diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,526 Commits 24 Branches 563 Tags 228 MiB
9a090bc37d
Commit Graph

100 Commits

Author SHA1 Message Date
Fabien Potencier
2b5d4b90d8 merged 2.0 2011-11-24 07:16:52 +01:00
Fabien Potencier
5878490b16 removed unused use statements 2011-11-24 07:16:14 +01:00
Fabien Potencier
bd708247f0 merged 2.0 2011-11-17 07:00:22 +01:00
Christophe Coevoet
58c227681e Skipped tests when PDO is not available 2011-11-14 18:39:47 +01:00
Fabien Potencier
1340ea67a6 Merge branch '2.0' 
* 2.0:
  [HttpKernel] fixed Content-Length header when using ESI tags (closes #2623)
  [HttpFoundation] added an exception to MimeTypeGuesser::guess() when no guesser are available (closes #2636)
  [Security] fixed HttpUtils::checkRequestPath() to not catch all exceptions (closes #2637)
  [DoctrineBundle] added missing default parameters, needed to setup and use DBAL without ORM
  [Transation] Fix grammar.
  [TwigBundle] Fix trace to not show 'in at line' when file/line are empty.
 2011-11-14 14:32:22 +01:00
Fabien Potencier
0462a89562 [Security] fixed HttpUtils::checkRequestPath() to not catch all exceptions (closes #2637) 2011-11-14 13:10:32 +01:00
Fabien Potencier
8d9ea7c1ce merged branch dpb587/patch-sectok (PR #2414) 
Commits
-------

ab9caa0 [Security] Check for request's session before attempting writes.
dabff0e [Security] Support removing tokens from a session.

Discussion
----------

[Security] Support removing tokens from a session.

Currently there is no way to remove a session's security token without invalidating the entire session and all its data (the ContextListener will only update the session if a token is non-null and non-anonymous). This patch fixes that.

I consider this a bug and I found no tests to prove otherwise. Let me know if I'm mistaken. Originally mentioned at https://groups.google.com/d/topic/symfony-devs/ojLvh0WUbfo/discussion

Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -

---------------------------------------------------------------------------

by ms937 at 2011/10/24 05:19:21 -0700

This change looks good to me. In fact I'm using similar patch in my app and it works as intended. Also, several other people requested this on the mailing list. Could someone from Symfony team merge this? Thanks.
 2011-11-07 23:19:37 +01:00
Fabien Potencier
a7296e7c84 [Security] made exceptions thrown by the user checker and the checkAuthentication() method use the hideUserNotFoundExceptions flag 2011-11-07 22:43:16 +01:00
Fabien Potencier
8a62e3249f merged 2.0 2011-11-01 12:32:44 +01:00
Henrik Westphal
dec1858223 Fixed typo 2011-10-31 09:00:49 +01:00
Fabien Potencier
dec43f5539 merged 2.0 2011-10-29 12:01:39 +02:00
Fabien Potencier
851eb73778 removed unused use statements 2011-10-29 11:56:30 +02:00
Danny Berger
ab9caa0a61 [Security] Check for request's session before attempting writes. 2011-10-25 14:19:34 -04:00
Danny Berger
dabff0e4d5 [Security] Support removing tokens from a session. 2011-10-14 20:27:53 -04:00
Fabien Potencier
885bb33791 merged 2.0 2011-09-28 16:08:31 +02:00
Fabien Potencier
b4028350d2 [HttpFoundation] standardized cookie paths (an empty path is equivalent to /) 2011-09-28 10:49:50 +02:00
H. Westphal
3e2f1a4b13 Removed executable bits from all php files 2011-09-09 15:16:17 +02:00
H. Westphal
a0a97c6a22 Removed executable bits from all php files 2011-09-07 22:51:20 +02:00
stloyd
838237dc32 [Tests] Use proper phpunit assertion functions: "assertTrue", "assertFalse", "assertNull" 2011-08-25 15:41:15 +02:00
Fabien Potencier
277d75b7ce [Security] added a unit test for previous merge 2011-08-23 08:52:50 +02:00
Johannes Schmitt
f300edebe4 fixes several bugs 2011-07-19 16:21:58 +02:00
Johannes Schmitt
b7c4806a5a [Security] fixes #1329 2011-07-13 18:10:58 +02:00
Francis Besset
f91f4dda13 Added the possibility to set cookies with the same name for different domains and paths for Symfony\Component\HttpFoundation\ResponseHeaderBag 
ResponseHeaderBag::hasCookie() and ResponseHeaderBag::getCookie() were removed
 2011-07-11 23:03:26 +02:00
Fabien Potencier
2f51bc3ef3 [Security] fixed tests 2011-07-11 08:28:02 +02:00
Fabien Potencier
4f8a98033a [Security] removed a hack 2011-07-05 11:00:08 +02:00
Fabien Potencier
cc03b73253 merged branch Herzult/testSecurity (PR #1447) 
Commits
-------

164aea4 [Security] Add tests for the channel listener
d51cbc0 [Security] Remove useless attribute in basic authentication listener & test it
91e6dc9 [Security] Add tests for the anonymous authentication listener
3c2affb [Security] Update access listener constructor's prototype and add tests
81afd77 [Security] Add tests for the firewall map
aa6ae33 [Security] Remove useless attribute & var in firewall

Discussion
----------

Test security

---------------------------------------------------------------------------

by lsmith77 at 2011/06/29 13:41:07 -0700

@schmittjoh is probably the person to review this change ..
 2011-07-04 12:47:32 +02:00
Antoine Hérault
164aea448a [Security] Add tests for the channel listener 2011-06-26 11:56:08 +02:00
Antoine Hérault
d51cbc09b4 [Security] Remove useless attribute in basic authentication listener & test it 2011-06-26 11:29:43 +02:00
Antoine Hérault
91e6dc9fef [Security] Add tests for the anonymous authentication listener 2011-06-26 11:28:17 +02:00
Antoine Hérault
3c2affb7e7 [Security] Update access listener constructor's prototype and add tests 2011-06-26 10:28:10 +02:00
Antoine Hérault
81afd77ed9 [Security] Add tests for the firewall map 2011-06-26 00:26:42 +02:00
Antoine Hérault
aa6ae33765 [Security] Remove useless attribute & var in firewall 2011-06-25 19:04:35 +02:00
Antoine Hérault
e43cd206b0 [Security] Fix http retry authentication entry point 2011-06-25 18:19:13 +02:00
Antoine Hérault
cb3ad8bb79 [Security] Fix http form authentication entry point 2011-06-25 18:01:08 +02:00
Antoine Hérault
1dfb637858 [Security] Fix http digest authentication entry point 2011-06-25 17:43:23 +02:00
Antoine Hérault
920a209bbc [Security] Fix http basic authentication entry point 2011-06-25 17:15:23 +02:00
Fabien Potencier
1436d8dab7 [Security] added an HttpUtils class to manage logic related to Requests and Responses 
This change removes the need for the {_locale} hack.
Now, all paths in the Security component can be:

* An absolute path (/login)
* An absolute URL (http://symfony.com/login)
* A route name (login)

So, if you want to use a path that includes a global parameter (like _locale),
use a route instead of a path.
 2011-06-22 14:47:19 +02:00
Fabien Potencier
fa9b920051 [Security] renamed UserProviderInterface::loadUser() to refreshUser() 2011-06-16 18:00:36 +02:00
Pascal Borreli
f5eaa404c7 [Tests] Fixed typos 2011-06-12 20:52:53 +00:00
Fabien Potencier
17cd08dc6c fixed CS 2011-06-08 19:56:59 +02:00
Fabien Potencier
65200aa86a added missing license headers 2011-05-31 10:57:06 +02:00
Johannes M. Schmitt
bac3ee86f9 [Security] fixes a regression in the AclVoter 2011-05-30 10:04:46 +02:00
Johannes Schmitt
53f5c23c8f [Security/Acl] small voter refactoring 2011-05-18 12:48:50 +02:00
Johannes Schmitt
fa0ef500ae [Tests] updated invalid use statement 2011-05-16 11:57:12 +02:00
Johannes Schmitt
48dc85dc43 [Security/Acl] fixes #853 2011-05-14 14:19:55 +02:00
Brikou CARRE
e898445b94 removed empty lines/trailing spaces 2011-04-15 21:12:02 +02:00
Fabien Potencier
66c4bc727c [HttpFoundation] renamed Cookie::getExpire() to getExpiresTime() to be consistent with the DomCrawler component 2011-04-13 20:10:39 +02:00
Gustavo Adrian
2e96f2c63d Fixed exception that was thrown while updating a field ACE 2011-04-05 13:05:20 -03:00
Gustavo Adrian
bedbe51081 [Security] ACL: AclVoter::vote only gets an ObjectIdentity if $object is not an instance of ObjectIdentityInterface 2011-03-24 21:54:21 -03:00
hhamon
230b3fff53 added unit tests for User::equals() method 2011-03-21 09:26:09 +01:00