* schmittjoh/security:
[Security] forward the entire access denied exception instead of only the message
[Security] changed defaults for MessageDigestEncoder
TICKET #9557: session isn't required when using http basic authentification mecanism for example
[Security] improved entropy to make collision attacks harder
[Security] added the 'key' attribute of RememberMeToken to serialized string to be stored in session
Fix the Acl schema generator script.
* kriswallsmith/assetic/test-coverage:
[AsseticBundle] progress migrating functional tests to unit tests
[AsseticBundle] changed type to use interface
[AsseticBundle] added a functional test group
* kriswallsmith/assetic/watch:
[AsseticBundle] added error handling to --watch
[AsseticBundle] added a simple cache to --watch so it picks up where it left off last time
[AsseticBundle] added a --watch option to the assetic:dump command
* lsmith77/fixture_2_migration:
cosmetic tweak
initial steps to handling objects
A command to generate a migration from the sql queries executed when you load some data fixtures.
The Response is not available in the DIC anymore.
When you need to create a response, create an instance of
Symfony\Component\HttpFoundation\Response instead.
As a side effect, the Controller::createResponse() and Controller::redirect()
methods have been removed and can easily be replaced as follows:
return $this->createResponse('content', 200, array('foo' => 'bar'));
return new Response('content', 200, array('foo' => 'bar'));
return $this->redirect($url);
return Response::createRedirect($url);
Without this patch, if you call __toString() on a Response,
the content-type auto-detection would never be trigerred
as __toString() changes the default content-type.
* dator/send_email_command:
Fix description
Add an example using the options in the help message
Fix CS
[SwiftMailer] Add the SendEmail Command (for the spool)
* weaverryan/config_definition_changes:
[SecurityBundle] Allowing the main Configuration tree to allow "factories" without a validation exception.
[SecurityBundle] Removing an old configuration key in a test - caught by the Configuration validation.
[SecurityBundle] Adding the ignoreExtraFields option to the factories tree so that there aren't validation errors on all the other unknown fields.
[Config] Adding an ignoreExtraKeys options, which allows you to let options simply be ignore without throwing a validation exception.
[Config] Reverting some meaningless changes that are no longer needed to minimize the true diff of the changes. Increasing the test precision.
[Config] Reverting the preventExtraKeys option. This is a revert of functionality that would have allowed "unnamed" children to be added to an array node.
[Config] Moving the removal of the key attribute on ArrayNode onto the setKeyAttribute() method per Johannes.
[Config] Renaming the key attribute removal property for consistency per Johannes' recommendation. Also fixing a PHPDoc typo per Stof.
[SwiftmailerBundle] Removing unnecessary "enabled" key in a test.
[FrameworkBundle] Removing the "namespace" key when it's defined in its own weird location in XML. This prevents that key, which we move in this same location, from looking like an invalid option during validation.
[Config] Renaming NodeBuilder::nodeBuilder() to NodeBuilder::builder() due to the fact that PHP can get confused when you have a __construct() method *and* a method that has the same name as the class (looks like two constructors to PHP).
[Config] Making the option to remove a key attribute optional.
[Config] Renaming the NodeBuilder::addNodeBuilder() to simply NodeBuilder::nodeBuilder() to be consistent with the other names: node(), arrayNode().
[Config] Making changes per the recent movement of the Config builder into the Config component.
[DependencyInjection] Renaming allowUnnamedChildren to preventExtraKeys. Also moved the place where validation of extra configs occurs.
[DependencyInjection] Being sure to remove XML-remapped singular options and key attribute options after processing.
[DependencyInjection] Adding a NodeBuilder::addNodeBuilder() method that helps achieve a fluid interface when a pre-built NodeBuilder needs to be added.
[DependencyInjection] Initial implementation of an allowUnnamedChildren method on NodeBuilder. Also added an "extra field" exception.
The main tree doesn't actually process the factories (that's done in an earlier step), so it doesn't actually need their real value. It does, however, need to *not* throw an exception when they're present. An alternative to this approach would be to call ignoreExtraKeys() on the root node of the main tree, but this would allow extra keys to be passed in at the root level, which I thought was a less-desirable solution.
Added config fixtures in each format to demonstrate the possible styles of all of the extension options. These should all be covered by the updated tests. Made XSD slightly more restrictive, with regards to the "type" attribute on globals. This is coupled with validation in the configuration class.
I double-checked with Stof - this is obviously unnecessary and there was no meaning behind including it. This caused the test to fail with the new validation.
Note that this commit removes the built-in support for MongoDB user providers.
This code can be moved back in once there is a stable release for MongoDB, but
for now you have to set-up that user provider just like you would set-up any
custom user provider:
security:
providers:
document_provider:
id: my.mongo.provider
How to upgrade?
For XML configuration files:
* All extensions should now use the config tag (this is just a convention as
the YAML configurations files do not use it anymore):
* The previous change means that the doctrine and security bundles now are
wrapped under a main "config" tag:
<doctrine:config>
<doctrine:orm />
<doctrine:dbal />
</doctrine:config>
<security:config>
<security:acl />
...
</security:config>
For YAML configuration files:
* The main keys have been renamed as follows:
* assetic:config -> assetic
* app:config -> framework
* webprofiler:config -> web_profiler
* doctrine_odm.mongodb -> doctrine_mongo_db
* doctrine:orm -> doctrine: { orm: ... }
* doctrine:dbal -> doctrine: { dbal: ... }
* security:config -> security
* security:acl -> security: { acl: ... }
* twig.config -> twig
* zend.config -> zend
This allows for better conventions and better error messages if you
use the wrong configuration alias in a config file.
This is also the first step for a bigger refactoring of how the configuration
works (see next commits).
* Bundle::registerExtensions() method has been renamed to Bundle::build()
* The "main" DIC extension must be renamed to the new convention to be
automatically registered:
SensioBlogBundle -> DependencyInjection\SensioBlogExtension
* The main DIC extension alias must follow the convention:
sensio_blog for SensioBlogBundle
* If you have more than one extension for a bundle (which should really
never be the case), they must be registered manually by overriding the
build() method
* If you use YAML or PHP for your configuration, renamed the following
configuration entry points in your configs:
app -> framework
webprofiler -> web_profiler
doctrine_odm -> doctrine_mongo_db
* Added the --format parameter to the InitBundleCommand.php file
* Moved all the non-format-dependent files from Resources/skeleton/bundle to Resources/skeleton/bundle/generic
* Created Resources/skeleton/bundle/[php,yml,xml] subfolders containing the files config/routing.[xml,yml,php]
The custom error page is now disabled by default as this would throw an
exception if the /access_denied url does not match a route.
This commit also remove the old parameter for this url which is not used
anymore in the code.
Moved the default value to the Configuration class
* Remove redundant null/true equivalent array() values for array nodes
* Profiler matcher should not be deep merged; subsequent configs can simply overwrite its array
* Per lsmith's suggestion, change "isset(x) && x" to "!empty(x)"
* Templating engines node should be required, which is necessary to ensure requiresAtLeastOneElement() applies to its prototype children
In routing files, import statements allow an optional "type" option to hint the resources' type (e.g. for ambiguous file extensions). This adds the same type option to the FrameworkExtension config, which defines the main routing resource.
This reverts commit f53080860a.
Revert "[Router] config fixes"
This reverts commit 51beecc6f2.
Revert "moved duplicated files to a new Config component"
This reverts commit a8ec9b27f0.
