Merge branch '4.0' into 4.1

javiereguiluz · javiereguiluz · commit c52274bb1867 · 2018-06-01T17:09:21.000+02:00
* 4.0:
  Add all serialized class properties
  Use version name in installer command
  Update tags declaration in yaml format
  Use the new Security helper in some code examples
diff --git a/components/serializer.rst b/components/serializer.rst
@@ -132,7 +132,7 @@ use the Serializer service created before::
 
     $jsonContent = $serializer->serialize($person, 'json');
 
-    // $jsonContent contains {"name":"foo","age":99,"sportsperson":false}
+    // $jsonContent contains {"name":"foo","age":99,"sportsperson":false,"createdAt":null}
 
     echo $jsonContent; // or return it in a Response
 
diff --git a/controller/argument_value_resolver.rst b/controller/argument_value_resolver.rst
@@ -91,16 +91,15 @@ retrieved from the token storage::
     use Symfony\Component\HttpFoundation\Request;
     use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;
     use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
-    use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
-    use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+    use Symfony\Component\Security\Core\Security;
 
     class UserValueResolver implements ArgumentValueResolverInterface
     {
-        private $tokenStorage;
+        private $security;
 
-        public function __construct(TokenStorageInterface $tokenStorage)
+        public function __construct(Security $security)
         {
-            $this->tokenStorage = $tokenStorage;
+            $this->security = $security;
         }
 
         public function supports(Request $request, ArgumentMetadata $argument)
@@ -109,27 +108,20 @@ retrieved from the token storage::
                 return false;
             }
 
-            $token = $this->tokenStorage->getToken();
-
-            if (!$token instanceof TokenInterface) {
-                return false;
-            }
-
-            return $token->getUser() instanceof User;
+            return $this->security->getUser() instanceof User;
         }
 
         public function resolve(Request $request, ArgumentMetadata $argument)
         {
-            yield $this->tokenStorage->getToken()->getUser();
+            yield $this->security->getUser();
         }
     }
 
 In order to get the actual ``User`` object in your argument, the given value
 must fulfill the following requirements:
 
 * An argument must be type-hinted as ``User`` in your action method signature;
-* A security token must be present;
-* The value must be an instance of the ``User``.
+* The value must be an instance of the ``User`` class.
 
 When all those requirements are met and ``true`` is returned, the
 ``ArgumentResolver`` calls ``resolve()`` with the same values as it called
diff --git a/form/dynamic_form_modification.rst b/form/dynamic_form_modification.rst
@@ -234,6 +234,7 @@ contains only this user's friends. This can be done injecting the ``Security``
 service into the form type so you can get the current user object::
 
     use Symfony\Component\Security\Core\Security;
+    // ...
 
     private $security;
 
@@ -254,7 +255,8 @@ service into the form type so you can get the current user object::
 Customizing the Form Type
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Now that you have all the basics in place you can complete the listener logic::
+Now that you have all the basics in place you can use the features of the
+security helper to fill in the listener logic::
 
     // src/Form/Type/FriendMessageFormType.php
 
diff --git a/security.rst b/security.rst
@@ -1069,16 +1069,18 @@ the User object, and use the ``isGranted()`` method (or
 
     An alternative way to get the current user in a controller is to type-hint
     the controller argument with
-    :class:`Symfony\\Component\\Security\\Core\\User\\UserInterface`
-    (and default it to ``null`` if being logged-in is optional)::
+    :class:`Symfony\\Component\\Security\\Core\\Security`::
 
-        use Symfony\Component\Security\Core\User\UserInterface;
+        use Symfony\Component\Security\Core\Security;
 
-        public function index(UserInterface $user = null)
+        public function indexAction(Security $security)
         {
-            // $user is null when not logged-in or anon.
+            $user = $security->getUser();
         }
 
+    .. versionadded:: 3.4
+        The ``Security`` utility class was introduced in Symfony 3.4.
+
     This is only recommended for experienced developers who don't extend from the
     :ref:`Symfony base controller <the-base-controller-class-services>` and
     don't use the :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\ControllerTrait`
diff --git a/security/impersonating_user.rst b/security/impersonating_user.rst
@@ -108,25 +108,28 @@ over the user's roles until you find one that a ``SwitchUserRole`` object::
     use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
     use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
     use Symfony\Component\Security\Core\Role\SwitchUserRole;
+    use Symfony\Component\Security\Core\Security;
+    // ...
 
-    private $authorizationChecker;
-    private $tokenStorage;
-
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker, TokenStorageInterface $tokenStorage)
+    public class SomeService
     {
-        $this->authorizationChecker = $authorizationChecker;
-        $this->tokenStorage = $tokenStorage;
-    }
+        private $security;
 
-    public function someMethod()
-    {
-        // ...
+        public function __construct(Security $security)
+        {
+            $this->security = $security;
+        }
+
+        public function someMethod()
+        {
+            // ...
 
-        if ($authorizationChecker->isGranted('ROLE_PREVIOUS_ADMIN')) {
-            foreach ($tokenStorage->getToken()->getRoles() as $role) {
-                if ($role instanceof SwitchUserRole) {
-                    $impersonatorUser = $role->getSource()->getUser();
-                    break;
+            if ($this->security->isGranted('ROLE_PREVIOUS_ADMIN')) {
+                foreach ($this->security->getToken()->getRoles() as $role) {
+                    if ($role instanceof SwitchUserRole) {
+                        $impersonatorUser = $role->getSource()->getUser();
+                        break;
+                    }
                 }
             }
         }
diff --git a/security/securing_services.rst b/security/securing_services.rst
@@ -44,28 +44,27 @@ Before you add security, the class looks something like this::
     }
 
 Your goal is to check the user's role when the ``sendNewsletter()`` method is
-called. The first step towards this is to inject the
-``Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface``
-service into the object::
+called. The first step towards this is to inject the ``security.helper`` service
+using the :class:`Symfony\\Component\\Security\\Core\\Security` class::
 
     // src/Newsletter/NewsletterManager.php
 
     // ...
-    use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
     use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+    use Symfony\Component\Security\Core\Security;
 
     class NewsletterManager
     {
-        protected $authChecker;
+        protected $security;
 
-        public function __construct(AuthorizationCheckerInterface $authChecker)
+        public function __construct(Security $security)
         {
-            $this->authChecker = $authChecker;
+            $this->security = $security;
         }
 
         public function sendNewsletter()
         {
-            if (!$this->authChecker->isGranted('ROLE_NEWSLETTER_ADMIN')) {
+            if (!$this->security->isGranted('ROLE_NEWSLETTER_ADMIN')) {
                 throw new AccessDeniedException();
             }
 
@@ -76,8 +75,8 @@ service into the object::
     }
 
 If you're using the :ref:`default services.yaml configuration <service-container-services-load-example>`,
-Symfony will automatically pass the authorization checker to your service
-thanks to autowiring and the ``AuthorizationCheckerInterface`` type-hint.
+Symfony will automatically pass the ``security.helper`` to your service
+thanks to autowiring and the ``Security`` type-hint.
 
 If the current user does not have the ``ROLE_NEWSLETTER_ADMIN``, they will
 be prompted to log in.
diff --git a/service_container/tags.rst b/service_container/tags.rst
@@ -17,7 +17,7 @@ example:
         services:
             App\Twig\AppExtension:
                 public: false
-                tags: [twig.extension]
+                tags: ['twig.extension']
 
     .. code-block:: xml
 
@@ -162,10 +162,10 @@ For example, you may add the following transports as services:
         services:
             Swift_SmtpTransport:
                 arguments: ['%mailer_host%']
-                tags: [app.mail_transport]
+                tags: ['app.mail_transport']
 
             Swift_SendmailTransport:
-                tags: [app.mail_transport]
+                tags: ['app.mail_transport']
 
     .. code-block:: xml
 
@@ -317,11 +317,11 @@ To answer this, change the service declaration:
             Swift_SmtpTransport:
                 arguments: ['%mailer_host%']
                 tags:
-                    - { name: app.mail_transport, alias: smtp }
+                    - { name: 'app.mail_transport', alias: 'smtp' }
 
             Swift_SendmailTransport:
                 tags:
-                    - { name: app.mail_transport, alias: sendmail }
+                    - { name: 'app.mail_transport', alias: 'sendmail' }
 
     .. code-block:: xml
 
@@ -368,13 +368,13 @@ To answer this, change the service declaration:
             # Compact syntax
             Swift_SendmailTransport:
                 class: \Swift_SendmailTransport
-                tags: [app.mail_transport]
+                tags: ['app.mail_transport']
 
             # Verbose syntax
             Swift_SendmailTransport:
                 class: \Swift_SendmailTransport
                 tags:
-                    - { name: app.mail_transport }
+                    - { name: 'app.mail_transport' }
 
 Notice that you've added a generic ``alias`` key to the tag. To actually
 use this, update the compiler::
@@ -424,10 +424,10 @@ first  constructor argument to the ``App\HandlerCollection`` service:
         # config/services.yaml
         services:
             App\Handler\One:
-                tags: [app.handler]
+                tags: ['app.handler']
 
             App\Handler\Two:
-                tags: [app.handler]
+                tags: ['app.handler']
 
             App\HandlerCollection:
                 # inject all services tagged with app.handler as first argument
@@ -500,7 +500,7 @@ application handlers.
             services:
                 App\Handler\One:
                     tags:
-                        - { name: app.handler, priority: 20 }
+                        - { name: 'app.handler', priority: 20 }
 
         .. code-block:: xml
 
diff --git a/session/proxy_examples.rst b/session/proxy_examples.rst
@@ -110,15 +110,15 @@ can intercept the session before it is written::
 
     use App\Entity\User;
     use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;
-    use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+    use Symfony\Component\Security\Core\Security;
 
     class ReadOnlySessionProxy extends SessionHandlerProxy
     {
-        private $tokenStorage;
+        private $security;
 
-        public function __construct(\SessionHandlerInterface $handler, TokenStorageInterface $tokenStorage)
+        public function __construct(\SessionHandlerInterface $handler, Security $security)
         {
-            $this->tokenStorage = $tokenStorage;
+            $this->security = $security;
 
             parent::__construct($handler);
         }
@@ -134,11 +134,7 @@ can intercept the session before it is written::
 
         private function getUser()
         {
-            if (!$token = $this->tokenStorage->getToken()) {
-                return;
-            }
-
-            $user = $token->getUser();
+            $user = $this->security->getUser();
             if (is_object($user)) {
                 return $user;
             }

Original file line number	Diff line number	Diff line change
`@@ -91,16 +91,15 @@ retrieved from the token storage::`
`91`	`91`	`use Symfony\Component\HttpFoundation\Request;`
`92`	`92`	`use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;`
`93`	`93`	`use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;`
`94`		`- use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`95`		`- use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;`
	`94`	`+ use Symfony\Component\Security\Core\Security;`
`96`	`95`
`97`	`96`	`class UserValueResolver implements ArgumentValueResolverInterface`
`98`	`97`	`{`
`99`		`- private $tokenStorage;`
	`98`	`+ private $security;`
`100`	`99`
`101`		`- public function __construct(TokenStorageInterface $tokenStorage)`
	`100`	`+ public function __construct(Security $security)`
`102`	`101`	`{`
`103`		`- $this->tokenStorage = $tokenStorage;`
	`102`	`+ $this->security = $security;`
`104`	`103`	`}`
`105`	`104`
`106`	`105`	`public function supports(Request $request, ArgumentMetadata $argument)`
`@@ -109,27 +108,20 @@ retrieved from the token storage::`
`109`	`108`	`return false;`
`110`	`109`	`}`
`111`	`110`
`112`		`- $token = $this->tokenStorage->getToken();`
`113`		`-`
`114`		`- if (!$token instanceof TokenInterface) {`
`115`		`- return false;`
`116`		`- }`
`117`		`-`
`118`		`- return $token->getUser() instanceof User;`
	`111`	`+ return $this->security->getUser() instanceof User;`
`119`	`112`	`}`
`120`	`113`
`121`	`114`	`public function resolve(Request $request, ArgumentMetadata $argument)`
`122`	`115`	`{`
`123`		`- yield $this->tokenStorage->getToken()->getUser();`
	`116`	`+ yield $this->security->getUser();`
`124`	`117`	`}`
`125`	`118`	`}`
`126`	`119`
`127`	`120`	In order to get the actual ``User`` object in your argument, the given value
`128`	`121`	`must fulfill the following requirements:`
`129`	`122`
`130`	`123`	* An argument must be type-hinted as ``User`` in your action method signature;
`131`		`-* A security token must be present;`
`132`		-* The value must be an instance of the ``User``.
	`124`	+* The value must be an instance of the ``User`` class.
`133`	`125`
`134`	`126`	When all those requirements are met and ``true`` is returned, the
`135`	`127`	``ArgumentResolver`` calls ``resolve()`` with the same values as it called
Original file line number	Diff line number	Diff line change
`@@ -44,28 +44,27 @@ Before you add security, the class looks something like this::`
`44`	`44`	`}`
`45`	`45`
`46`	`46`	Your goal is to check the user's role when the ``sendNewsletter()`` method is
`47`		`-called. The first step towards this is to inject the`
`48`		-``Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface``
`49`		`-service into the object::`
	`47`	+called. The first step towards this is to inject the ``security.helper`` service
	`48`	+using the :class:`Symfony\\Component\\Security\\Core\\Security` class::
`50`	`49`
`51`	`50`	`// src/Newsletter/NewsletterManager.php`
`52`	`51`
`53`	`52`	`// ...`
`54`		`- use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;`
`55`	`53`	`use Symfony\Component\Security\Core\Exception\AccessDeniedException;`
	`54`	`+ use Symfony\Component\Security\Core\Security;`
`56`	`55`
`57`	`56`	`class NewsletterManager`
`58`	`57`	`{`
`59`		`- protected $authChecker;`
	`58`	`+ protected $security;`
`60`	`59`
`61`		`- public function __construct(AuthorizationCheckerInterface $authChecker)`
	`60`	`+ public function __construct(Security $security)`
`62`	`61`	`{`
`63`		`- $this->authChecker = $authChecker;`
	`62`	`+ $this->security = $security;`
`64`	`63`	`}`
`65`	`64`
`66`	`65`	`public function sendNewsletter()`
`67`	`66`	`{`
`68`		`- if (!$this->authChecker->isGranted('ROLE_NEWSLETTER_ADMIN')) {`
	`67`	`+ if (!$this->security->isGranted('ROLE_NEWSLETTER_ADMIN')) {`
`69`	`68`	`throw new AccessDeniedException();`
`70`	`69`	`}`
`71`	`70`
`@@ -76,8 +75,8 @@ service into the object::`
`76`	`75`	`}`
`77`	`76`
`78`	`77`	If you're using the :ref:`default services.yaml configuration <service-container-services-load-example>`,
`79`		`-Symfony will automatically pass the authorization checker to your service`
`80`		-thanks to autowiring and the ``AuthorizationCheckerInterface`` type-hint.
	`78`	+Symfony will automatically pass the ``security.helper`` to your service
	`79`	+thanks to autowiring and the ``Security`` type-hint.
`81`	`80`
`82`	`81`	If the current user does not have the ``ROLE_NEWSLETTER_ADMIN``, they will
`83`	`82`	`be prompted to log in.`
Original file line number	Diff line number	Diff line change
`@@ -110,15 +110,15 @@ can intercept the session before it is written::`
`110`	`110`
`111`	`111`	`use App\Entity\User;`
`112`	`112`	`use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;`
`113`		`- use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
	`113`	`+ use Symfony\Component\Security\Core\Security;`
`114`	`114`
`115`	`115`	`class ReadOnlySessionProxy extends SessionHandlerProxy`
`116`	`116`	`{`
`117`		`- private $tokenStorage;`
	`117`	`+ private $security;`
`118`	`118`
`119`		`- public function __construct(\SessionHandlerInterface $handler, TokenStorageInterface $tokenStorage)`
	`119`	`+ public function __construct(\SessionHandlerInterface $handler, Security $security)`
`120`	`120`	`{`
`121`		`- $this->tokenStorage = $tokenStorage;`
	`121`	`+ $this->security = $security;`
`122`	`122`
`123`	`123`	`parent::__construct($handler);`
`124`	`124`	`}`
`@@ -134,11 +134,7 @@ can intercept the session before it is written::`
`134`	`134`
`135`	`135`	`private function getUser()`
`136`	`136`	`{`
`137`		`- if (!$token = $this->tokenStorage->getToken()) {`
`138`		`- return;`
`139`		`- }`
`140`		`-`
`141`		`- $user = $token->getUser();`
	`137`	`+ $user = $this->security->getUser();`
`142`	`138`	`if (is_object($user)) {`
`143`	`139`	`return $user;`
`144`	`140`	`}`