diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
forked from https://github.com/symfony/symfony
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
8,871 Commits 24 Branches 563 Tags 228 MiB
PHP 98.7%
Twig 1.1%
CSS 0.1%
1aaf5c9423
Go to file
Fabien Potencier 1aaf5c9423 merged branch marcw/patch-security-refresh-user (PR #3402) 
Commits
-------

10947cb [DoctrineBridge][Security] Fixes bug that prevents repository's refreshUser from being called

Discussion
----------

[Security][DoctrineBridge] Fixes bug that prevents repository's refreshUser from being called

---------------------------------------------------------------------------

by marcw at 2012-02-21T08:46:09Z

Updated. What do you guys think about this patch ?

---------------------------------------------------------------------------

by henrikbjorn at 2012-02-21T08:57:47Z

Isnt this a bit dangerous, the custom repository implementing refreshUser should always be called first right? You wouldnt specify the $property property if your class has custom implementations would you?

---------------------------------------------------------------------------

by marcw at 2012-02-21T09:05:08Z

@henrikbjorn At this time, the refreshUser method is never called from the custom repository, even if you don't specify the "property" property. This patch fixes this.

---------------------------------------------------------------------------

by marcw at 2012-02-21T09:44:06Z

Updated & Squashed.

---------------------------------------------------------------------------

by stof at 2012-02-21T10:03:33Z

@marcw please move the retrieval of the id in the ``else`` block, like in my comment as it is useless to do this logic for the case where the userProviderInterface is implemented (and it will answer to @vicb by making it impossible to write it with elseif)

---------------------------------------------------------------------------

by marcw at 2012-02-21T10:19:06Z

I'm not sure about this, but Isn't the check of the id essential here to ensure that the entity is a persisted one ?

---------------------------------------------------------------------------

by stof at 2012-02-21T10:21:55Z

@marcw if the interface is used, it means that the user wants to do the work himself. So you should really let him do the way he wants. If he does not use the id to refresh the user, he could choose not to include it in the serialized data.
Retrieving the id is needed for the ``find()`` call because we pass the id as argument and so we fail when the serialized data don't contain it

---------------------------------------------------------------------------

by marcw at 2012-02-21T10:33:30Z

@stof Roger that. I'll do the fix.

---------------------------------------------------------------------------

by marcw at 2012-02-21T10:41:58Z

Updated & Squashed, again.

---------------------------------------------------------------------------

by stof at 2012-02-21T11:00:44Z

btw, to answer to your previous question, the exception when retrieving the id does not check if the object is persisted (you need to reach teh DB for this, which is what find() does) but that the id is part of the serialized data to give a better error reporting.

---------------------------------------------------------------------------

by fabpot at 2012-03-07T19:39:33Z

ready to be merged now?

---------------------------------------------------------------------------

by henrikbjorn at 2012-03-08T07:21:37Z

would say so.

---------------------------------------------------------------------------

by dlsniper at 2012-03-25T11:58:34Z

Hi, can this be merged now or not?
2012-03-26 09:36:13 +02:00
src/Symfony merged branch marcw/patch-security-refresh-user (PR #3402) 2012-03-26 09:36:13 +02:00
tests [HttpFoundation] fixed a test 2012-03-23 18:01:05 +01:00
.gitignore Added vendor directory to .gitignore 2010-06-24 10:44:28 +02:00
.travis.yml also test PHP 5.3.2, since this is the official lowest supported PHP version 2011-12-26 01:15:21 +01:00
autoload.php.dist fixed code coverage raport generation 2012-03-16 15:28:27 +01:00
CHANGELOG-2.0.md updated CHANGELOG for 2.0.12 2012-03-19 00:56:33 +01:00
CHANGELOG-2.1.md merged branch drak/session_flashmessages (PR #3267) 2012-03-23 17:58:09 +01:00
check_cs [Check CS] don't replace 'else if' on twig files (closes #2961) 2011-12-27 16:10:32 +01:00
composer.json fixed typos in composer file 2012-03-15 11:15:25 +01:00
CONTRIBUTORS.md update CONTRIBUTORS for 2.0.12 2012-03-19 00:57:27 +01:00
LICENSE Updated LICENSE files copyright 2012-02-22 10:10:37 +01:00
phpunit.xml.dist Ignore destructive memcached tests by default 2012-02-24 13:37:42 +01:00
README.md set travis-ci icon to master 2011-11-23 11:36:09 +01:00
UPGRADE-2.1.md typo fix in upgrading guide 2012-03-25 18:27:20 -03:00
vendors.php updated vendors for 2.0.12 2012-03-19 00:53:37 +01:00

README.md

README

Build Status

What is Symfony2?

Symfony2 is a PHP 5.3 full-stack web framework. It is written with speed and flexibility in mind. It allows developers to build better and easy to maintain websites with PHP.

Symfony can be used to develop all kind of websites, from your personal blog to high traffic ones like Dailymotion or Yahoo! Answers.

Requirements

Symfony2 is only supported on PHP 5.3.2 and up.

Installation

The best way to install Symfony2 is to download the Symfony Standard Edition available at http://symfony.com/download.

Documentation

The "Quick Tour" tutorial gives you a first feeling of the framework. If, like us, you think that Symfony2 can help speed up your development and take the quality of your work to the next level, read the official Symfony2 documentation.

Contributing

Symfony2 is an open source, community-driven project. If you'd like to contribute, please read the Contributing Code part of the documentation. If you're submitting a pull request, please follow the guidelines in the Submitting a Patch section.