Commits
-------
0c83c5d [Form] Alternate syntax for form_theme
Discussion
----------
[RFC][Form] Alternate syntax for form_theme
before
`{% form_theme form _self "::base.html.twig" %}`
after
`{% form_theme form with "::base.html.twig" %}`
`{% form_theme form with varTheme %}`
`{% form_theme form with [_self, "::base.html.twig"] %}`
_the former syntax is still supported_
---------------------------------------------------------------------------
by stof at 2012-03-12T15:42:32Z
do you really need ``with`` ?
---------------------------------------------------------------------------
by vicb at 2012-03-12T15:50:41Z
it's not needed but I find it more clear (It can be drop if a consensus is reached)
---------------------------------------------------------------------------
by fabpot at 2012-03-12T17:05:46Z
+1 for `with`. Documentation for master should be updated as well.
---------------------------------------------------------------------------
by Tobion at 2012-03-13T02:26:22Z
+1 for `with`, but the syntax without array like `{% form_theme form with "::base.html.twig" %}` should also be supported
---------------------------------------------------------------------------
by vicb at 2012-03-13T07:16:55Z
`[]` are nice as they clearly indicate the ability to use multiple themes (which I think is yet to be documented). We'll pick the most popular syntax only.
---------------------------------------------------------------------------
by stof at 2012-03-13T08:16:40Z
@vicb supporting a string instead of an array should be possible when you need only one element. supporting several ones and turning it into an array is the mistake we made for 2.0
---------------------------------------------------------------------------
by hhamon at 2012-03-13T08:16:45Z
+1 for the new syntax
---------------------------------------------------------------------------
by vicb at 2012-03-13T08:29:45Z
@stof @Tobion what about using the former syntax then ?
---------------------------------------------------------------------------
by Baachi at 2012-03-13T08:32:09Z
+1 for new syntax. But it should be possible to use strings instead of arrays.
---------------------------------------------------------------------------
by stof at 2012-03-13T08:33:07Z
@vicb Having one wyntax using ``with`` and the other without will confuse users IMO. this is why I suggested allowing to pass a Twig array without adding an extra word
---------------------------------------------------------------------------
by stof at 2012-03-13T08:40:02Z
@Baachi not stringS as it is precisely what we are trying to solve :)
---------------------------------------------------------------------------
by Baachi at 2012-03-13T08:42:03Z
Oh sry. I mean __string__. :)
---------------------------------------------------------------------------
by fabpot at 2012-03-13T11:16:30Z
+1 for supporting a string or an array with the new syntax as using only one element is probably the most common use case. But then, why not supporting any valid Twig expression?
---------------------------------------------------------------------------
by vicb at 2012-03-13T11:54:51Z
Something like the latest commit ? (Tests have to be updated).
@fabpot What is the best place to handle array / non-array ? This is currenlty handled in the node but the parser might be a better place.
---------------------------------------------------------------------------
by fabpot at 2012-03-13T13:23:08Z
@vicb: I would just remove the special array case in the node as it's not needed anymore.
---------------------------------------------------------------------------
by fabpot at 2012-03-13T13:24:15Z
... and update FormExtension::setTheme() to also accept a string in which case we convert it to an array there.
---------------------------------------------------------------------------
by schmittjoh at 2012-03-13T14:26:17Z
I'd prefer a named argument instead of an ubiquitous "with" keyword which does not really tell me what's coming next.
Something like ``{% form_theme _form templates=[a, b, c] %}``. This is pretty nicely done for the assetic tags "javascripts", and "stylesheets".
---------------------------------------------------------------------------
by Tobion at 2012-03-13T16:04:26Z
@schmittjoh it would only make sense if there are multiple named arguments. With only one available it seems redundant.
Also `{% form_theme _form templates="template.html.twig" %}` is bad.
---------------------------------------------------------------------------
by vicb at 2012-03-14T07:59:08Z
I tend to agree with @Tobion but I'll have a closer look at assetic to see if we can make things more consistent.
---------------------------------------------------------------------------
by Seldaek at 2012-03-14T10:36:15Z
This would be more consistent with assetic, but assetic isn't really consistent with anything else in twig, although I see the benefits in that particular case for swapping and omitting parameters.
---------------------------------------------------------------------------
by schmittjoh at 2012-03-14T15:49:37Z
My goal was not really consistency, but I simply find it more obvious,
self-explanatory and easier to understand if you name things explicitly. We
are using the "with" keyword in several places and each time something
different is expected.
To me explicit naming is superior, but just my 2c
On Wed, Mar 14, 2012 at 4:36 AM, Jordi Boggiano <
reply@reply.github.com
> wrote:
> This would be more consistent with assetic, but assetic isn't really
> consistent with anything else in twig, although I see the benefits in that
> particular case for swapping and omitting parameters.
>
> ---
> Reply to this email directly or view it on GitHub:
> https://github.com/symfony/symfony/pull/3576#issuecomment-4495732
>
---------------------------------------------------------------------------
by Tobion at 2012-03-14T16:48:01Z
When I first saw this tag I didn't understand the role of first parameter.
So if we use johannes suggestion it should rather be `{% form_theme form=myForm templates=[a, b, c] %}`
---------------------------------------------------------------------------
by mvrhov at 2012-03-14T18:09:09Z
Before we complicate this any further can I add another thing here.
Moving to dedicated issue: Inflexible form theming #3598
---------------------------------------------------------------------------
by vicb at 2012-03-14T18:20:54Z
@mvrhov that is not the good place to discuss this (both this particular issue and GH as this is a support request).
_Have you tried `{% form_theme form.subForm ... %}`_
---------------------------------------------------------------------------
by vicb at 2012-03-15T07:39:14Z
Where do you think we should go:
1. `{% form_theme form with [_self, "::base.html.twig"] %}`
2. `{% form_theme form=form src=[_self, "::base.html.twig"] %}`
Let's discuss the structure first & not the details (i.e. src vs templates).
---------------------------------------------------------------------------
by Baachi at 2012-03-15T07:52:51Z
I tend to ```{% form_theme form with [_self, "::base.html.twig"] %}```, because its more consistent to the twig syntax.
---------------------------------------------------------------------------
by fabpot at 2012-03-15T13:10:56Z
@vicb: I like 1) more than 2) as this how the built-in tags work.
To keep BC even further, can we just remove the `with` keyword? To make it BC, we just need to have a look at extra parameters and add it to an array if they exist.
---------------------------------------------------------------------------
by Tobion at 2012-03-15T13:19:52Z
For newcomers 2) is definitely easier to understand. But it would also only make sense if you can change the parameter order, so `{% form_theme form=form src=[_self, "::base.html.twig"] %}` == ` {% form_theme src=[_self, "::base.html.twig"] form=form %}`. At the same time it reduces consistency. So for experienced developers option 1) [without "with"] is less redundant and preferable.
---------------------------------------------------------------------------
by vicb at 2012-03-15T13:53:49Z
@fabpot removing the `with` will make `Parser::parsePostfixException()` scream when providing an array of themes.
Commits
-------
dee47b1 [DoctrineBridge] Add minimal tests for DBAL session storage driver
Discussion
----------
[2.1][DoctrineBridge] Add minimal tests for DBAL session storage driver
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
This is intentionally only for the `master` branch because the class is different between 2.0 and master. This test is the minimal but at least will mean any refactoring changes in dependencies get caught.
Commits
-------
71493a2 [DoctrineBridge] Compiler pass for registering event listeners/subscribers
f15dde6 [DoctrineBridge] ContainerAwareEventManager class
Discussion
----------
[DoctrineBridge] ContainerAwareEventManager class
```
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
```
[](http://travis-ci.org/jmikola/symfony)
This allows services to be registered (and lazily loaded) with Doctrine Common's EventManager.
It is ported from @schmittjoh's previous commits here: doctrine/DoctrineBundle#23. I'd like to integrate this with DoctrineMongoDBBundle, so the Bridge once again seemed like an ideal alternative to duplicating code.
---------------------------------------------------------------------------
by jmikola at 2012-02-23T20:37:51Z
Per conversation with @stof in doctrine/DoctrineBundle#23, I'm also going to integrate the compiler pass (an abstract version both bundles can use) into this PR.
---------------------------------------------------------------------------
by jmikola at 2012-02-23T21:56:47Z
Just realized there's an issue with the naming assumptions, since Doctrine ORM uses "doctrine" as its registry service ID but "doctrine.dbal" as its event manager prefix. Fixing.
This was imported from DoctrineBundle (see: doctrine/DoctrineBundle#23), since it can be used by other Doctrine bundles, too. It utilizes the ContainerAwareEventManager from f15dde6c59.
The listener is used by the Collection type as well as the Choice and Entity type (with multiple
selection). The effect is that you can have for example this model:
class Article
{
public function addTag($tag) { ... }
public function removeTag($tag) { ... }
public function getTags($tag) { ... }
}
You can create a form for the article with a field "tags" of either type "collection" or "choice"
(or "entity"). The field will correctly use the three methods of the model for displaying and
editing tags.
Commits
-------
753c067 [FrameworkBundle] added $view['form']->csrfToken() helper
e1aced8 [Twig] added {{ csrf_token() }} helper
Discussion
----------
[Twig] [FrameworkBundle] added CSRF token helper
I've added a templating helper and Twig function for generating a CSRF token without the overhead of creating a form.
```html+jinja
<form action="{{ path('user_delete', { 'id': user.id }) }}" method="post">
<input type="hidden" name="_method" value="delete">
<input type="hidden" name="_token" value="{{ csrf_token('delete_user_' ~ user.id) }}">
<button type="submit">delete</button>
</form>
```
```php
<?php
class UserController extends Controller
{
public function delete(User $user, Request $request)
{
$csrfProvider = $this->get('form.csrf_provider');
if (!$csrfProvider->isCsrfTokenValid('delete_user_'.$user->getId(), $request->request->get('_token')) {
throw new RuntimeException('CSRF attack detected.');
}
// etc...
}
}
```
The test that is failing on Travis appears to be unrelated, but I may be wrong?
```
1) Symfony\Bundle\SecurityBundle\Tests\Functional\LocalizedRoutesAsPathTest::testLoginLogoutProcedure with data set #1 ('de')
RuntimeException: OUTPUT:
Catchable fatal error: Argument 3 passed to Symfony\Bundle\FrameworkBundle\Controller\TraceableControllerResolver::__construct() must be an instance of Symfony\Component\HttpKernel\Debug\Stopwatch, instance of Symfony\Bundle\FrameworkBundle\Controller\ControllerNameParser given, called in /tmp/2.1.0-DEV/StandardFormLogin/cache/securitybundletest/appSecuritybundletestDebugProjectContainer.php on line 94 and defined in /home/vagrant/builds/kriswallsmith/symfony/src/Symfony/Bundle/FrameworkBundle/Controller/TraceableControllerResolver.php on line 37
```
---------------------------------------------------------------------------
by pablodip at 2012-01-10T14:18:45Z
As you don't need forms to use the csrf provider, how about putting its service without the form prefix? It could even make sense to put the CsrfProvider as a component since you can use it standalone and in more cases than only forms. It would be a small component though.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T17:54:14Z
I think it would be more clear to generate the token in the controller. Doing so in the template will spread the CSRF intention across template and controller. So I don't think this extension is necessary.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-10T17:58:14Z
@pablodip I'm open to the idea of a Csrf component. This would be a good place for some nonce classes as well.
@Tobion I disagree. One use case is for a list of users, each with a delete form. Iterating over the users in the controller and generating a token for each, just to iterate over them again in the view is a waste and adds complexity.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T18:05:14Z
I see. But I don't understand why the intention needs to be different for each user to delete. Usually the intention is the same for each form type. I thought this is enough.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-10T18:06:13Z
Yes, a static intention would suffice.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T18:07:08Z
Then your use case is not valid anymore.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T18:12:25Z
I would suggest to make a cookbook article out of it about how to create a simple form without the form component.
And include such things as validating the result using the validator component and checking the CSRF.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-10T21:32:50Z
This helper makes it easier to use CSRF protection without a form and we should make it as easy as possible. Spreading the intention across controller and template is not concerning to me. Either way, a cookbook entry is a great idea.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T21:47:12Z
Well, it's just one line more without this helper. So I disagree it makes it really easier when you know how to use the CsrfProvider which is a pre-condition anyway since you must still validate its correctness by hand.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-13T13:24:15Z
Another use case is when rendering a page with a bunch of simple buttons with different intentions: delete user, delete comment, follow, unfollow... Creating all of these in the controller just leads to spaghetti.
---------------------------------------------------------------------------
by jwage at 2012-01-17T21:55:53Z
👍 lots of use cases for something like this @OpenSky
Commits
-------
4d64d90 Allow empty result; change default *choices* value to **null** instead of **array()**. - added *testEmptyChoicesAreManaged* test - `null` as default value for choices. - is_array() used to test if choices are user-defined. - `null` as default value in __construct too. - `null` as default value for choices in EntityType.
Discussion
----------
[Doctrine][Bridge] EntityType: Allow empty result; default `choices` value changed to null
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
References the following tickets: #2504
- added *testEmptyChoicesAreManaged* test
- `null` as default value for choices.
- is_array() used to test if choices are user-defined.
- `null` as default value in __construct too.
- `null` as default value for choices in EntityType.
I squashed commits from PR #2504 as requested.
- added *testEmptyChoicesAreManaged* test
- `null` as default value for choices.
- is_array() used to test if choices are user-defined.
- `null` as default value in __construct too.
- `null` as default value for choices in EntityType.
