Skip to content

Commit

Permalink
Merge branch '4.2'
Browse files Browse the repository at this point in the history 
* 4.2:
  Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
  [FrameworkBundle] minor: remove a typo from changelog
  [VarDumper] fix tests with ICU 64.1
  [VarDumper][Ldap] relax some locally failing tests
  [Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
  Make MimeTypeExtensionGuesser case insensitive
  Fix get session when the request stack is empty
  [Routing] fix trailing slash redirection with non-greedy trailing vars
  [FrameworkBundle] decorate the ValidatorBuilder's translator with LegacyTranslatorProxy
  • Loading branch information
@nicolas-grekas
nicolas-grekas committed Apr 17, 2019
2 parents 899985e + 2d2ff38 commit 8d96861
Show file tree
Hide file tree
Showing 19 changed files with 163 additions and 76 deletions.
2 changes: 1 addition & 1 deletion src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
View file
Expand Up @@ -166,7 +166,7 @@ CHANGELOG
The default value will be `state_machine` in Symfony 4.0.
* Deprecated the `CompilerDebugDumpPass` class
* Deprecated the "framework.trusted_proxies" configuration option and the corresponding "kernel.trusted_proxies" parameter
* Added a new new version strategy option called json_manifest_path
* Added a new version strategy option called "json_manifest_path"
that allows you to use the `JsonManifestVersionStrategy`.
* Added `Symfony\Bundle\FrameworkBundle\Controller\AbstractController`. It provides
the same helpers as the `Controller` class, but does not allow accessing the dependency
Expand Down
7 changes: 7 additions & 0 deletions src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
View file
Expand Up @@ -110,6 +110,7 @@
use Symfony\Component\Validator\ConstraintValidatorInterface;
use Symfony\Component\Validator\Mapping\Loader\PropertyInfoLoader;
use Symfony\Component\Validator\ObjectInitializerInterface;
use Symfony\Component\Validator\Util\LegacyTranslatorProxy;
use Symfony\Component\WebLink\HttpHeaderSerializer;
use Symfony\Component\Workflow;
use Symfony\Component\Workflow\WorkflowInterface;
Expand Down Expand Up @@ -1208,6 +1209,12 @@ private function registerValidationConfiguration(array $config, ContainerBuilder

$validatorBuilder = $container->getDefinition('validator.builder');

if (class_exists(LegacyTranslatorProxy::class)) {
$calls = $validatorBuilder->getMethodCalls();
$calls[1] = ['setTranslator', [new Definition(LegacyTranslatorProxy::class, [new Reference('translator')])]];
$validatorBuilder->setMethodCalls($calls);
}

$container->setParameter('validator.translation_domain', $config['translation_domain']);

$files = ['xml' => [], 'yml' => []];
Expand Down
7 changes: 6 additions & 1 deletion src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
View file
Expand Up @@ -55,6 +55,7 @@
use Symfony\Component\Translation\DependencyInjection\TranslatorPass;
use Symfony\Component\Validator\DependencyInjection\AddConstraintValidatorsPass;
use Symfony\Component\Validator\Mapping\Loader\PropertyInfoLoader;
use Symfony\Component\Validator\Util\LegacyTranslatorProxy;
use Symfony\Component\Validator\Validation;
use Symfony\Component\Workflow;

Expand Down Expand Up @@ -882,7 +883,11 @@ public function testValidation()
$this->assertSame('setConstraintValidatorFactory', $calls[0][0]);
$this->assertEquals([new Reference('validator.validator_factory')], $calls[0][1]);
$this->assertSame('setTranslator', $calls[1][0]);
$this->assertEquals([new Reference('translator')], $calls[1][1]);
if (class_exists(LegacyTranslatorProxy::class)) {
$this->assertEquals([new Definition(LegacyTranslatorProxy::class, [new Reference('translator')])], $calls[1][1]);
} else {
$this->assertEquals([new Reference('translator')], $calls[1][1]);
}
$this->assertSame('setTranslationDomain', $calls[2][0]);
$this->assertSame(['%validator.translation_domain%'], $calls[2][1]);
$this->assertSame('addXmlMappings', $calls[3][0]);
Expand Down
8 changes: 7 additions & 1 deletion src/Symfony/Component/HttpFoundation/File/MimeType/MimeTypeExtensionGuesser.php
View file
Expand Up @@ -814,6 +814,12 @@ class MimeTypeExtensionGuesser implements ExtensionGuesserInterface
*/
public function guess($mimeType)
{
return isset($this->defaultExtensions[$mimeType]) ? $this->defaultExtensions[$mimeType] : null;
if (isset($this->defaultExtensions[$mimeType])) {
return $this->defaultExtensions[$mimeType];
}

$lcMimeType = strtolower($mimeType);

return isset($this->defaultExtensions[$lcMimeType]) ? $this->defaultExtensions[$lcMimeType] : null;
}
}
Binary file added src/Symfony/Component/HttpFoundation/Tests/File/Fixtures/case-sensitive-mime-type.xlsm
View file
Binary file not shown.
12 changes: 12 additions & 0 deletions src/Symfony/Component/HttpFoundation/Tests/File/UploadedFileTest.php
View file
Expand Up @@ -94,6 +94,18 @@ public function testGuessClientExtensionWithIncorrectMimeType()
$this->assertEquals('jpeg', $file->guessClientExtension());
}

public function testCaseSensitiveMimeType()
{
$file = new UploadedFile(
__DIR__.'/Fixtures/case-sensitive-mime-type.xlsm',
'test.xlsm',
'application/vnd.ms-excel.sheet.macroEnabled.12',
null
);

$this->assertEquals('xlsm', $file->guessClientExtension());
}

public function testErrorIsOkByDefault()
{
$file = new UploadedFile(
Expand Down
3 changes: 2 additions & 1 deletion src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
View file
Expand Up @@ -40,7 +40,8 @@ protected function getSession()

if ($this->container->has('session_storage')
&& ($storage = $this->container->get('session_storage')) instanceof NativeSessionStorage
&& $this->container->get('request_stack')->getMasterRequest()->isSecure()
&& ($masterRequest = $this->container->get('request_stack')->getMasterRequest())
&& $masterRequest->isSecure()
) {
$storage->setOptions(['cookie_secure' => true]);
}
Expand Down
10 changes: 10 additions & 0 deletions src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
View file
Expand Up @@ -15,8 +15,10 @@
use Symfony\Component\DependencyInjection\Container;
use Symfony\Component\DependencyInjection\ServiceLocator;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
Expand All @@ -41,8 +43,16 @@ public function testSessionIsSet()
{
$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();

$requestStack = $this->getMockBuilder(RequestStack::class)->getMock();
$requestStack->expects($this->once())->method('getMasterRequest')->willReturn(null);

$sessionStorage = $this->getMockBuilder(NativeSessionStorage::class)->getMock();
$sessionStorage->expects($this->never())->method('setOptions')->with(['cookie_secure' => true]);

$container = new Container();
$container->set('session', $session);
$container->set('request_stack', $requestStack);
$container->set('session_storage', $sessionStorage);

$request = new Request();
$listener = new SessionListener($container);
Expand Down
8 changes: 8 additions & 0 deletions src/Symfony/Component/Ldap/Tests/LdapTestCase.php
View file
Expand Up @@ -8,6 +8,14 @@ class LdapTestCase extends TestCase
{
protected function getLdapConfig()
{
$h = @ldap_connect(getenv('LDAP_HOST'), getenv('LDAP_PORT'));

if (!$h || !@ldap_bind($h)) {
$this->markTestSkipped('No server is listening on LDAP_HOST:LDAP_PORT');
}

ldap_close($h);

return [
'host' => getenv('LDAP_HOST'),
'port' => getenv('LDAP_PORT'),
Expand Down
17 changes: 15 additions & 2 deletions src/Symfony/Component/Mime/MimeTypes.php
View file
Expand Up @@ -39,6 +39,7 @@
final class MimeTypes implements MimeTypesInterface
{
private $extensions = [];
private $mimeTypes = [];

/**
* @var MimeTypeGuesserInterface[]
Expand All @@ -50,6 +51,10 @@ public function __construct(array $map = [])
{
foreach ($map as $mimeType => $extensions) {
$this->extensions[$mimeType] = $extensions;

foreach ($extensions as $extension) {
$this->mimeTypes[$extension] = $mimeType;
}
}
$this->registerGuesser(new FileBinaryMimeTypeGuesser());
$this->registerGuesser(new FileinfoMimeTypeGuesser());
Expand Down Expand Up @@ -80,15 +85,23 @@ public function registerGuesser(MimeTypeGuesserInterface $guesser)
*/
public function getExtensions(string $mimeType): array
{
return $this->extensions[$mimeType] ?? self::$map[$mimeType] ?? [];
if ($this->extensions) {
$extensions = $this->extensions[$mimeType] ?? $this->extensions[$lcMimeType = strtolower($mimeType)] ?? null;
}

return $extensions ?? self::$map[$mimeType] ?? self::$map[$lcMimeType ?? strtolower($mimeType)] ?? [];
}

/**
* {@inheritdoc}
*/
public function getMimeTypes(string $ext): array
{
return self::$reverseMap[$ext] ?? [];
if ($this->mimeTypes) {
$mimeTypes = $this->mimeTypes[$ext] ?? $this->mimeTypes[$lcExt = strtolower($ext)] ?? null;
}

return $mimeTypes ?? self::$reverseMap[$ext] ?? self::$reverseMap[$lcExt ?? strtolower($ext)] ?? [];
}

/**
Expand Down
13 changes: 9 additions & 4 deletions src/Symfony/Component/Routing/Matcher/Dumper/CompiledUrlMatcherTrait.php
View file
Expand Up @@ -136,17 +136,22 @@ private function doMatch(string $pathinfo, array &$allow = [], array &$allowSche
}

$hasTrailingVar = $trimmedPathinfo !== $pathinfo && $hasTrailingVar;

if ($hasTrailingVar && ($hasTrailingSlash || '/' !== substr($matches[\count($vars)], -1)) && preg_match($regex, $this->matchHost ? $host.'.'.$trimmedPathinfo : $trimmedPathinfo, $n) && $m === (int) $n['MARK']) {
if ($hasTrailingSlash) {
$matches = $n;
} else {
$hasTrailingVar = false;
}
}

if ('/' !== $pathinfo && !$hasTrailingVar && $hasTrailingSlash === ($trimmedPathinfo === $pathinfo)) {
if ($supportsRedirections && (!$requiredMethods || isset($requiredMethods['GET']))) {
return $allow = $allowSchemes = [];
}
continue;
}

if ($hasTrailingSlash && $hasTrailingVar && preg_match($regex, $this->matchHost ? $host.'.'.$trimmedPathinfo : $trimmedPathinfo, $n) && $m === (int) $n['MARK']) {
$matches = $n;
}

foreach ($vars as $i => $v) {
if (isset($matches[1 + $i])) {
$ret[$v] = $matches[1 + $i];
Expand Down
12 changes: 8 additions & 4 deletions src/Symfony/Component/Routing/Matcher/UrlMatcher.php
View file
Expand Up @@ -158,6 +158,14 @@ protected function matchCollection($pathinfo, RouteCollection $routes)

$hasTrailingVar = $trimmedPathinfo !== $pathinfo && preg_match('#\{\w+\}/?$#', $route->getPath());

if ($hasTrailingVar && ($hasTrailingSlash || '/' !== substr($matches[(\count($matches) - 1) >> 1], -1)) && preg_match($regex, $trimmedPathinfo, $m)) {
if ($hasTrailingSlash) {
$matches = $m;
} else {
$hasTrailingVar = false;
}
}

if ('/' !== $pathinfo && !$hasTrailingVar && $hasTrailingSlash === ($trimmedPathinfo === $pathinfo)) {
if ($supportsTrailingSlash && (!$requiredMethods || \in_array('GET', $requiredMethods))) {
return $this->allow = $this->allowSchemes = [];
Expand All @@ -166,10 +174,6 @@ protected function matchCollection($pathinfo, RouteCollection $routes)
continue;
}

if ($hasTrailingSlash && $hasTrailingVar && preg_match($regex, $trimmedPathinfo, $m)) {
$matches = $m;
}

$hostMatches = [];
if ($compiledRoute->getHostRegex() && !preg_match($compiledRoute->getHostRegex(), $this->context->getHost(), $hostMatches)) {
continue;
Expand Down
11 changes: 11 additions & 0 deletions src/Symfony/Component/Routing/Tests/Matcher/RedirectableUrlMatcherTest.php
View file
Expand Up @@ -187,6 +187,17 @@ public function testSlashAndVerbPrecedenceWithRedirection()
$this->assertEquals($expected, $matcher->match('/api/customers/123/contactpersons'));
}

public function testNonGreedyTrailingRequirement()
{
$coll = new RouteCollection();
$coll->add('a', new Route('/{a}', [], ['a' => '\d+']));

$matcher = $this->getUrlMatcher($coll);
$matcher->expects($this->once())->method('redirect')->with('/123')->willReturn([]);

$this->assertEquals(['_route' => 'a', 'a' => '123'], $matcher->match('/123/'));
}

protected function getUrlMatcher(RouteCollection $routes, RequestContext $context = null)
{
return $this->getMockForAbstractClass('Symfony\Component\Routing\Matcher\RedirectableUrlMatcher', [$routes, $context ?: new RequestContext()]);
Expand Down
4 changes: 3 additions & 1 deletion src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View file
Expand Up @@ -133,6 +133,8 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
} catch (\Exception $e) {
$event->setException($e);
}

return;
}

if (null !== $this->logger) {
Expand All @@ -150,7 +152,7 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
$subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
$subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);

$event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST));
$event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
$event->allowCustomResponseCode();
}
} catch (\Exception $e) {
Expand Down
63 changes: 7 additions & 56 deletions src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
View file
Expand Up @@ -131,8 +131,10 @@ public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAn
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $this->createCustomAccessDeniedHandler(new Response('error')));
$accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
$accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error')));

$listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler);
$listener->onKernelException($event);

$this->assertEquals('error', $event->getResponse()->getContent());
Expand All @@ -146,48 +148,13 @@ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint());
$listener->onKernelException($event);

$this->assertEquals('OK', $event->getResponse()->getContent());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
}

/**
* @dataProvider getAccessDeniedExceptionProvider
*/
public function testAccessDeniedExceptionNotFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null)
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint(), null, $this->createCustomAccessDeniedHandler(new Response('denied', 403)));
$listener->onKernelException($event);

$this->assertEquals('denied', $event->getResponse()->getContent());
$this->assertEquals(403, $event->getResponse()->getStatusCode());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
}

/**
* @dataProvider getAccessDeniedExceptionProvider
*/
public function testAccessDeniedExceptionNotFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null)
{
$kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
$kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('Unauthorized', 401)));

$event = $this->createEvent($exception, $kernel);

$httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
$httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error')));
$tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
$tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));

$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(true), $httpUtils, null, '/error');
$listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint());
$listener->onKernelException($event);

$this->assertTrue($event->isAllowingCustomResponseCode());

$this->assertEquals('Unauthorized', $event->getResponse()->getContent());
$this->assertEquals(401, $event->getResponse()->getStatusCode());
$this->assertEquals('OK', $event->getResponse()->getContent());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
}

Expand All @@ -202,22 +169,6 @@ public function getAccessDeniedExceptionProvider()
];
}

private function createTokenStorage()
{
$tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
$tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));

return $tokenStorage;
}

private function createCustomAccessDeniedHandler(Response $response)
{
$accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
$accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue($response));

return $accessDeniedHandler;
}

private function createEntryPoint(Response $response = null)
{
$entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock();
Expand Down

0 comments on commit 8d96861

Please sign in to comment.