This PR was merged into the 2.6-dev branch.
Discussion
----------
fixed translator locale when dealing with sub-requests
| Q | A
| ------------- | ---
| Bug fix? | yes, kinda
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This fixes the (edge) case where the locale of a sub-requests is different from the locale of the master request. The listener synchronizes the translator locale with the one from the request.
Commits
-------
0e65af2 fixed translator locale when dealing with sub-requests
This PR was merged into the 2.6-dev branch.
Discussion
----------
[DependencyInjection] made some perf improvements
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR optimizes the creation of dumped containers drastically (thanks @jpauli for the hint).
The Container class generated by the PHP dumper does not include the `getDefaultParameters()` method anymore. It does not seem like a big deal to me as I fail to see a use case where someone would override this method.
Commits
-------
e1a3ef8 [DependencyInjection] made some perf improvements
We are always using $this->container->get() and now we're using the short-cut sometimes to access to a service.
It could be nice to stay with $this->container->get(), so for those who copy and paste the Controller to create a ControllerUtils, they wont have to change it (in fact neither ControllerUtils::get() nor ControllerUtils::has() exists).
See: http://www.whitewashing.de/2013/06/27/extending_symfony2__controller_utilities.html
This PR was merged into the 2.6-dev branch.
Discussion
----------
[2.3] Update src/Symfony/Component/HttpFoundation/Request.php
This makes `getContentType()` work when a regular form is submitted. It would return `"form"`
Commits
-------
c81ec4d Update src/Symfony/Component/HttpFoundation/Request.php
This PR was squashed before being merged into the 2.6-dev branch (closes#11453).
Discussion
----------
[Config] Allow extra hint in exception message
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #1666
| License | MIT
| Doc PR | symfony/symfony-docs#4047
Commits
-------
3062b3e [Config] Allow extra hint in exception message
* 2.5:
[Validator] Added ConstraintValidator::buildViolation() helper for BC with 2.4 API
[Validator] Fixed LegacyValidator when only a constraint is validated
Conflicts:
src/Symfony/Component/Form/Extension/Validator/Constraints/FormValidator.php
src/Symfony/Component/Validator/Constraints/AbstractComparisonValidator.php
src/Symfony/Component/Validator/Constraints/RangeValidator.php
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Security] make it possible to override the default success/failure handler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5432, #9272, #10417, #11926
| License | MIT
| Doc PR | symfony/symfony-docs#4258
Overriding the default success/failure handler of the security firewalls is possible via the `success_handler` and `failure_handler` setting but this approach is not flexible as it does not allow you to get the options/provider key.
To sum up the problem:
* Overriding the default success/failure handler is possible via a service;
* When not overridden, the default success/failure handler gets options and the provider key;
* Those options and the provider key are injected by the factory as they are dynamic (they depend on the firewall and the provider key), so getting those options/provider key is not possible for a custom service that is only configured via the container configuration;
* Extending the default handler does not help as the injection mechanism is only triggered when no custom provider is set;
* Wrapping the default handler is not possible as the service id is dynamic.
... and of course we need to keep BC and make it work for people extending the default handler but also for people just using the interface.
Instead of the current PR, I propose this slightly different approach. It's not perfect, but given the above constraint, I think this is an acceptable trade-of.
So, several use cases:
* Using the default handler (no change);
* Using a custom handler that implements `AuthenticationSuccessHandlerInterface` directly and does not need any options (no change);
* Using a custom handler that needs the options/provider key (that's the new use case this PR supports).
This PR introduces 2 new classes that wrap custom handlers. If those classes define the `setOptions()` and/or `setProviderKey()` methods, they are automatically called with the correct arguments. Yours handler does not need to extend the default handler `DefaultAuthentication*Handler`, but doing so helps as the setters are already defined there.
Commits
-------
810eeaf [Security] made it possible to override the default success/failure handler (take 2)
36116fc [Security] made it possible to override the default success/failure handler
This PR was merged into the 2.5 branch.
Discussion
----------
[Validator] Added ConstraintValidator::buildViolation() helper for BC with the 2.4 API
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR adds a `buildViolation()` helper method to the base `ConstraintValidator` to remove the API checks (2.4 vs. 2.5) from the constraint validator implementations. Once the 2.4 API is removed, this helper method will be removed as well.
**Todos**
- [x] Backport changes from #12021
Commits
-------
6b0c24a [Validator] Added ConstraintValidator::buildViolation() helper for BC with 2.4 API
This PR was merged into the 2.5 branch.
Discussion
----------
[Validator] Fixed LegacyValidator when only a constraint is validated
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The 2.5-BC API is currently broken for the following use case:
```php
$validator->validate($value, $constraint);
```
This is fixed now.
Commits
-------
1d48206 [Validator] Fixed LegacyValidator when only a constraint is validated
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Form] Choice children can be template customized like collection
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes?
| Deprecations? | no
| Tests pass? | No ?
| Fixed tickets |
| License | MIT
| Doc PR | None
I wanted to customize the template of a children of a choice field. I learned it was not currently possible, though it is with the collection type. So this should let people be able to customize the template for all the choice children at once.
Ie:
```jinja
{% block _user_colors_entry_widget %}
```
Still have to fix the tests
Commits
-------
4e6b27f [Form] Choice children can be template customized like collection
* 2.5:
[Command] Set the process title as late as possible
[Form] Removed constructor argument from FormTypeHttpFoundationExtension for forward compatibility with 2.5
[Validator] Simplified testing of violations
remove obsolete test file
[FrameworkBundle] output failed matched path for clarification
bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider
[Validator] Fixed StaticMethodLoaderTest to actually test something
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
Use request format from request in twig ExceptionController
fixed bug
added the possibility to return null from SimplePreAuthenticationListener
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
[Form] Add a form error if post_max_size has been reached.
Response::isNotModified returns true when If-Modified-Since is later than Last-Modified
[WebProfilerBundle] turbolinks compatibility
Conflicts:
src/Symfony/Component/Form/Tests/Extension/Validator/Constraints/FormValidatorTest.php
* 2.4:
[Form] Removed constructor argument from FormTypeHttpFoundationExtension for forward compatibility with 2.5
[Validator] Simplified testing of violations
remove obsolete test file
[FrameworkBundle] output failed matched path for clarification
bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider
[Validator] Fixed StaticMethodLoaderTest to actually test something
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
Use request format from request in twig ExceptionController
fixed bug
added the possibility to return null from SimplePreAuthenticationListener
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
[Form] Add a form error if post_max_size has been reached.
Response::isNotModified returns true when If-Modified-Since is later than Last-Modified
[WebProfilerBundle] turbolinks compatibility
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/FormType.php
src/Symfony/Component/Form/Extension/Validator/Constraints/FormValidator.php
src/Symfony/Component/Form/Extension/Validator/Util/ServerParams.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
src/Symfony/Component/Validator/Tests/Constraints/AbstractConstraintValidatorTest.php
* 2.3:
[Form] Removed constructor argument from FormTypeHttpFoundationExtension for forward compatibility with 2.5
[Validator] Simplified testing of violations
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Simplified testing of violations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I simplified the assertion of violations in preparation of a replacement PR for #7276.
Commits
-------
8e5537b [Validator] Simplified testing of violations
* 2.3:
remove obsolete test file
[FrameworkBundle] output failed matched path for clarification
bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider
[Validator] Fixed StaticMethodLoaderTest to actually test something
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
Use request format from request in twig ExceptionController
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
[Form] Add a form error if post_max_size has been reached.
Response::isNotModified returns true when If-Modified-Since is later than Last-Modified
[WebProfilerBundle] turbolinks compatibility
Conflicts:
src/Symfony/Component/Form/CHANGELOG.md
src/Symfony/Component/HttpFoundation/Tests/ResponseTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
This PR was squashed before being merged into the 2.6-dev branch (closes#11949).
Discussion
----------
[Console] More consistent application description
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
Commits
-------
28edd30 [Console] More consistent application description
This PR was merged into the 2.6-dev branch.
Discussion
----------
New php library structure made easier
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
[This article](https://medium.com/@christophewillemsen/stop-making-bundles-think-bundles-deadd27b88c0) from @ikwattro gives some good ideas on how to ease the creation of a PHP package:
- which is not a bundle usable only on a symfony full stack framework
- without requiring to maintain 2 repos (one for the lib and the other for the bundle)
The only drawback is that Symfony requires the DI extension to be on a given location. So I created a new method Bundle#getContainerExtensionClass than can be easily overwritten if you want to move the Extension class in another directory.
Commits
-------
8eda6b5 New php library structure made easier
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Fixed StaticMethodLoaderTest to actually test something
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This test is not testing anything, except for whether PHP throws a strict standards error when invalid code is loaded.
I disabled error reporting for this test, so that the actual functionality (ignoring static+abstract functions) is tested.
Commits
-------
1b1303a [Validator] Fixed StaticMethodLoaderTest to actually test something
This PR was merged into the 2.6-dev branch.
Discussion
----------
[FrameworkBundle] Added unit-tests for GlobalVariables::getUser()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Tests added should explain that `getUser()` should return `null` when a string is found as user. If this is not correct, a PR should be made. However, this would result in a huge BC break due to people using `{% if app.user %}` which would return `null` if an anonymous token was found. If this suddenly returns a string, this check will fail.
While at it, I have also added `getUser()` tests to verify the unhappy flow is working. These tests uncovered that if `$container->get('security.token_storage')` fails, it will throw an exception rather than return `null`. This issue is now fixed.
List of changes
--------------------
- The old `testGetUser` has been refactored to be tested with multiple variations of return types to verify the return type to work as the code tells.
- `get('security.token_storage')` is now only executed if `has('security.token_storage')` returns true
@fabpot I think this PR should be merged before 2.6, because it fixes an uncaught exception bug in my previous PR which splits the security context
Commits
-------
3f055f7 Fixed a bug and added unit-tests for GlobalVariables
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] output failed matched path for clarification
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11780
| License | MIT
| Doc PR | -
Because cygwin resolves the path behind the scenes, it is otherwise very unclear what path is actually used for matching.
Commits
-------
8d13af7 [FrameworkBundle] output failed matched path for clarification
This PR was merged into the 2.6-dev branch.
Discussion
----------
[HttpKernel] Extract method to instantiate controller in ControllerResolver
Replaces #10814 to merge into `master` instead of `2.3`.
---
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Currently it's required to duplicate the entirety of the `getController()` and `createController()` methods just to replace the call to `new` (e.g. with container resolution, instead).
Now it's possible to just override the `instantiateController()` method.
Commits
-------
88274df [HttpKernel] Extract method to make callable controller in ControllerResolver
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Serializer] PropertyNormalizer: a new normalizer that maps an object's properties to an array
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | if PR is deemed mergeable, I'll write the docs
This PR adds a new Normalizer for the Serializer component: **`PropertyNormalizer`**.
Currently the only normalizer is `GetSetMethodNormalizer`, which calls getters and setters. This new serializer uses the properties values directly.
This is especially useful if you write a webservice and take/return very simple DTO (Data Transfer Objects) which role is only to act like a "named" `stdClass`. Every property is public (the class doesn't contain any logic), and mapping that to an array is pretty easy.
This normalizer takes into account public, but also *private* and *protected* properties.
FYI I've based most of the code of `GetSetMethodNormalizer`.
Commits
-------
78ceed1 [Serializer] Added PropertyNormalizer, a new normalizer that maps an object's properties to an array
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6645
| License | MIT
| Doc PR | -
Consider the following entity:
```php
class Author
{
/**
* @Assert\NotBlank
*/
private $name;
private $age;
}
```
Right now, the "required" HTML attribute is set for both fields (since the default value of the "required" option is true). IMO this is wrong.
With this fix, the ValidatorTypeGuesser guesses `false` for the "required" option unless a NotNull/NotBlank constraint is present.
Commits
-------
fd77b09 [Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
This PR was merged into the 2.6-dev branch.
Discussion
----------
[WebProfilerBundle] Show AJAX requests in the symfony profiler toolbar
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Adds AJAX requests in the web debug toolbar.
See #8896 for the original discussion.
Commits
-------
16d1b35 optimized JS for the AJAX section of the toolbar
2e708d7 made minor tweaks to JS code
8e4c603 replaced the AJAX icon with a smaller one
b66f39a removed hack
9c74fcc removed uneeded web_profiler.debug_toolbar.excluded_ajax_paths parameter in the container
d43edaf [WebProfilerBundle] improved the ajax section of the WDT
37f7dd7 [WebProfilerBundle] Show AJAX requests in the symfony profiler toolbar
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Validator] Added "payload" option to all constraints for attaching domain-specific data
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7273
| License | MIT
| Doc PR | TODO
The "payload" option can be used to pass whatever data should be attached to a constraint for an application:
```php
/**
* Domain-specific error codes
* @NotNull(payload="100")
*/
/**
* Structured domain-specific data
* @NotNull(payload={"display": "inline", "highlight": false})
*/
```
The term "payload" is borrowed from JSR-303.
Commits
-------
e8b7c6d [Validator] Added "payload" option to all constraints for attaching domain-specific data
