldap
base_dn: dc=MyDomain,dc=tld
search_dn: CN=My User,OU=Users,DC=MyDomain,DC=tld
search_password: p455w0rd
filter: (sAMAccountName={username})
default_roles: ROLE_USER
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
demo_login:
pattern: ^/login$
security: false
api:
provider: ldap_users
stateless: true
pattern: ^/api
http_basic_ldap:
service: my_ldap
dn_string: "{username}@MYDOMAIN"
demo_secured_area:
provider: ldap_users
pattern: ^/
logout:
path: logout
target: login
form_login_ldap:
service: my_ldap
dn_string: CN={username},OU=Users,DC=MyDomain,DC=tld
check_path: login_check
login_path: login
```
Commits
-------
60b9f2e Implemented LDAP authentication and LDAP user provider
1c964b9 Introducing the LDAP component
* 2.7:
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
* 2.3:
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][WebProfilerBundle] Fix search button click listener
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This fixes an issue when clicking the sidebar "Search" button **text** instead of the **button**. Then the click event target/srcElement is the *span* child-element, instead of the listening *a* element, which causes errors in the listener, since it expects the listening element. In consequence of that the search form isn't shown.
To fix this, the same technique is used, as for the navigation tabs. Traversing the DOM up to the expected *a* element.
Commits
-------
f9ddddb [WebProfilerBundle] Fix search button click listener
This PR was merged into the 2.8 branch.
Discussion
----------
Guard minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Various completely minor things, most from suggestions on #14673
Commits
-------
869d5a7 tweaking message related to configuration edge case that we want to be helpful with
da4758a Minor tweaks - lowering the required security-http requirement and nulling out a test field
* 2.7:
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Fix with_minutes option in time widget
Fixed properties not explicitily declared
This PR was merged into the 2.7 branch.
Discussion
----------
Fixed properties not explicitily declared
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| License | MIT
Commits
-------
d2b3fe4 Fixed properties not explicitily declared
This PR was merged into the 2.8 branch.
Discussion
----------
deprecated the Shell Console class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | one of #11742
| License | MIT
| Doc PR | n/a
Commits
-------
1c17928 deprecated the Shell Console class
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] compatibility with older Form component versions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15711
| License | MIT
| Doc PR |
Commits
-------
01ad767 compatibility with older Form component versions
This PR was squashed before being merged into the 2.8 branch (closes#15738).
Discussion
----------
Implement service-based Resource (cache) validation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #7230, #15692, #7782
| License | MIT
| Doc PR | symfony/symfony-docs#5136
### Overview
Currently, any metadata passed to `ConfigCache` (namely implementations of `ResourceInterface`) is serialized to disk. When the `ConfigCache` is validated, the metadata is unserialized and queried through `ResourceInterface::isFresh()` to determine whether the cache is fresh. That way, `ResourceInterface` implementations cannot interact with services, for example a database connection.
This PR introduces the new concept of `ResourceCheckers`. Services implementing `ResourceCheckerInterface` can be tagged as `config_cache.resource_checker` with an optional priority.
Clients that wish to use `ConfigCache` can then obtain an instance from the `config_cache_factory` service (which implements `ConfigCacheFactoryInterface`). The factory will take care of injecting resource checkers into the `ConfigCache` instance so that they can be used for cache validation.
Checking cache metadata is easy for `ResourceCheckers`:
* First, the `ResourceCheckerInterface::supports()` implementation is passed the metadata object in question. If the checker cannot handle the type of resource passed, `supports()` should return `false`.
* Otherwise, the `ResourceCheckerInterface::isFresh()` method will be called and given the resource as well as the timestamp at which the cache was initialized. If that method returns `false`, the cache is considered stale. If it returns `true`, the resource is considered unchanged and will *not* be passed to any additional checkers.
### BC and migration path
This PR does not (intend to) break BC but it comes with deprecations. The main reason is that `ResourceInterface` contains an `isFresh()` method that does not make sense in the general case of resources.
Thus, `ResourceInterface::isFresh()` is marked as deprecated and should be removed in Symfony 3.0. Resource implementations that can (or wish to) be validated in that simple manner can implement the `SelfCheckingResourceInterface` sub-interface that still contains (and will keep) the `isFresh()` method. The change should be as simple as changing the `extends` list.
Apart from that, `ResourceInterface` will be kept as the base interface for resource implementations. It is used in several `@api` interfaces and thus cannot easily be substituted.
For the Symfony 2.x series, a `BCResourceInterfaceChecker` will be kept that performs validation through `ResourceInterface::isFresh()` but will trigger a deprecation warning. The remedy is to either implement a custom ResourceChecker with a priority higher than -1000; or to switch to the aforementioned `SelfCheckingResourceInterface` which is used at a priority of -990 (without deprecation warning).
The `ConfigCache` and `ConfigCacheFactory` classes can be used as previously but do not feature checker-based cache validation.
### Outlook and closing remarks:
This PR supersedes #7230, #15692 and works at least in parts towards the goal of #7176.
The `ResourceCheckerInterface`, `...ConfigCache` and `...ConfigCacheFactory` no longer need to be aware of the `debug` flag. The different validation rules applied previously are now just a matter of `ResourceChecker` configuration (i. e. "no checkers" in `prod`).
It might be possible to remove the `debug` flag from Symfony's `Router` and/or `Translator` classes in the future as well because it was only passed on to the `ConfigCache` there.
Commits
-------
20d3722 Implement service-based Resource (cache) validation