Merge branch '4.1'

javiereguiluz · javiereguiluz · commit 12e79696e6b5 · 2018-06-01T17:09:48.000+02:00
* 4.1:
  Add all serialized class properties
  Use version name in installer command
  Fix the page title for the mbstring polyfill
  Update tags declaration in yaml format
  Use the new Security helper in some code examples
  [Routing] add documentation for prefixing i18n routes with a locale
diff --git a/components/polyfill_mbstring.rst b/components/polyfill_mbstring.rst
@@ -3,8 +3,8 @@
     single: Mbstring
     single: Components; Polyfill
 
-The Symfony Polyfill / Intl Mbstring Component
-==============================================
+The Symfony Polyfill / Mbstring Component
+=========================================
 
     This component provides a partial, native PHP implementation for the
     ``mbstring`` PHP extension.
diff --git a/components/serializer.rst b/components/serializer.rst
@@ -132,7 +132,7 @@ use the Serializer service created before::
 
     $jsonContent = $serializer->serialize($person, 'json');
 
-    // $jsonContent contains {"name":"foo","age":99,"sportsperson":false}
+    // $jsonContent contains {"name":"foo","age":99,"sportsperson":false,"createdAt":null}
 
     echo $jsonContent; // or return it in a Response
 
diff --git a/controller/argument_value_resolver.rst b/controller/argument_value_resolver.rst
@@ -91,16 +91,15 @@ retrieved from the token storage::
     use Symfony\Component\HttpFoundation\Request;
     use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;
     use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
-    use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
-    use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+    use Symfony\Component\Security\Core\Security;
 
     class UserValueResolver implements ArgumentValueResolverInterface
     {
-        private $tokenStorage;
+        private $security;
 
-        public function __construct(TokenStorageInterface $tokenStorage)
+        public function __construct(Security $security)
         {
-            $this->tokenStorage = $tokenStorage;
+            $this->security = $security;
         }
 
         public function supports(Request $request, ArgumentMetadata $argument)
@@ -109,27 +108,20 @@ retrieved from the token storage::
                 return false;
             }
 
-            $token = $this->tokenStorage->getToken();
-
-            if (!$token instanceof TokenInterface) {
-                return false;
-            }
-
-            return $token->getUser() instanceof User;
+            return $this->security->getUser() instanceof User;
         }
 
         public function resolve(Request $request, ArgumentMetadata $argument)
         {
-            yield $this->tokenStorage->getToken()->getUser();
+            yield $this->security->getUser();
         }
     }
 
 In order to get the actual ``User`` object in your argument, the given value
 must fulfill the following requirements:
 
 * An argument must be type-hinted as ``User`` in your action method signature;
-* A security token must be present;
-* The value must be an instance of the ``User``.
+* The value must be an instance of the ``User`` class.
 
 When all those requirements are met and ``true`` is returned, the
 ``ArgumentResolver`` calls ``resolve()`` with the same values as it called
diff --git a/form/dynamic_form_modification.rst b/form/dynamic_form_modification.rst
@@ -234,6 +234,7 @@ contains only this user's friends. This can be done injecting the ``Security``
 service into the form type so you can get the current user object::
 
     use Symfony\Component\Security\Core\Security;
+    // ...
 
     private $security;
 
@@ -254,7 +255,8 @@ service into the form type so you can get the current user object::
 Customizing the Form Type
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Now that you have all the basics in place you can complete the listener logic::
+Now that you have all the basics in place you can use the features of the
+security helper to fill in the listener logic::
 
     // src/Form/Type/FriendMessageFormType.php
 
diff --git a/routing.rst b/routing.rst
@@ -210,6 +210,23 @@ should be used during the request. Defining routes this way also eliminated the
 need for duplicate registration of routes which minimizes the risk for any bugs
 caused by definition inconsistency.
 
+A common requirement for internationalized applications is to prefix all routes
+with a locale. This can be done by defining a different prefix for each locale
+(and setting an empty prefix for your default locale if you prefer it):
+
+.. configuration-block::
+
+    .. code-block:: yaml
+
+        # config/routes/annotations.yaml
+        controllers:
+            resource: '../src/Controller/'
+            type: annotation
+            prefix:
+                en: '' # don't prefix URLs for English, the default locale
+                fr: '/fr'
+                es: '/es'
+
 .. _routing-requirements:
 
 Adding {wildcard} Requirements
diff --git a/security.rst b/security.rst
@@ -1069,16 +1069,18 @@ the User object, and use the ``isGranted()`` method (or
 
     An alternative way to get the current user in a controller is to type-hint
     the controller argument with
-    :class:`Symfony\\Component\\Security\\Core\\User\\UserInterface`
-    (and default it to ``null`` if being logged-in is optional)::
+    :class:`Symfony\\Component\\Security\\Core\\Security`::
 
-        use Symfony\Component\Security\Core\User\UserInterface;
+        use Symfony\Component\Security\Core\Security;
 
-        public function index(UserInterface $user = null)
+        public function indexAction(Security $security)
         {
-            // $user is null when not logged-in or anon.
+            $user = $security->getUser();
         }
 
+    .. versionadded:: 3.4
+        The ``Security`` utility class was introduced in Symfony 3.4.
+
     This is only recommended for experienced developers who don't extend from the
     :ref:`Symfony base controller <the-base-controller-class-services>` and
     don't use the :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\ControllerTrait`
diff --git a/security/impersonating_user.rst b/security/impersonating_user.rst
@@ -108,25 +108,28 @@ over the user's roles until you find one that a ``SwitchUserRole`` object::
     use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
     use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
     use Symfony\Component\Security\Core\Role\SwitchUserRole;
+    use Symfony\Component\Security\Core\Security;
+    // ...
 
-    private $authorizationChecker;
-    private $tokenStorage;
-
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker, TokenStorageInterface $tokenStorage)
+    public class SomeService
     {
-        $this->authorizationChecker = $authorizationChecker;
-        $this->tokenStorage = $tokenStorage;
-    }
+        private $security;
 
-    public function someMethod()
-    {
-        // ...
+        public function __construct(Security $security)
+        {
+            $this->security = $security;
+        }
+
+        public function someMethod()
+        {
+            // ...
 
-        if ($authorizationChecker->isGranted('ROLE_PREVIOUS_ADMIN')) {
-            foreach ($tokenStorage->getToken()->getRoles() as $role) {
-                if ($role instanceof SwitchUserRole) {
-                    $impersonatorUser = $role->getSource()->getUser();
-                    break;
+            if ($this->security->isGranted('ROLE_PREVIOUS_ADMIN')) {
+                foreach ($this->security->getToken()->getRoles() as $role) {
+                    if ($role instanceof SwitchUserRole) {
+                        $impersonatorUser = $role->getSource()->getUser();
+                        break;
+                    }
                 }
             }
         }
diff --git a/security/securing_services.rst b/security/securing_services.rst
@@ -44,28 +44,27 @@ Before you add security, the class looks something like this::
     }
 
 Your goal is to check the user's role when the ``sendNewsletter()`` method is
-called. The first step towards this is to inject the
-``Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface``
-service into the object::
+called. The first step towards this is to inject the ``security.helper`` service
+using the :class:`Symfony\\Component\\Security\\Core\\Security` class::
 
     // src/Newsletter/NewsletterManager.php
 
     // ...
-    use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
     use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+    use Symfony\Component\Security\Core\Security;
 
     class NewsletterManager
     {
-        protected $authChecker;
+        protected $security;
 
-        public function __construct(AuthorizationCheckerInterface $authChecker)
+        public function __construct(Security $security)
         {
-            $this->authChecker = $authChecker;
+            $this->security = $security;
         }
 
         public function sendNewsletter()
         {
-            if (!$this->authChecker->isGranted('ROLE_NEWSLETTER_ADMIN')) {
+            if (!$this->security->isGranted('ROLE_NEWSLETTER_ADMIN')) {
                 throw new AccessDeniedException();
             }
 
@@ -76,8 +75,8 @@ service into the object::
     }
 
 If you're using the :ref:`default services.yaml configuration <service-container-services-load-example>`,
-Symfony will automatically pass the authorization checker to your service
-thanks to autowiring and the ``AuthorizationCheckerInterface`` type-hint.
+Symfony will automatically pass the ``security.helper`` to your service
+thanks to autowiring and the ``Security`` type-hint.
 
 If the current user does not have the ``ROLE_NEWSLETTER_ADMIN``, they will
 be prompted to log in.
diff --git a/service_container/tags.rst b/service_container/tags.rst
@@ -17,7 +17,7 @@ example:
         services:
             App\Twig\AppExtension:
                 public: false
-                tags: [twig.extension]
+                tags: ['twig.extension']
 
     .. code-block:: xml
 
@@ -162,10 +162,10 @@ For example, you may add the following transports as services:
         services:
             Swift_SmtpTransport:
                 arguments: ['%mailer_host%']
-                tags: [app.mail_transport]
+                tags: ['app.mail_transport']
 
             Swift_SendmailTransport:
-                tags: [app.mail_transport]
+                tags: ['app.mail_transport']
 
     .. code-block:: xml
 
@@ -317,11 +317,11 @@ To answer this, change the service declaration:
             Swift_SmtpTransport:
                 arguments: ['%mailer_host%']
                 tags:
-                    - { name: app.mail_transport, alias: smtp }
+                    - { name: 'app.mail_transport', alias: 'smtp' }
 
             Swift_SendmailTransport:
                 tags:
-                    - { name: app.mail_transport, alias: sendmail }
+                    - { name: 'app.mail_transport', alias: 'sendmail' }
 
     .. code-block:: xml
 
@@ -368,13 +368,13 @@ To answer this, change the service declaration:
             # Compact syntax
             Swift_SendmailTransport:
                 class: \Swift_SendmailTransport
-                tags: [app.mail_transport]
+                tags: ['app.mail_transport']
 
             # Verbose syntax
             Swift_SendmailTransport:
                 class: \Swift_SendmailTransport
                 tags:
-                    - { name: app.mail_transport }
+                    - { name: 'app.mail_transport' }
 
 Notice that you've added a generic ``alias`` key to the tag. To actually
 use this, update the compiler::
@@ -424,10 +424,10 @@ first  constructor argument to the ``App\HandlerCollection`` service:
         # config/services.yaml
         services:
             App\Handler\One:
-                tags: [app.handler]
+                tags: ['app.handler']
 
             App\Handler\Two:
-                tags: [app.handler]
+                tags: ['app.handler']
 
             App\HandlerCollection:
                 # inject all services tagged with app.handler as first argument
@@ -500,7 +500,7 @@ application handlers.
             services:
                 App\Handler\One:
                     tags:
-                        - { name: app.handler, priority: 20 }
+                        - { name: 'app.handler', priority: 20 }
 
         .. code-block:: xml
 
diff --git a/session/proxy_examples.rst b/session/proxy_examples.rst
@@ -110,15 +110,15 @@ can intercept the session before it is written::
 
     use App\Entity\User;
     use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;
-    use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+    use Symfony\Component\Security\Core\Security;
 
     class ReadOnlySessionProxy extends SessionHandlerProxy
     {
-        private $tokenStorage;
+        private $security;
 
-        public function __construct(\SessionHandlerInterface $handler, TokenStorageInterface $tokenStorage)
+        public function __construct(\SessionHandlerInterface $handler, Security $security)
         {
-            $this->tokenStorage = $tokenStorage;
+            $this->security = $security;
 
             parent::__construct($handler);
         }
@@ -134,11 +134,7 @@ can intercept the session before it is written::
 
         private function getUser()
         {
-            if (!$token = $this->tokenStorage->getToken()) {
-                return;
-            }
-
-            $user = $token->getUser();
+            $user = $this->security->getUser();
             if (is_object($user)) {
                 return $user;
             }

Original file line number	Diff line number	Diff line change
`@@ -91,16 +91,15 @@ retrieved from the token storage::`
`91`	`91`	`use Symfony\Component\HttpFoundation\Request;`
`92`	`92`	`use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;`
`93`	`93`	`use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;`
`94`		`- use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`95`		`- use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;`
	`94`	`+ use Symfony\Component\Security\Core\Security;`
`96`	`95`
`97`	`96`	`class UserValueResolver implements ArgumentValueResolverInterface`
`98`	`97`	`{`
`99`		`- private $tokenStorage;`
	`98`	`+ private $security;`
`100`	`99`
`101`		`- public function __construct(TokenStorageInterface $tokenStorage)`
	`100`	`+ public function __construct(Security $security)`
`102`	`101`	`{`
`103`		`- $this->tokenStorage = $tokenStorage;`
	`102`	`+ $this->security = $security;`
`104`	`103`	`}`
`105`	`104`
`106`	`105`	`public function supports(Request $request, ArgumentMetadata $argument)`
`@@ -109,27 +108,20 @@ retrieved from the token storage::`
`109`	`108`	`return false;`
`110`	`109`	`}`
`111`	`110`
`112`		`- $token = $this->tokenStorage->getToken();`
`113`		`-`
`114`		`- if (!$token instanceof TokenInterface) {`
`115`		`- return false;`
`116`		`- }`
`117`		`-`
`118`		`- return $token->getUser() instanceof User;`
	`111`	`+ return $this->security->getUser() instanceof User;`
`119`	`112`	`}`
`120`	`113`
`121`	`114`	`public function resolve(Request $request, ArgumentMetadata $argument)`
`122`	`115`	`{`
`123`		`- yield $this->tokenStorage->getToken()->getUser();`
	`116`	`+ yield $this->security->getUser();`
`124`	`117`	`}`
`125`	`118`	`}`
`126`	`119`
`127`	`120`	In order to get the actual ``User`` object in your argument, the given value
`128`	`121`	`must fulfill the following requirements:`
`129`	`122`
`130`	`123`	* An argument must be type-hinted as ``User`` in your action method signature;
`131`		`-* A security token must be present;`
`132`		-* The value must be an instance of the ``User``.
	`124`	+* The value must be an instance of the ``User`` class.
`133`	`125`
`134`	`126`	When all those requirements are met and ``true`` is returned, the
`135`	`127`	``ArgumentResolver`` calls ``resolve()`` with the same values as it called
Original file line number	Diff line number	Diff line change
`@@ -44,28 +44,27 @@ Before you add security, the class looks something like this::`
`44`	`44`	`}`
`45`	`45`
`46`	`46`	Your goal is to check the user's role when the ``sendNewsletter()`` method is
`47`		`-called. The first step towards this is to inject the`
`48`		-``Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface``
`49`		`-service into the object::`
	`47`	+called. The first step towards this is to inject the ``security.helper`` service
	`48`	+using the :class:`Symfony\\Component\\Security\\Core\\Security` class::
`50`	`49`
`51`	`50`	`// src/Newsletter/NewsletterManager.php`
`52`	`51`
`53`	`52`	`// ...`
`54`		`- use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;`
`55`	`53`	`use Symfony\Component\Security\Core\Exception\AccessDeniedException;`
	`54`	`+ use Symfony\Component\Security\Core\Security;`
`56`	`55`
`57`	`56`	`class NewsletterManager`
`58`	`57`	`{`
`59`		`- protected $authChecker;`
	`58`	`+ protected $security;`
`60`	`59`
`61`		`- public function __construct(AuthorizationCheckerInterface $authChecker)`
	`60`	`+ public function __construct(Security $security)`
`62`	`61`	`{`
`63`		`- $this->authChecker = $authChecker;`
	`62`	`+ $this->security = $security;`
`64`	`63`	`}`
`65`	`64`
`66`	`65`	`public function sendNewsletter()`
`67`	`66`	`{`
`68`		`- if (!$this->authChecker->isGranted('ROLE_NEWSLETTER_ADMIN')) {`
	`67`	`+ if (!$this->security->isGranted('ROLE_NEWSLETTER_ADMIN')) {`
`69`	`68`	`throw new AccessDeniedException();`
`70`	`69`	`}`
`71`	`70`
`@@ -76,8 +75,8 @@ service into the object::`
`76`	`75`	`}`
`77`	`76`
`78`	`77`	If you're using the :ref:`default services.yaml configuration <service-container-services-load-example>`,
`79`		`-Symfony will automatically pass the authorization checker to your service`
`80`		-thanks to autowiring and the ``AuthorizationCheckerInterface`` type-hint.
	`78`	+Symfony will automatically pass the ``security.helper`` to your service
	`79`	+thanks to autowiring and the ``Security`` type-hint.
`81`	`80`
`82`	`81`	If the current user does not have the ``ROLE_NEWSLETTER_ADMIN``, they will
`83`	`82`	`be prompted to log in.`
Original file line number	Diff line number	Diff line change
`@@ -110,15 +110,15 @@ can intercept the session before it is written::`
`110`	`110`
`111`	`111`	`use App\Entity\User;`
`112`	`112`	`use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;`
`113`		`- use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
	`113`	`+ use Symfony\Component\Security\Core\Security;`
`114`	`114`
`115`	`115`	`class ReadOnlySessionProxy extends SessionHandlerProxy`
`116`	`116`	`{`
`117`		`- private $tokenStorage;`
	`117`	`+ private $security;`
`118`	`118`
`119`		`- public function __construct(\SessionHandlerInterface $handler, TokenStorageInterface $tokenStorage)`
	`119`	`+ public function __construct(\SessionHandlerInterface $handler, Security $security)`
`120`	`120`	`{`
`121`		`- $this->tokenStorage = $tokenStorage;`
	`121`	`+ $this->security = $security;`
`122`	`122`
`123`	`123`	`parent::__construct($handler);`
`124`	`124`	`}`
`@@ -134,11 +134,7 @@ can intercept the session before it is written::`
`134`	`134`
`135`	`135`	`private function getUser()`
`136`	`136`	`{`
`137`		`- if (!$token = $this->tokenStorage->getToken()) {`
`138`		`- return;`
`139`		`- }`
`140`		`-`
`141`		`- $user = $token->getUser();`
	`137`	`+ $user = $this->security->getUser();`
`142`	`138`	`if (is_object($user)) {`
`143`	`139`	`return $user;`
`144`	`140`	`}`