8000 Merge branch '3.4' into 4.4 · symfony/symfony-docs@2ac7b57 · GitHub
[go: up one dir, main page]
Skip to content

Commit 2ac7b57

Browse files
HeahDudeHeahDude
committed
Merge branch '3.4' into 4.4
* 3.4: Replace deprecated ObjectManager [Security] renamed memory provider [Security] Various minor fixes in XML config
1 parent 2126435 commit 2ac7b57

File tree

15 files changed

+77
-73
lines changed

15 files changed

+77
-73
lines changed

doctrine.rst

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -522,8 +522,8 @@ be able to go to ``/product/1`` to see your new product::
522522
// in the template, print things with {{ product.name }}
523523
// return $this->render('product/show.html.twig', ['product' => $product]);
524524
}
525-
526-
Another possibility is to use the ``ProductRepository`` using Symfony's autowiring
525+
526+
Another possibility is to use the ``ProductRepository`` using Symfony's autowiring
527527
and injected by the dependency injection container::
528528

529529
// src/Controller/ProductController.php
@@ -537,7 +537,7 @@ and injected by the dependency injection container::
537537
{
538538
$product = $productRepository
539539
->find($id);
540-
540+
541541
// ...
542542
}
543543

@@ -691,7 +691,7 @@ But what if you need a more complex query? When you generated your entity with
691691

692692
use App\Entity\Product;
693693
use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
694-
use Doctrine\Common\Persistence\ManagerRegistry;
694+
use Doctrine\Persistence\ManagerRegistry;
695695

696696
class ProductRepository extends ServiceEntityRepository
697697
{

doctrine/events.rst

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -124,7 +124,7 @@ do so, define a listener for the ``postPersist`` Doctrine event::
124124
namespace App\EventListener;
125125

126126
use App\Entity\Product;
127-
use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
127+
use Doctrine\Persistence\Event\LifecycleEventArgs;
128128

129129
class SearchIndexer
130130
{
@@ -233,7 +233,7 @@ define a listener for the ``postUpdate`` Doctrine event::
233233
namespace App\EventListener;
234234

235235
use App\Entity\User;
236-
use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
236+
use Doctrine\Persistence\Event\LifecycleEventArgs;
237237

238238
class UserChangedNotifier
239239
{
@@ -348,8 +348,8 @@ want to log all the database activity. To do so, define a subscriber for the
348348

349349
use App\Entity\Product;
350350
use Doctrine\Common\EventSubscriber;
351-
use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
352351
use Doctrine\ORM\Events;
352+
use Doctrine\Persistence\Event\LifecycleEventArgs;
353353

354354
class DatabaseActivitySubscriber implements EventSubscriber
355355
{

form/data_transformers.rst

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ How to Use Data Transformers
77
Data transformers are used to translate the data for a field into a format that can
88
be displayed in a form (and back on submit). They're already used internally for
99
many field types. For example, the :doc:`DateType </reference/forms/types/date>` field
10-
can be rendered as a ``yyyy-MM-dd``-formatted input textbox. Internally, a data transformer
10+
can be rendered as a ``yyyy-MM-dd``-formatted input text box. Internally, a data transformer
1111
converts the starting ``DateTime`` value of the field into the ``yyyy-MM-dd`` string
1212
to render the form, and then back into a ``DateTime`` object on submit.
1313

@@ -56,7 +56,7 @@ Suppose you have a Task form with a tags ``text`` type::
5656
}
5757

5858
Internally the ``tags`` are stored as an array, but displayed to the user as a
59-
comma separated string to make them easier to edit.
59+
simple comma separated string to make them easier to edit.
6060

6161
This is a *perfect* time to attach a custom data transformer to the ``tags``
6262
field. The easiest way to do this is with the :class:`Symfony\\Component\\Form\\CallbackTransformer`
@@ -119,9 +119,9 @@ Harder Example: Transforming an Issue Number into an Issue Entity
119119
-----------------------------------------------------------------
120120

121121
Say you have a many-to-one relation from the Task entity to an Issue entity (i.e. each
122-
Task has an optional foreign key to its related Issue). Adding a listbox with all
122+
Task has an optional foreign key to its related Issue). Adding a list box with all
123123
possible issues could eventually get *really* long and take a long time to load.
124-
Instead, you decide you want to add a textbox, where the user can enter the
124+
Instead, you decide you want to add a text box, where the user can enter the
125125
issue number.
126126

127127
Start by setting up the text field like normal::
@@ -380,7 +380,6 @@ First, create the custom field type class::
380380
namespace App\Form;
381381

382382
use App\Form\DataTransformer\IssueToNumberTransformer;
383-
use Doctrine\Common\Persistence\ObjectManager;
384383
use Symfony\Component\Form\AbstractType;
385384
use Symfony\Component\Form\Extension\Core\Type\TextType;
386385
use Symfony\Component\Form\FormBuilderInterface;

form/unit_testing.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ make sure the ``FormRegistry`` uses the created instance::
135135
namespace App\Tests\Form\Type;
136136

137137
use App\Form\Type\TestedType;
138-
use Doctrine\Common\Persistence\ObjectManager;
138+
use Doctrine\Persistence\ObjectManager;
139139
use Symfony\Component\Form\PreloadedExtension;
140140
use Symfony\Component\Form\Test\TypeTestCase;
141141
// ...

reference/forms/types/entity.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -208,7 +208,7 @@ or the short alias name (as shown prior).
208208
``em``
209209
~~~~~~
210210

211-
**type**: ``string`` | ``Doctrine\Common\Persistence\ObjectManager`` **default**: the default entity manager
211+
**type**: ``string`` | ``Doctrine\Persistence\ObjectManager`` **default**: the default entity manager
212212

213213
If specified, this entity manager will be used to load the choices
214214
instead of the ``default`` entity manager.

security.rst

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -153,11 +153,13 @@ command will pre-configure this for you:
153153
.. code-block:: php
154154
155155
// config/packages/security.php
156+
use App\Entity\User;
157+
156158
$container->loadFromExtension('security', [
157159
// ...
158160
159161
'encoders' => [
160-
'App\Entity\User' => [
162+
User::class => [
161163
'algorithm' => 'auto',
162164
'cost' => 12,
163165
]
@@ -257,7 +259,7 @@ important section is ``firewalls``:
257259
security="false"/>
258260
259261
<firewall name="main">
260-
<anonymous/>
262+
<anonymous lazy="true"/>
261263
</firewall>
262264
</config>
263265
</srv:container>
@@ -268,11 +270,11 @@ important section is ``firewalls``:
268270
$container->loadFromExtension('security', [
269271
'firewalls' => [
270272
'dev' => [
271-
'pattern' => '^/(_(profiler|wdt)|css|images|js)/',
272-
'security' => false,
273+
'pattern' => '^/(_(profiler|wdt)|css|images|js)/',
274+
'security' => false,
273275
),
274276
'main' => [
275-
'anonymous' => null,
277+
'anonymous' => 'lazy',
276278
],
277279
],
278280
]);

security/custom_authentication_provider.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -168,7 +168,7 @@ the value returned for the expected WSSE information, creates a token using
168168
that information, and passes the token on to the authentication manager. If
169169
the proper information is not provided, or the authentication manager throws
170170
an :class:`Symfony\\Component\\Security\\Core\\Exception\\AuthenticationException`,
171-
a 403 Response is returned.
171+
a 401 Response is returned.
172172

173173
.. note::
174174

@@ -184,7 +184,7 @@ a 403 Response is returned.
184184

185185
Returning prematurely from the listener is relevant only if you want to chain
186186
authentication providers (for example to allow anonymous users). If you want
187-
to forbid access to anonymous users and have a nice 403 error, you should set
187+
to forbid access to anonymous users and have a 404 error, you should set
188188
the status code of the response before returning.
189189

190190
The Authentication Provider

security/force_https.rst

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -41,14 +41,16 @@ access control:
4141
<config>
4242
<!-- ... -->
4343
44-
<rule path="^/secure" role="ROLE_ADMIN" requires_channel="https"/>
44+
<rule path="^/secure"
45+
role="ROLE_ADMIN"
46+
requires-channel="https"/>
4547
<rule path="^/login"
4648
role="IS_AUTHENTICATED_ANONYMOUSLY"
47-
requires_channel="https"
49+
requires-channel="https"
4850
/>
4951
<rule path="^/"
5052
role="IS_AUTHENTICATED_ANONYMOUSLY"
51-
requires_channel="https"
53+
requires-channel="https"
5254
/>
5355
</config>
5456
</srv:container>

security/guard_authentication.rst

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -100,22 +100,20 @@ This requires you to implement several methods::
100100
*/
101101
public function getCredentials(Request $request)
102102
{
103-
return [
104-
'token' => $request->headers->get('X-AUTH-TOKEN'),
105-
];
103+
return $request->headers->get('X-AUTH-TOKEN');
106104
}
107105

108106
public function getUser($credentials, UserProviderInterface $userProvider)
109107
{
110-
$apiToken = $credentials['token'];
111-
112-
if (null === $apiToken) {
108+
if (null === $credentials) {
109+
// The token header was empty, authentication fails with 401
113110
return;
114111
}
115112

116-
// if a User object, checkCredentials() is called
113+
// if a User is returned, checkCredentials() is called
117114
return $this->em->getRepository(User::class)
118-
->findOneBy(['apiToken' => $apiToken]);
115+
->findOneBy(['apiToken' => $credentials])
116+
;
119117
}
120118

121119
public function checkCredentials($credentials, UserInterface $user)
@@ -136,13 +134,14 @@ This requires you to implement several methods::
136134
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
137135
{
138136
$data = [
137+
// you may ant to customize or obfuscate the message first
139138
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
140139

141140
// or to translate this message
142141
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
143142
];
144143

145-
return new JsonResponse($data, Response::HTTP_FORBIDDEN);
144+
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
146145
}
147146

148147
/**
@@ -211,10 +210,10 @@ Finally, configure your ``firewalls`` key in ``security.yaml`` to use this authe
211210
<config>
212211
<!-- ... -->
213212
214-
<firewall name="main"
215-
pattern="^/"
216-
anonymous="true"
217-
>
213+
<!-- if you want, disable storing the user in the session
214+
add 'stateless="true"' to the firewall -->
215+
<firewall name="main" pattern="^/">
216+
<anonymous/>
218217
<logout/>
219218
220219
<guard>
@@ -244,6 +243,8 @@ Finally, configure your ``firewalls`` key in ``security.yaml`` to use this authe
244243
TokenAuthenticator::class,
245244
],
246245
],
246+
// if you want, disable storing the user in the session
247+
// 'stateless' => true,
247248
// ...
248249
],
249250
],

security/json_login_setup.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -183,8 +183,8 @@ The security configuration should be:
183183
<firewall name="main">
184184
<anonymous/>
185185
<json-login check-path="login"
186-
username-path="security.credentials.login"
187-
password-path="security.credentials.password"/>
186+
username-path="security.credentials.login"
187+
password-path="security.credentials.password"/>
188188
</firewall>
189189
</config>
190190
</srv:container>

security/ldap.rst

Lines changed: 22 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -169,14 +169,12 @@ use the ``ldap`` user provider.
169169
170170
<config>
171171
<provider name="my_ldap">
172-
<ldap
173-
service="Symfony\Component\Ldap\Ldap"
174-
base-dn="dc=example,dc=com"
175-
search-dn="cn=read-only-admin,dc=example,dc=com"
176-
search-password="password"
177-
default-roles="ROLE_USER"
178-
uid-key="uid"
179-
/>
172+
<ldap service="Symfony\Component\Ldap\Ldap"
173+
base-dn="dc=example,dc=com"
174+
search-dn="cn=read-only-admin,dc=example,dc=com"
175+
search-password="password"
176+
default-roles="ROLE_USER"
177+
uid-key="uid"/>
180178
</provider>
181179
</config>
182180
</srv:container>
@@ -395,9 +393,8 @@ Configuration example for form login
395393
396394
<config>
397395
<firewall name="main">
398-
<form-login-ldap
399-
service="Symfony\Component\Ldap\Ldap"
400-
dn-string="uid={username},dc=example,dc=com"/>
396+
<form-login-ldap service="Symfony\Component\Ldap\Ldap"
397+
dn-string="uid={username},dc=example,dc=com"/>
401398
</firewall>
402399
</config>
403400
</srv:container>
@@ -432,9 +429,8 @@ Configuration example for HTTP Basic
432429
433430
firewalls:
434431
main:
435-
# ...
432+
stateless: true
436433
http_basic_ldap:
437-
# ...
438434
service: Symfony\Component\Ldap\Ldap
439435
dn_string: 'uid={username},dc=example,dc=com'
440436
@@ -449,8 +445,11 @@ Configuration example for HTTP Basic
449445
https://symfony.com/schema/dic/services/services-1.0.xsd">
450446
451447
<config>
448+
<!-- ... -->
449+
452450
<firewall name="main" stateless="true">
453-
<http-basic-ldap service="Symfony\Component\Ldap\Ldap" dn-string="uid={username},dc=example,dc=com"/>
451+
<http-basic-ldap service="Symfony\Component\Ldap\Ldap"
452+
dn-string="uid={username},dc=example,dc=com"/>
454453
</firewall>
455454
</config>
456455
</srv:container>
@@ -461,12 +460,13 @@ Configuration example for HTTP Basic
461460
use Symfony\Component\Ldap\Ldap;
462461
463462
$container->loadFromExtension('security', [
463+
// ...
464+
464465
'firewalls' => [
465466
'main' => [
466467
'http_basic_ldap' => [
467468
'service' => Ldap::class,
468469
'dn_string' => 'uid={username},dc=example,dc=com',
469-
// ...
470470
],
471471
'stateless' => true,
472472
],
@@ -488,7 +488,6 @@ Configuration example for form login and query_string
488488
main:
489489
# ...
490490
form_login_ldap:
491-
# ...
492491
service: Symfony\Component\Ldap\Ldap
493492
dn_string: 'dc=example,dc=com'
494493
query_string: '(&(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))'
@@ -507,12 +506,12 @@ Configuration example for form login and query_string
507506
508507
<config>
509508
<firewall name="main">
510-
<form-login-ldap
511-
service="Symfony\Component\Ldap\Ldap"
512-
dn-string="dc=example,dc=com"
513-
query-string="(&amp;(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))"
514-
search-dn="..."
515-
search-password="the-raw-password"/>
509+
<!-- ... -->
510+
<form-login-ldap service="Symfony\Component\Ldap\Ldap"
511+
dn-string="dc=example,dc=com"
512+
query-string="(&amp;(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))"
513+
search-dn="..."
514+
search-password="the-raw-password"/>
516515
</firewall>
517516
</config>
518517
</srv:container>
@@ -525,13 +524,13 @@ Configuration example for form login and query_string
525524
$container->loadFromExtension('security', [
526525
'firewalls' => [
527526
'main' => [
527+
// ...
528528
'form_login_ldap' => [
529529
'service' => Ldap::class,
530530
'dn_string' => 'dc=example,dc=com',
531531
'query_string' => '(&(uid={username})(memberOf=cn=users,ou=Services,dc=example,dc=com))',
532532
'search_dn' => '...',
533533
'search_password' => 'the-raw-password',
534-
// ...
535534
],
536535
],
537536
]

0 commit comments

Comments
 (0)
0