Skip to content

Commit d40820b

Browse files
committed
Merge branch '3.4'
2 parents af9e253 + bc84304 commit d40820b

File tree

60 files changed

+250
-117
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+250
-117
lines changed

UPGRADE-3.4.md

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -205,6 +205,24 @@ FrameworkBundle
205205
`TranslationDebugCommand`, `TranslationUpdateCommand`, `XliffLintCommand`
206206
and `YamlLintCommand` classes have been marked as final
207207

208+
HttpFoundation
209+
--------------
210+
211+
* The `Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeSessionHandler`
212+
class has been deprecated and will be removed in 4.0. Use the `\SessionHandler` class instead.
213+
214+
* The `Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy` class has been
215+
deprecated and will be removed in 4.0. Use your `\SessionHandlerInterface` implementation directly.
216+
217+
* The `Symfony\Component\HttpFoundation\Session\Storage\Proxy\NativeProxy` class has been
218+
deprecated and will be removed in 4.0. Use your `\SessionHandlerInterface` implementation directly.
219+
220+
* The `Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy` class has been
221+
deprecated and will be removed in 4.0. Use your `\SessionHandlerInterface` implementation directly.
222+
223+
* `NativeSessionStorage::setSaveHandler()` now takes an instance of `\SessionHandlerInterface` as argument.
224+
Not passing it is deprecated and will throw a `TypeError` in 4.0.
225+
208226
HttpKernel
209227
----------
210228

@@ -269,6 +287,10 @@ SecurityBundle
269287
as first argument. Not passing it is deprecated and will throw a `TypeError`
270288
in 4.0.
271289

290+
* Added `logout_on_user_change` to the firewall options. This config item will
291+
trigger a logout when the user has changed. Should be set to true to avoid
292+
deprecations in the configuration.
293+
272294
Translation
273295
-----------
274296

UPGRADE-4.0.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -524,6 +524,13 @@ HttpFoundation
524524
* The ability to check only for cacheable HTTP methods using `Request::isMethodSafe()` is
525525
not supported anymore, use `Request::isMethodCacheable()` instead.
526526

527+
* The `Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeSessionHandler`,
528+
`Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy`,
529+
`Symfony\Component\HttpFoundation\Session\Storage\Proxy\NativeProxy` and
530+
`Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy` classes have been removed.
531+
532+
* `NativeSessionStorage::setSaveHandler()` now requires an instance of `\SessionHandlerInterface` as argument.
533+
527534
HttpKernel
528535
----------
529536

@@ -642,6 +649,9 @@ Security
642649

643650
* Support for defining voters that don't implement the `VoterInterface` has been removed.
644651

652+
* Calling `ContextListener::setLogoutOnUserChange(false)` won't have any
653+
effect anymore.
654+
645655
SecurityBundle
646656
--------------
647657

@@ -660,6 +670,9 @@ SecurityBundle
660670
`Symfony\Component\Security\Acl\Model\MutableAclProviderInterfaceConnection`
661671
as first argument.
662672

673+
* The firewall option `logout_on_user_change` is now always true, which will
674+
trigger a logout if the user changes between requests.
675+
663676
Serializer
664677
----------
665678

src/Symfony/Bridge/Twig/Tests/AppVariableTest.php

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -47,8 +47,9 @@ public function testEnvironment()
4747

4848
public function testGetSession()
4949
{
50+
$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();
5051
$request = $this->getMockBuilder('Symfony\Component\HttpFoundation\Request')->getMock();
51-
$request->method('getSession')->willReturn($session = new Session());
52+
$request->method('getSession')->willReturn($session);
5253

5354
$this->setRequestStack($request);
5455

@@ -167,8 +168,9 @@ public function testGetFlashesWithNoRequest()
167168

168169
public function testGetFlashesWithNoSessionStarted()
169170
{
171+
$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();
170172
$request = $this->getMockBuilder('Symfony\Component\HttpFoundation\Request')->getMock();
171-
$request->method('getSession')->willReturn(new Session());
173+
$request->method('getSession')->willReturn($session);
172174

173175
$this->setRequestStack($request);
174176

@@ -257,7 +259,7 @@ private function setFlashMessages()
257259
$flashBag = new FlashBag();
258260
$flashBag->initialize($flashMessages);
259261

260-
$session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\Session')->getMock();
262+
$session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\Session')->disableOriginalConstructor()->getMock();
261263
$session->method('isStarted')->willReturn(true);
262264
$session->method('getFlashBag')->willReturn($flashBag);
263265

src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@
3838
</service>
3939

4040
<service id="session.flash_bag" class="Symfony\Component\HttpFoundation\Session\Flash\FlashBag" />
41+
<service id="Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface" alias="session.flash_bag" />
4142

4243
<service id="session.attribute_bag" class="Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag" />
4344

src/Symfony/Bundle/FrameworkBundle/Tests/Controller/ControllerTraitTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -376,7 +376,7 @@ public function testRedirectToRoute()
376376
public function testAddFlash()
377377
{
378378
$flashBag = new FlashBag();
379-
$session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\Session')->getMock();
379+
$session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\Session')->disableOriginalConstructor()->getMock();
380380
$session->expects($this->once())->method('getFlashBag')->willReturn($flashBag);
381381

382382
$container = new Container();

src/Symfony/Bundle/SecurityBundle/CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,9 @@ CHANGELOG
2222
* `SetAclCommand::__construct()` now takes an instance of
2323
`Symfony\Component\Security\Acl\Model\MutableAclProviderInterfaceConnection`
2424
as first argument
25+
* Added `logout_on_user_change` to the firewall options. This config item will
26+
trigger a logout when the user has changed. Should be set to true to avoid
27+
deprecations in the configuration.
2528

2629
3.3.0
2730
-----

src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -252,6 +252,10 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
252252
->scalarNode('provider')->end()
253253
->booleanNode('stateless')->defaultFalse()->end()
254254
->scalarNode('context')->cannotBeEmpty()->end()
255+
->booleanNode('logout_on_user_change')
256+
->defaultFalse()
257+
->info('When true, it will trigger a logout for the user if something has changed. This will be the default behavior as of Syfmony 4.0.')
258+
->end()
255259
->arrayNode('logout')
256260
->treatTrueLike(array())
257261
->canBeUnset()
@@ -340,6 +344,17 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
340344
return $firewall;
341345
})
342346
->end()
347+
->validate()
348+
->ifTrue(function ($v) {
349+
return (isset($v['stateless']) && true === $v['stateless']) || (isset($v['security']) && false === $v['security']);
350+
})
351+
->then(function ($v) {
352+
// this option doesn't change behavior when true when stateless, so prevent deprecations
353+
$v['logout_on_user_change'] = true;
354+
355+
return $v;
356+
})
357+
->end()
343358
;
344359
}
345360

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -228,14 +228,14 @@ private function createFirewalls($config, ContainerBuilder $container)
228228
$providerIds = $this->createUserProviders($config, $container);
229229

230230
// make the ContextListener aware of the configured user providers
231-
$definition = $container->getDefinition('security.context_listener');
232-
$arguments = $definition->getArguments();
231+
$contextListenerDefinition = $container->getDefinition('security.context_listener');
232+
$arguments = $contextListenerDefinition->getArguments();
233233
$userProviders = array();
234234
foreach ($providerIds as $userProviderId) {
235235
$userProviders[] = new Reference($userProviderId);
236236
}
237237
$arguments[1] = new IteratorArgument($userProviders);
238-
$definition->setArguments($arguments);
238+
$contextListenerDefinition->setArguments($arguments);
239239

240240
$customUserChecker = false;
241241

@@ -247,6 +247,12 @@ private function createFirewalls($config, ContainerBuilder $container)
247247
$customUserChecker = true;
248248
}
249249

250+
if (!isset($firewall['logout_on_user_change']) || !$firewall['logout_on_user_change']) {
251+
@trigger_error('Setting logout_on_user_change to false is deprecated as of 3.4 and will always be true in 4.0. Set logout_on_user_change to true in your firewall configuration.', E_USER_DEPRECATED);
252+
}
253+
254+
$contextListenerDefinition->addMethodCall('setLogoutOnUserChange', array($firewall['logout_on_user_change']));
255+
250256
$configId = 'security.firewall.map.config.'.$name;
251257

252258
list($matcher, $listeners, $exceptionListener) = $this->createFirewall($container, $name, $firewall, $authenticationProviders, $providerIds, $configId);

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,18 +73,21 @@
7373
'logout' => true,
7474
'remember_me' => array('secret' => 'TheSecret'),
7575
'user_checker' => null,
76+
'logout_on_user_change' => true,
7677
),
7778
'host' => array(
7879
'pattern' => '/test',
7980
'host' => 'foo\\.example\\.org',
8081
'methods' => array('GET', 'POST'),
8182
'anonymous' => true,
8283
'http_basic' => true,
84+
'logout_on_user_change' => true,
8385
),
8486
'with_user_checker' => array(
8587
'user_checker' => 'app.user_checker',
8688
'anonymous' => true,
8789
'http_basic' => true,
90+
'logout_on_user_change' => true,
8891
),
8992
),
9093

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/firewall_provider.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,12 @@
1515
'main' => array(
1616
'provider' => 'default',
1717
'form_login' => true,
18+
'logout_on_user_change' => true,
1819
),
1920
'other' => array(
2021
'provider' => 'with-dash',
2122
'form_login' => true,
23+
'logout_on_user_change' => true,
2224
),
2325
),
2426
));

0 commit comments

Comments
 (0)