Merge branch '2.8' into 3.2

fabpot · fabpot · commit fb56bcce9834 · 2017-03-23T09:09:32.000-07:00
* 2.8: removed test that does not test anything fixed tests #21809 [SecurityBundle] bugfix: if security provider's name contains upper cases then container didn't compile [WebProfilerBundle] Fix for CSS attribute at Profiler Translation Page Set Date header in Response constructor already [Validator] fix URL validator to detect non supported chars according to RFC 3986 [Security] Fixed roles serialization on token from user object
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -554,7 +554,7 @@ private function createUserProviders($config, ContainerBuilder $container)
     // Parses a <provider> tag and returns the id for the related user provider service
     private function createUserDaoProvider($name, $provider, ContainerBuilder $container)
     {
-        $name = $this->getUserProviderId(strtolower($name));
+        $name = $this->getUserProviderId($name);
 
         // Doctrine Entity and In-memory DAO provider are managed by factories
         foreach ($this->userProviderFactories as $factory) {
@@ -578,7 +578,7 @@ private function createUserDaoProvider($name, $provider, ContainerBuilder $conta
         if (isset($provider['chain'])) {
             $providers = array();
             foreach ($provider['chain']['providers'] as $providerName) {
-                $providers[] = new Reference($this->getUserProviderId(strtolower($providerName)));
+                $providers[] = new Reference($this->getUserProviderId($providerName));
             }
 
             $container
@@ -593,7 +593,7 @@ private function createUserDaoProvider($name, $provider, ContainerBuilder $conta
 
     private function getUserProviderId($name)
     {
-        return 'security.user.provider.concrete.'.$name;
+        return 'security.user.provider.concrete.'.strtolower($name);
     }
 
     private function createExceptionListener($container, $config, $id, $defaultEntryPoint, $stateless)
diff --git a/src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/translation.html.twig b/src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/translation.html.twig
@@ -169,10 +169,10 @@
         {% for message in messages %}
             <tr>
                 <td class="font-normal text-small">{{ message.locale }}</td>
-                <td class="font-normal text-small text-bold">{{ message.domain }}</td>
+                <td class="font-normal text-small text-bold nowrap">{{ message.domain }}</td>
                 <td class="font-normal text-small">{{ message.count }}</td>
                 <td>
-                    {{ message.id }}
+                    <span class="nowrap">{{ message.id }}</span>
 
                     {% if message.transChoiceNumber is not null %}
                         <small class="newline">(pluralization is used)</small>
@@ -188,7 +188,7 @@
                         </div>
                     {% endif %}
                 </td>
-                <td>{{ message.translation }}</td>
+                <td class="prewrap">{{ message.translation }}</td>
             </tr>
         {% endfor %}
         </tbody>
diff --git a/src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/profiler.css.twig b/src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/profiler.css.twig
@@ -200,6 +200,9 @@ table tbody ul {
 .nowrap {
     white-space: pre;
 }
+.prewrap {
+    white-space: pre-wrap;
+}
 .newline {
     display: block;
 }
diff --git a/src/Symfony/Component/HttpFoundation/Response.php b/src/Symfony/Component/HttpFoundation/Response.php
@@ -242,6 +242,11 @@ public function __construct($content = '', $status = 200, $headers = array())
                 @trigger_error(sprintf('Extending %s::%s() in %s is deprecated since version 3.2 and won\'t be supported anymore in 4.0 as it will be final.', __CLASS__, $method, $class), E_USER_DEPRECATED);
             }
         }
+
+        /* RFC2616 - 14.18 says all Responses need to have a Date */
+        if (!$this->headers->has('Date')) {
+            $this->setDate(new \DateTime(null, new \DateTimeZone('UTC')));
+        }
     }
 
     /**
@@ -370,6 +375,7 @@ public function sendHeaders()
             return $this;
         }
 
+        /* RFC2616 - 14.18 says all Responses need to have a Date */
         if (!$this->headers->has('Date')) {
             $this->setDate(\DateTime::createFromFormat('U', time()));
         }
@@ -657,6 +663,11 @@ public function mustRevalidate()
      */
     public function getDate()
     {
+        /*
+            RFC2616 - 14.18 says all Responses need to have a Date.
+            Make sure we provide one even if it the header
+            has been removed in the meantime.
+         */
         if (!$this->headers->has('Date')) {
             $this->setDate(\DateTime::createFromFormat('U', time()));
         }
diff --git a/src/Symfony/Component/HttpFoundation/Tests/ResponseTest.php b/src/Symfony/Component/HttpFoundation/Tests/ResponseTest.php
@@ -276,8 +276,10 @@ public function testGetDate()
         $this->assertEquals($now->getTimestamp(), $date->getTimestamp(), '->getDate() returns the date when the header has been modified');
 
         $response = new Response('', 200);
+        $now = $this->createDateTimeNow();
         $response->headers->remove('Date');
-        $this->assertInstanceOf('\DateTime', $response->getDate());
+        $date = $response->getDate();
+        $this->assertEquals($now->getTimestamp(), $date->getTimestamp(), '->getDate() returns the current Date when the header has previously been removed');
     }
 
     public function testGetMaxAge()
diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
@@ -150,7 +150,7 @@ public function serialize()
             array(
                 is_object($this->user) ? clone $this->user : $this->user,
                 $this->authenticated,
-                $this->roles,
+                array_map(function ($role) { return clone $role; }, $this->roles),
                 $this->attributes,
             )
         );
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php
@@ -221,7 +221,7 @@ public function testAuthenticateWithPreservingRoleSwitchUserRole()
         $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $authToken);
         $this->assertSame($user, $authToken->getUser());
         $this->assertContains(new Role('ROLE_FOO'), $authToken->getRoles(), '', false, false);
-        $this->assertContains($switchUserRole, $authToken->getRoles());
+        $this->assertContains($switchUserRole, $authToken->getRoles(), '', false, false);
         $this->assertEquals('foo', $authToken->getCredentials());
         $this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes');
     }
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
@@ -15,6 +15,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
 use Symfony\Component\Security\Core\Role\Role;
 use Symfony\Component\Security\Core\Role\SwitchUserRole;
+use Symfony\Component\Security\Core\User\User;
 
 class TestUser
 {
@@ -89,7 +90,7 @@ public function testEraseCredentials()
 
     public function testSerialize()
     {
-        $token = $this->getToken(array('ROLE_FOO'));
+        $token = $this->getToken(array('ROLE_FOO', new Role('ROLE_BAR')));
         $token->setAttributes(array('foo' => 'bar'));
 
         $uToken = unserialize(serialize($token));
@@ -98,6 +99,19 @@ public function testSerialize()
         $this->assertEquals($token->getAttributes(), $uToken->getAttributes());
     }
 
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO'), new Role('ROLE_BAR')));
+        $token = new ConcreteToken($user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($roles, $user->getRoles());
+    }
+
     public function testSerializeParent()
     {
         $user = new TestUser('fabien');
diff --git a/src/Symfony/Component/Validator/Constraints/UrlValidator.php b/src/Symfony/Component/Validator/Constraints/UrlValidator.php
@@ -33,7 +33,9 @@ class UrlValidator extends ConstraintValidator
                 \]  # an IPv6 address
             )
             (:[0-9]+)?                              # a port (optional)
-            (/?|/\S+|\?\S*|\#\S*)                   # a /, nothing, a / with something, a query or a fragment
+            (?:/ (?:[\pL\pN\-._\~!$&\'()*+,;=:@]|%%[0-9A-Fa-f]{2})* )*      # a path
+            (?:\? (?:[\pL\pN\-._\~!$&\'()*+,;=:@/?]|%%[0-9A-Fa-f]{2})* )?   # a query (optional)
+            (?:\# (?:[\pL\pN\-._\~!$&\'()*+,;=:@/?]|%%[0-9A-Fa-f]{2})* )?   # a fragment (optional)
         $~ixu';
 
     /**
diff --git a/src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php b/src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php
@@ -123,6 +123,7 @@ public function getValidUrls()
             array('http://symfony.com#'),
             array('http://symfony.com#fragment'),
             array('http://symfony.com/#fragment'),
+            array('http://symfony.com/#one_more%20test'),
         );
     }
 
@@ -163,6 +164,9 @@ public function getInvalidUrls()
             array('http://:password@@symfony.com'),
             array('http://username:passwordsymfony.com'),
             array('http://usern@me:password@symfony.com'),
+            array('http://example.com/exploit.html?<script>alert(1);</script>'),
+            array('http://example.com/exploit.html?hel lo'),
+            array('http://example.com/exploit.html?not_a%hex'),
         );
     }
 

Original file line number	Diff line number	Diff line change
`@@ -554,7 +554,7 @@ private function createUserProviders($config, ContainerBuilder $container)`
`554`	`554`	`// Parses a <provider> tag and returns the id for the related user provider service`
`555`	`555`	`private function createUserDaoProvider($name, $provider, ContainerBuilder $container)`
`556`	`556`	`{`
`557`		`- $name = $this->getUserProviderId(strtolower($name));`
	`557`	`+ $name = $this->getUserProviderId($name);`
`558`	`558`
`559`	`559`	`// Doctrine Entity and In-memory DAO provider are managed by factories`
`560`	`560`	`foreach ($this->userProviderFactories as $factory) {`
`@@ -578,7 +578,7 @@ private function createUserDaoProvider($name, $provider, ContainerBuilder $conta`
`578`	`578`	`if (isset($provider['chain'])) {`
`579`	`579`	`$providers = array();`
`580`	`580`	`foreach ($provider['chain']['providers'] as $providerName) {`
`581`		`- $providers[] = new Reference($this->getUserProviderId(strtolower($providerName)));`
	`581`	`+ $providers[] = new Reference($this->getUserProviderId($providerName));`
`582`	`582`	`}`
`583`	`583`
`584`	`584`	`$container`
`@@ -593,7 +593,7 @@ private function createUserDaoProvider($name, $provider, ContainerBuilder $conta`
`593`	`593`
`594`	`594`	`private function getUserProviderId($name)`
`595`	`595`	`{`
`596`		`- return 'security.user.provider.concrete.'.$name;`
	`596`	`+ return 'security.user.provider.concrete.'.strtolower($name);`
`597`	`597`	`}`
`598`	`598`
`599`	`599`	`private function createExceptionListener($container, $config, $id, $defaultEntryPoint, $stateless)`
Original file line number	Diff line number	Diff line change
`@@ -200,6 +200,9 @@ table tbody ul {`
`200`	`200`	`.nowrap {`
`201`	`201`	`white-space: pre;`
`202`	`202`	`}`
	`203`	`+.prewrap {`
	`204`	`+ white-space: pre-wrap;`
	`205`	`+}`
`203`	`206`	`.newline {`
`204`	`207`	`display: block;`
`205`	`208`	`}`
Original file line number	Diff line number	Diff line change
`@@ -242,6 +242,11 @@ public function __construct($content = '', $status = 200, $headers = array())`
`242`	`242`	`@trigger_error(sprintf('Extending %s::%s() in %s is deprecated since version 3.2 and won\'t be supported anymore in 4.0 as it will be final.', __CLASS__, $method, $class), E_USER_DEPRECATED);`
`243`	`243`	`}`
`244`	`244`	`}`
	`245`	`+`
	`246`	`+ /* RFC2616 - 14.18 says all Responses need to have a Date */`
	`247`	`+ if (!$this->headers->has('Date')) {`
	`248`	`+ $this->setDate(new \DateTime(null, new \DateTimeZone('UTC')));`
	`249`	`+ }`
`245`	`250`	`}`
`246`	`251`
`247`	`252`	`/**`
`@@ -370,6 +375,7 @@ public function sendHeaders()`
`370`	`375`	`return $this;`
`371`	`376`	`}`
`372`	`377`
	`378`	`+ /* RFC2616 - 14.18 says all Responses need to have a Date */`
`373`	`379`	`if (!$this->headers->has('Date')) {`
`374`	`380`	`$this->setDate(\DateTime::createFromFormat('U', time()));`
`375`	`381`	`}`
`@@ -657,6 +663,11 @@ public function mustRevalidate()`
`657`	`663`	`*/`
`658`	`664`	`public function getDate()`
`659`	`665`	`{`
	`666`	`+ /*`
	`667`	`+ RFC2616 - 14.18 says all Responses need to have a Date.`
	`668`	`+ Make sure we provide one even if it the header`
	`669`	`+ has been removed in the meantime.`
	`670`	`+ */`
`660`	`671`	`if (!$this->headers->has('Date')) {`
`661`	`672`	`$this->setDate(\DateTime::createFromFormat('U', time()));`
`662`	`673`	`}`
Original file line number	Diff line number	Diff line change
`@@ -150,7 +150,7 @@ public function serialize()`
`150`	`150`	`array(`
`151`	`151`	`is_object($this->user) ? clone $this->user : $this->user,`
`152`	`152`	`$this->authenticated,`
`153`		`- $this->roles,`
	`153`	`+ array_map(function ($role) { return clone $role; }, $this->roles),`
`154`	`154`	`$this->attributes,`
`155`	`155`	`)`
`156`	`156`	`);`
Original file line number	Diff line number	Diff line change
`@@ -221,7 +221,7 @@ public function testAuthenticateWithPreservingRoleSwitchUserRole()`
`221`	`221`	`$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $authToken);`
`222`	`222`	`$this->assertSame($user, $authToken->getUser());`
`223`	`223`	`$this->assertContains(new Role('ROLE_FOO'), $authToken->getRoles(), '', false, false);`
`224`		`- $this->assertContains($switchUserRole, $authToken->getRoles());`
	`224`	`+ $this->assertContains($switchUserRole, $authToken->getRoles(), '', false, false);`
`225`	`225`	`$this->assertEquals('foo', $authToken->getCredentials());`
`226`	`226`	`$this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes');`
`227`	`227`	`}`