Merge branch '3.4'

* 3.4: (26 commits)
  bumped Symfony version to 3.3.11
  updated VERSION for 3.3.10
  updated CHANGELOG for 3.3.10
  bumped Symfony version to 2.8.29
  updated VERSION for 2.8.28
  updated CHANGELOG for 2.8.28
  bumped Symfony version to 2.7.36
  updated VERSION for 2.7.35
  update CONTRIBUTORS for 2.7.35
  updated CHANGELOG for 2.7.35
  Added deprecation to cwd not existing Fixes #18249
  [Session] fix MongoDb session handler to gc all expired sessions
  Add changelog for deprecated DbalSessionHandler
  [Security] Look at headers for switch user username parameter
  Updated Test name and exception name to be more accurate
  newline at end of file
  changed exception message
  Ahh, I see.  It actually wants a newline!
  Removed newline
  Created new Exception to throw and modified tests.
  ...

CHANGELOG-3.3.md

@@ -7,6 +7,44 @@ in 3.3 minor versions.
 To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash
 To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v3.3.0...v3.3.1
 
+* 3.3.10 (2017-10-05)
+
+ * bug #23906 Added support for guards when advancing workflow from a command (GDIBass)
+ * bug #24448 [Session] fix MongoDb session handler to gc all expired sessions (Tobion)
+ * bug #24431 [FrameworkBundle] Fix bad interface hint in AbstractController (nicolas-grekas)
+ * bug #24419 [Cache] Fix race condition in TagAwareAdapter (nicolas-grekas)
+ * bug #24417 [Yaml] parse references on merge keys (xabbuh)
+ * bug #24416 [Yaml] treat trailing backslashes in multi-line strings (xabbuh)
+ * bug #24421 [Config] Fix dumped files invalidation by OPCache (nicolas-grekas)
+ * bug #24418 [DI] Allow setting any public non-initialized services (nicolas-grekas)
+ * bug #23980 Tests and fix for issue in array model data in EntityType field with multiple=true (stoccc)
+ * bug #22586 [Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible (aaa2000)
+ * bug #24157 [Intl] Fixed support of Locale::getFallback (lyrixx)
+ * bug #24198 [HttpFoundation] Fix file upload multiple with no files (enumag)
+ * bug #24379 [PHPUnitBridge] don't remove when set to  empty string (Simperfit)
+ * bug #24036 [Form] Fix precision of MoneyToLocalizedStringTransformer's divisions and multiplications (Rubinum)
+ * bug #24191 [DependencyInjection] include file and line number in deprecation (xabbuh)
+ * bug #24367 PdoSessionHandler: fix advisory lock for pgsql (Tobion)
+ * bug #24189 [Yaml] parse merge keys with PARSE_OBJECT_FOR_MAP flag (xabbuh)
+ * bug #24243 HttpCache does not consider ESI resources in HEAD requests (mpdude)
+ * bug #24237 [WebProfilerBundle] Added missing link to profile token (vtsykun)
+ * bug #24244 TwigBundle exception/deprecation tweaks (ro0NL)
+ * bug #24281 [TwigBundle] Remove profiler related scripting (ro0NL, javiereguiluz)
+ * bug #24251 [PropertyAccess] Set a NullLogger in ApcuAdapter when Apcu is disabled in CLI (iamluc)
+ * bug #24304 [FrameworkBundle] Fix Routing\DelegatingLoader (nicolas-grekas)
+ * bug #24305 [HttpKernel] Make array vs "::" controller definitions consistent (nicolas-grekas)
+ * bug #24255 [TwigBundle] Break long lines in exceptions (kevin-verschaeve)
+ * bug #24219 [Console] Preserving line breaks between sentences according to the exception message (yceruto)
+ * bug #24192 [PhpUnitBridge] do not require an error context (xabbuh)
+ * bug #23722 [Form] Fixed GroupSequence with "constraints" option (HeahDude)
+ * bug #22321 [Filesystem] Fixed makePathRelative (ausi)
+ * bug #24234 [DI] Fix decorated service merge in ResolveInstanceofConditionalsPass (dunglas)
+ * bug #24203 [Security] Preserve URI fragment in HttpUtils::generateUri() (chalasr)
+ * bug #24199 [DI] Fix non-instantiables auto-discovery (nicolas-grekas)
+ * bug #23473 [Filesystem] mirror - fix copying content with same name as source/target. (gitlost)
+ * bug #24177 [FrameworkBundle] Add support to environment variables APP_ENV/DEBUG in KernelTestCase (yceruto)
+ * bug #24162 [WebProfilerBundle] fixed TemplateManager when using Twig 2 without compat interfaces (fabpot)
+
 * 3.3.9 (2017-09-11)
 
  * bug #24141 [DomCrawler] Fix conversion to int on GetPhpFiles (MaraBlaga)

UPGRADE-3.4.md

@@ -63,6 +63,13 @@ Debug
 
  * Support for stacked errors in the `ErrorHandler` is deprecated and will be removed in Symfony 4.0.
 
+DoctrineBridge
+--------------
+
+* Deprecated `Symfony\Bridge\Doctrine\HttpFoundation\DbalSessionHandler` and
+  `Symfony\Bridge\Doctrine\HttpFoundation\DbalSessionHandlerSchema`. Use
+  `Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler` instead.
+
 EventDispatcher
 ---------------
 
@@ -300,6 +307,8 @@ Process
  * The `Symfony\Component\Process\ProcessBuilder` class has been deprecated,
    use the `Symfony\Component\Process\Process` class directly instead.
 
+ * Calling `Process::start()` without setting a valid working directory (via `setWorkingDirectory()` or constructor) beforehand is deprecated and will throw an exception in 4.0.
+
 Profiler
 --------
 

UPGRADE-4.0.md

@@ -186,6 +186,13 @@ DependencyInjection
 
  * The `ExtensionCompilerPass` has been moved to before-optimization passes with priority -1000.
 
+DoctrineBridge
+--------------
+
+* The `Symfony\Bridge\Doctrine\HttpFoundation\DbalSessionHandler` and
+  `Symfony\Bridge\Doctrine\HttpFoundation\DbalSessionHandlerSchema` have been removed. Use
+  `Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler` instead.
+
 EventDispatcher
 ---------------
 
@@ -639,6 +646,8 @@ Ldap
 Process
 -------
 
+ * Passing a not existing working directory to the constructor of the `Symfony\Component\Process\Process` class is not supported anymore.
+
  * The `Symfony\Component\Process\ProcessBuilder` class has been removed,
    use the `Symfony\Component\Process\Process` class directly instead.
 

src/Symfony/Bridge/Doctrine/CHANGELOG.md

@@ -16,6 +16,8 @@ CHANGELOG
 
  * added support for doctrine/dbal v2.6 types
  * added cause of UniqueEntity constraint violation
+ * deprecated `DbalSessionHandler` and `DbalSessionHandlerSchema` in favor of
+   `Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler`
 
 3.1.0
 -----

src/Symfony/Bundle/SecurityBundle/Tests/Functional/SwitchUserTest.php

@@ -54,7 +54,7 @@ public function testSwitchedUserExit()
     public function testSwitchUserStateless()
     {
         $client = $this->createClient(array('test_case' => 'JsonLogin', 'root_config' => 'switchuser_stateless.yml'));
-        $client->request('POST', '/chk', array('_switch_user' => 'dunglas'), array(), array('CONTENT_TYPE' => 'application/json'), '{"user": {"login": "user_can_switch", "password": "test"}}');
+        $client->request('POST', '/chk', array(), array(), array('HTTP_X_SWITCH_USER' => 'dunglas', 'CONTENT_TYPE' => 'application/json'), '{"user": {"login": "user_can_switch", "password": "test"}}');
         $response = $client->getResponse();
 
         $this->assertInstanceOf(JsonResponse::class, $response);

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/JsonLogin/switchuser_stateless.yml

@@ -10,4 +10,5 @@ security:
     firewalls:
         main:
             switch_user:
+                parameter: X-Switch-User
                 stateless: true

src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php

@@ -116,7 +116,7 @@ public function destroy($sessionId)
      */
     public function gc($maxlifetime)
     {
-        $this->getCollection()->deleteOne(array(
+        $this->getCollection()->deleteMany(array(
             $this->options['expiry_field'] => array('$lt' => new \MongoDB\BSON\UTCDateTime()),
         ));
 

src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php

@@ -181,7 +181,7 @@ public function testGc()
             ->will($this->returnValue($collection));
 
         $collection->expects($this->once())
-            ->method('deleteOne')
+            ->method('deleteMany')
             ->will($this->returnCallback(function ($criteria) {
                 $this->assertInstanceOf(\MongoDB\BSON\UTCDateTime::class, $criteria[$this->options['expiry_field']]['$lt']);
                 $this->assertGreaterThanOrEqual(time() - 1, round((string) $criteria[$this->options['expiry_field']]['$lt'] / 1000));

src/Symfony/Component/Process/CHANGELOG.md

@@ -20,6 +20,7 @@ CHANGELOG
 -----
 
  * deprecated the ProcessBuilder class
+ * deprecated calling `Process::start()` without setting a valid working directory beforehand (via `setWorkingDirectory()` or constructor)
 
 3.3.0
 -----

src/Symfony/Component/Process/Process.php

@@ -296,6 +296,14 @@ public function start(callable $callback = null, array $env = array())
             $ptsWorkaround = fopen(__FILE__, 'r');
         }
 
+        if (!is_dir($this->cwd)) {
+            if ('\\' === DIRECTORY_SEPARATOR) {
+                throw new RuntimeException('The provided cwd does not exist.');
+            }
+
+            @trigger_error('The provided cwd does not exist. Command is currently ran against getcwd(). This behavior is deprecated since version 3.4 and will be removed in 4.0.', E_USER_DEPRECATED);
+        }
+
         $this->process = proc_open($commandline, $descriptors, $this->processPipes->pipes, $this->cwd, null, $options);
 
         foreach ($envBackup as $k => $v) {

src/Symfony/Component/Process/Tests/ProcessTest.php

@@ -47,6 +47,46 @@ protected function tearDown()
         }
     }
 
+    /**
+     * @group legacy
+     * @expectedDeprecation The provided cwd does not exist. Command is currently ran against getcwd(). This behavior is deprecated since version 3.4 and will be removed in 4.0.
+     */
+    public function testInvalidCwd()
+    {
+        if ('\\' === DIRECTORY_SEPARATOR) {
+            $this->markTestSkipped('Windows handles this automatically.');
+        }
+
+        // Check that it works fine if the CWD exists
+        $cmd = new Process('echo test', __DIR__);
+        $cmd->run();
+
+        $cmd = new Process('echo test', __DIR__.'/notfound/');
+        $cmd->run();
+    }
+
+    /**
+     * @expectedException \Symfony\Component\Process\Exception\RuntimeException
+     * @expectedExceptionMessage The provided cwd does not exist.
+     */
+    public function testInvalidCwdOnWindows()
+    {
+        if ('\\' !== DIRECTORY_SEPARATOR) {
+            $this->markTestSkipped('Unix handles this automatically.');
+        }
+
+        try {
+            // Check that it works fine if the CWD exists
+            $cmd = new Process('echo test', __DIR__);
+            $cmd->run();
+        } catch (\Exception $e) {
+            $this->fail($e);
+        }
+
+        $cmd = new Process('echo test', __DIR__.'/notfound/');
+        $cmd->run();
+    }
+
     public function testThatProcessDoesNotThrowWarningDuringRun()
     {
         if ('\\' === DIRECTORY_SEPARATOR) {

src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php

@@ -79,16 +79,17 @@ public function __construct(TokenStorageInterface $tokenStorage, UserProviderInt
     public function handle(GetResponseEvent $event)
     {
         $request = $event->getRequest();
+        $username = $request->get($this->usernameParameter) ?: $request->headers->get($this->usernameParameter);
 
-        if (!$request->get($this->usernameParameter)) {
+        if (!$username) {
             return;
         }
 
-        if (self::EXIT_VALUE === $request->get($this->usernameParameter)) {
+        if (self::EXIT_VALUE === $username) {
             $this->tokenStorage->setToken($this->attemptExitUser($request));
         } else {
             try {
-                $this->tokenStorage->setToken($this->attemptSwitchUser($request));
+                $this->tokenStorage->setToken($this->attemptSwitchUser($request, $username));
             } catch (AuthenticationException $e) {
                 throw new \LogicException(sprintf('Switch User failed: "%s"', $e->getMessage()));
             }
@@ -106,20 +107,21 @@ public function handle(GetResponseEvent $event)
     /**
      * Attempts to switch to another user.
      *
-     * @param Request $request A Request instance
+     * @param Request $request  A Request instance
+     * @param string  $username
      *
      * @return TokenInterface|null The new TokenInterface if successfully switched, null otherwise
      *
      * @throws \LogicException
      * @throws AccessDeniedException
      */
-    private function attemptSwitchUser(Request $request)
+    private function attemptSwitchUser(Request $request, $username)
     {
         $token = $this->tokenStorage->getToken();
         $originalToken = $this->getOriginalToken($token);
 
         if (false !== $originalToken) {
-            if ($token->getUsername() === $request->get($this->usernameParameter)) {
+            if ($token->getUsername() === $username) {
                 return $token;
             }
 
@@ -133,8 +135,6 @@ private function attemptSwitchUser(Request $request)
             throw $exception;
         }
 
-        $username = $request->get($this->usernameParameter);
-
         if (null !== $this->logger) {
             $this->logger->info('Attempting to switch to user.', array('username' => $username));
         }

src/Symfony/Component/Workflow/EventListener/GuardListener.php

@@ -16,6 +16,7 @@
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
 use Symfony\Component\Workflow\Event\GuardEvent;
+use Symfony\Component\Workflow\Exception\InvalidTokenConfigurationException;
 
 /**
  * @author Grégoire Pineau <lyrixx@lyrixx.info>
@@ -55,6 +56,10 @@ private function getVariables(GuardEvent $event): array
     {
         $token = $this->tokenStorage->getToken();
 
+        if (null === $token) {
+            throw new InvalidTokenConfigurationException(sprintf('There are no tokens available for workflow %s.', $event->getWorkflowName()));
+        }
+
         if (null !== $this->roleHierarchy) {
             $roles = $this->roleHierarchy->getReachableRoles($token->getRoles());
         } else {

src/Symfony/Component/Workflow/Exception/InvalidTokenConfigurationException.php

@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Workflow\Exception;
+
+/**
+ * Thrown by GuardListener when there is no token set, but guards are placed on a transition.
+ *
+ * @author Matt Johnson <matj1985@gmail.com>
+ */
+class InvalidTokenConfigurationException extends LogicException implements ExceptionInterface
+{
+}

src/Symfony/Component/Workflow/Tests/EventListener/GuardListenerTest.php

@@ -69,6 +69,18 @@ public function testWithSupportedEventAndAccept()
         $this->assertTrue($event->isBlocked());
     }
 
+    /**
+     * @expectedException \Symfony\Component\Workflow\Exception\InvalidTokenConfigurationException
+     * @expectedExceptionMessage There are no tokens available for workflow unnamed.
+     */
+    public function testWithNoTokensInTokenStorage()
+    {
+        $event = $this->createEvent();
+        $this->tokenStorage->setToken(null);
+
+        $this->listener->onTransition($event, 'event_name_a');
+    }
+
     private function createEvent()
     {
         $subject = new \stdClass();