Skip to content

Commit

Permalink
Merge branch '3.4' into 4.2
Browse files Browse the repository at this point in the history 
* 3.4:
  Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
  [FrameworkBundle] minor: remove a typo from changelog
  [VarDumper][Ldap] relax some locally failing tests
  [Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
  Make MimeTypeExtensionGuesser case insensitive
  • Loading branch information
@nicolas-grekas
nicolas-grekas committed Apr 17, 2019
2 parents 3fd01ab + 82f003e commit 6aec217
Show file tree
Hide file tree
Showing 9 changed files with 87 additions and 60 deletions.
2 changes: 1 addition & 1 deletion src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
View file
Expand Up @@ -134,7 +134,7 @@ CHANGELOG
The default value will be `state_machine` in Symfony 4.0.
* Deprecated the `CompilerDebugDumpPass` class
* Deprecated the "framework.trusted_proxies" configuration option and the corresponding "kernel.trusted_proxies" parameter
* Added a new new version strategy option called json_manifest_path
* Added a new version strategy option called "json_manifest_path"
that allows you to use the `JsonManifestVersionStrategy`.
* Added `Symfony\Bundle\FrameworkBundle\Controller\AbstractController`. It provides
the same helpers as the `Controller` class, but does not allow accessing the dependency
Expand Down
8 changes: 7 additions & 1 deletion src/Symfony/Component/HttpFoundation/File/MimeType/MimeTypeExtensionGuesser.php
View file
Expand Up @@ -808,6 +808,12 @@ class MimeTypeExtensionGuesser implements ExtensionGuesserInterface
*/
public function guess($mimeType)
{
return isset($this->defaultExtensions[$mimeType]) ? $this->defaultExtensions[$mimeType] : null;
if (isset($this->defaultExtensions[$mimeType])) {
return $this->defaultExtensions[$mimeType];
}

$lcMimeType = strtolower($mimeType);

return isset($this->defaultExtensions[$lcMimeType]) ? $this->defaultExtensions[$lcMimeType] : null;
}
}
Binary file added src/Symfony/Component/HttpFoundation/Tests/File/Fixtures/case-sensitive-mime-type.xlsm
View file
Binary file not shown.
12 changes: 12 additions & 0 deletions src/Symfony/Component/HttpFoundation/Tests/File/UploadedFileTest.php
View file
Expand Up @@ -94,6 +94,18 @@ public function testGuessClientExtensionWithIncorrectMimeType()
$this->assertEquals('jpeg', $file->guessClientExtension());
}

public function testCaseSensitiveMimeType()
{
$file = new UploadedFile(
__DIR__.'/Fixtures/case-sensitive-mime-type.xlsm',
'test.xlsm',
'application/vnd.ms-excel.sheet.macroEnabled.12',
null
);

$this->assertEquals('xlsm', $file->guessClientExtension());
}

public function testErrorIsOkByDefault()
{
$file = new UploadedFile(
Expand Down
8 changes: 8 additions & 0 deletions src/Symfony/Component/Ldap/Tests/LdapTestCase.php
View file
Expand Up @@ -8,6 +8,14 @@ class LdapTestCase extends TestCase
{
protected function getLdapConfig()
{
$h = @ldap_connect(getenv('LDAP_HOST'), getenv('LDAP_PORT'));

if (!$h || !@ldap_bind($h)) {
$this->markTestSkipped('No server is listening on LDAP_HOST:LDAP_PORT');
}

ldap_close($h);

return [
'host' => getenv('LDAP_HOST'),
'port' => getenv('LDAP_PORT'),
Expand Down
4 changes: 3 additions & 1 deletion src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View file
Expand Up @@ -131,6 +131,8 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
} catch (\Exception $e) {
$event->setException($e);
}

return;
}

if (null !== $this->logger) {
Expand All @@ -148,7 +150,7 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
$subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
$subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);

$event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST));
$event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
$event->allowCustomResponseCode();
}
} catch (\Exception $e) {
Expand Down
63 changes: 7 additions & 56 deletions src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
View file
Expand Up @@ -130,8 +130,10 @@ public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAn
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $this->createCustomAccessDeniedHandler(new Response('error')));
$accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
$accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error')));

$listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler);
$listener->onKernelException($event);

$this->assertEquals('error', $event->getResponse()->getContent());
Expand All @@ -145,48 +147,13 @@ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint());
$listener->onKernelException($event);

$this->assertEquals('OK', $event->getResponse()->getContent());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
}

/**
* @dataProvider getAccessDeniedExceptionProvider
*/
public function testAccessDeniedExceptionNotFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null)
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint(), null, $this->createCustomAccessDeniedHandler(new Response('denied', 403)));
$listener->onKernelException($event);

$this->assertEquals('denied', $event->getResponse()->getContent());
$this->assertEquals(403, $event->getResponse()->getStatusCode());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
}

/**
* @dataProvider getAccessDeniedExceptionProvider
*/
public function testAccessDeniedExceptionNotFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null)
{
$kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
$kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('Unauthorized', 401)));

$event = $this->createEvent($exception, $kernel);

$httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
$httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error')));
$tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
$tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));

$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(true), $httpUtils, null, '/error');
$listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint());
$listener->onKernelException($event);

$this->assertTrue($event->isAllowingCustomResponseCode());

$this->assertEquals('Unauthorized', $event->getResponse()->getContent());
$this->assertEquals(401, $event->getResponse()->getStatusCode());
$this->assertEquals('OK', $event->getResponse()->getContent());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
}

Expand All @@ -201,22 +168,6 @@ public function getAccessDeniedExceptionProvider()
];
}

private function createTokenStorage()
{
$tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
$tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));

return $tokenStorage;
}

private function createCustomAccessDeniedHandler(Response $response)
{
$accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
$accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue($response));

return $accessDeniedHandler;
}

private function createEntryPoint(Response $response = null)
{
$entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock();
Expand Down
48 changes: 48 additions & 0 deletions src/Symfony/Component/Validator/Resources/translations/validators.tl.xlf
View file
Expand Up @@ -314,6 +314,54 @@
<source>This is not a valid Business Identifier Code (BIC).</source>
<target>Ito ay hindi isang balidong Business Identifier Code (BIC).</target>
</trans-unit>
<trans-unit id="82">
<source>Error</source>
<target>Error</target>
</trans-unit>
<trans-unit id="83">
<source>This is not a valid UUID.</source>
<target>Ito ay hindi wastong UUID.</target>
</trans-unit>
<trans-unit id="84">
<source>This value should be a multiple of {{ compared_value }}.</source>
<target>Ang halagang ito ay dapat multiple ng {{ compared_value }}.</target>
</trans-unit>
<trans-unit id="85">
<source>This Business Identifier Code (BIC) is not associated with IBAN {{ iban }}.</source>
<target>Ang Business Identifier Code (BIC) na ito ay walang kaugnayan sa IBAN {{ iban }}.</target>
</trans-unit>
<trans-unit id="86">
<source>This value should be valid JSON.</source>
<target>Ang halagang ito ay dapat naka wastong JSON.</target>
</trans-unit>
<trans-unit id="87">
<source>This collection should contain only unique elements.</source>
<target>Ang mga elemento ng koleksyong ito ay dapat magkakaiba.</target>
</trans-unit>
<trans-unit id="88">
<source>This value should be positive.</source>
<target>Ang halagang ito ay dapat positibo.</target>
</trans-unit>
<trans-unit id="89">
<source>This value should be either positive or zero.</source>
<target>Ang halagang ito ay dapat positibo o zero.</target>
</trans-unit>
<trans-unit id="90">
<source>This value should be negative.</source>
<target>Ang halagang ito ay dapat negatibo.</target>
</trans-unit>
<trans-unit id="91">
<source>This value should be either negative or zero.</source>
<target>Ang halagang ito ay dapat negatibo o zero.</target>
</trans-unit>
<trans-unit id="92">
<source>This value is not a valid timezone.</source>
<target>Ang halagang ito ay hindi wastong timezone.</target>
</trans-unit>
<trans-unit id="93">
<source>This password has been leaked in a data breach, it must not be used. Please use another password.</source>
<target>Naikalat ang password na ito sa isang data breach at hindi na dapat gamitin. Mangyaring gumamit ng ibang pang password.</target>
</trans-unit>
</body>
</file>
</xliff>
2 changes: 1 addition & 1 deletion src/Symfony/Component/VarDumper/Tests/Caster/ReflectionCasterTest.php
View file
Expand Up @@ -37,7 +37,7 @@ public function testReflectionCaster()
%A]
constants: array:3 [
"IS_IMPLICIT_ABSTRACT" => 16
"IS_EXPLICIT_ABSTRACT" => 32
"IS_EXPLICIT_ABSTRACT" => %d
"IS_FINAL" => %d
]
properties: array:%d [
Expand Down

0 comments on commit 6aec217

Please sign in to comment.