Merge branch '5.4' into 6.0

* 5.4: [Filesystem] Workaround cannot dumpFile into "protected" folders on Windows Handle concurency in Csrf DoctrineTokenProvider Missing translations for Chinese (zh_CN) #41814 [VarDumper] improve support for AmpHttpClient update Italian translation Fix SessionTokenStorage reuse with Request added missing Arabic translations
symfony · Jun 30, 2021 · b6aaf51 · b6aaf51
2 parents f4d1e4f + eb2cae6
commit b6aaf51
Show file tree

Hide file tree

Showing 9 changed files with 98 additions and 15 deletions.
diff --git a/src/Symfony/Bridge/Doctrine/Security/RememberMe/DoctrineTokenProvider.php b/src/Symfony/Bridge/Doctrine/Security/RememberMe/DoctrineTokenProvider.php
@@ -192,8 +192,15 @@ public function updateExistingToken(PersistentTokenInterface $token, string $tok
             return;
         }
 
-        $this->deleteTokenBySeries($tmpSeries);
-        $this->createNewToken(new PersistentToken($token->getClass(), $token->getUserIdentifier(), $tmpSeries, $token->getTokenValue(), $lastUsed));
+        $this->conn->beginTransaction();
+        try {
+            $this->deleteTokenBySeries($tmpSeries);
+            $this->createNewToken(new PersistentToken($token->getClass(), $token->getUserIdentifier(), $tmpSeries, $token->getTokenValue(), $lastUsed));
+
+            $this->conn->commit();
+        } catch (\Exception $e) {
+            $this->conn->rollBack();
+        }
     }
 
     /**

diff --git a/src/Symfony/Component/Filesystem/Filesystem.php b/src/Symfony/Component/Filesystem/Filesystem.php
@@ -651,10 +651,6 @@ public function dumpFile(string $filename, $content)
             $this->mkdir($dir);
         }
 
-        if (!is_writable($dir)) {
-            throw new IOException(sprintf('Unable to write to the "%s" directory.', $dir), 0, null, $dir);
-        }
-
         // Will create a temp file with 0600 access rights
         // when the filesystem supports chmod.
         $tmpFile = $this->tempnam($dir, basename($filename));
@@ -693,10 +689,6 @@ public function appendToFile(string $filename, $content)
             $this->mkdir($dir);
         }
 
-        if (!is_writable($dir)) {
-            throw new IOException(sprintf('Unable to write to the "%s" directory.', $dir), 0, null, $dir);
-        }
-
         if (false === self::box('file_put_contents', $filename, $content, \FILE_APPEND)) {
             throw new IOException(sprintf('Failed to write file "%s": ', $filename).self::$lastError, 0, null, $filename);
         }

diff --git a/src/Symfony/Component/Filesystem/Tests/FilesystemTest.php b/src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
@@ -1762,6 +1762,27 @@ public function testCopyShouldKeepExecutionPermission()
         $this->assertFilePermissions(767, $targetFilePath);
     }
 
+    public function testDumpToProtectedDirectory()
+    {
+        if (\DIRECTORY_SEPARATOR !== '\\') {
+            $this->markTestSkipped('This test is specific to Windows.');
+        }
+
+        if (($userProfilePath = getenv('USERPROFILE')) === false || !is_dir($userProfilePath)) {
+            throw new \RuntimeException('Failed to retrieve user profile path.');
+        }
+
+        $targetPath = implode(\DIRECTORY_SEPARATOR, [$userProfilePath, 'Downloads', '__test_file.ext']);
+
+        try {
+            $this->assertFileDoesNotExist($targetPath);
+            $this->filesystem->dumpFile($targetPath, 'foobar');
+            $this->assertFileExists($targetPath);
+        } finally {
+            $this->filesystem->remove($targetPath);
+        }
+    }
+
     /**
      * Normalize the given path (transform each forward slash into a real directory separator).
      */

diff --git a/src/Symfony/Component/Security/Csrf/Tests/TokenStorage/SessionTokenStorageTest.php b/src/Symfony/Component/Security/Csrf/Tests/TokenStorage/SessionTokenStorageTest.php
@@ -12,6 +12,7 @@
 namespace Symfony\Component\Security\Csrf\Tests\TokenStorage;
 
 use PHPUnit\Framework\TestCase;
+use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Session\Session;
@@ -24,6 +25,8 @@
  */
 class SessionTokenStorageTest extends TestCase
 {
+    use ExpectDeprecationTrait;
+
     private const SESSION_NAMESPACE = 'foobar';
 
     /**
@@ -159,4 +162,50 @@ public function testClearDoesNotRemoveNonNamespacedSessionValues()
         $this->assertTrue($this->session->has('foo'));
         $this->assertSame('baz', $this->session->get('foo'));
     }
+
+    /**
+     * @group legacy
+     */
+    public function testMockSessionIsCreatedWhenMissing()
+    {
+        $this->expectDeprecation('Since symfony/security-csrf 5.3: Using the "Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage" without a session has no effect and is deprecated. It will throw a "Symfony\Component\HttpFoundation\Exception\SessionNotFoundException" in Symfony 6.0');
+
+        $this->storage->setToken('token_id', 'TOKEN');
+
+        $requestStack = new RequestStack();
+        $storage = new SessionTokenStorage($requestStack, self::SESSION_NAMESPACE);
+
+        $this->assertFalse($storage->hasToken('foo'));
+        $storage->setToken('foo', 'bar');
+        $this->assertTrue($storage->hasToken('foo'));
+        $this->assertSame('bar', $storage->getToken('foo'));
+
+        $session = new Session(new MockArraySessionStorage());
+        $request = new Request();
+        $request->setSession($session);
+        $requestStack->push($request);
+    }
+
+    /**
+     * @group legacy
+     */
+    public function testMockSessionIsReusedEvenWhenRequestHasSession()
+    {
+        $this->expectDeprecation('Since symfony/security-csrf 5.3: Using the "Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage" without a session has no effect and is deprecated. It will throw a "Symfony\Component\HttpFoundation\Exception\SessionNotFoundException" in Symfony 6.0');
+
+        $this->storage->setToken('token_id', 'TOKEN');
+
+        $requestStack = new RequestStack();
+        $storage = new SessionTokenStorage($requestStack, self::SESSION_NAMESPACE);
+
+        $storage->setToken('foo', 'bar');
+        $this->assertSame('bar', $storage->getToken('foo'));
+
+        $session = new Session(new MockArraySessionStorage());
+        $request = new Request();
+        $request->setSession($session);
+        $requestStack->push($request);
+
+        $this->assertSame('bar', $storage->getToken('foo'));
+    }
 }
diff --git a/src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php b/src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php
@@ -34,7 +34,7 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
     private $requestStack;
     private $namespace;
     /**
-     * Tp be remove in Symfony 6.0
+     * To be removed in Symfony 6.0.
      */
     private $session;
 
@@ -130,7 +130,7 @@ public function clear()
     private function getSession(): SessionInterface
     {
         try {
-            return $this->requestStack->getSession();
+            return $this->session ?? $this->requestStack->getSession();
         } catch (SessionNotFoundException $e) {
             trigger_deprecation('symfony/security-csrf', '5.3', 'Using the "%s" without a session has no effect and is deprecated. It will throw a "%s" in Symfony 6.0', __CLASS__, SessionNotFoundException::class);
 

diff --git a/src/Symfony/Component/Validator/Resources/translations/validators.ar.xlf b/src/Symfony/Component/Validator/Resources/translations/validators.ar.xlf
@@ -386,6 +386,10 @@
                 <source>This value is not a valid International Securities Identification Number (ISIN).</source>
                 <target> صالح (ISIN) هذه القيمة ليست رقم تعريف الأوراق المالية الدولي.</target>
             </trans-unit>
+            <trans-unit id="100">
+                <source>This value should be a valid expression.</source>
+                <target>يجب أن تكون هذه القيمة تعبيرًا صالحًا.</target>
+            </trans-unit>
         </body>
     </file>
 </xliff>
diff --git a/src/Symfony/Component/Validator/Resources/translations/validators.it.xlf b/src/Symfony/Component/Validator/Resources/translations/validators.it.xlf
@@ -386,6 +386,10 @@
                 <source>This value is not a valid International Securities Identification Number (ISIN).</source>
                 <target>Questo valore non è un codice identificativo internazionale di valori mobiliari (ISIN) valido.</target>
             </trans-unit>
+            <trans-unit id="100">
+                <source>This value should be a valid expression.</source>
+                <target>Questo valore dovrebbe essere un'espressione valida.</target>
+            </trans-unit>
         </body>
     </file>
 </xliff>
diff --git a/src/Symfony/Component/Validator/Resources/translations/validators.zh_CN.xlf b/src/Symfony/Component/Validator/Resources/translations/validators.zh_CN.xlf
@@ -368,23 +368,27 @@
             </trans-unit>
             <trans-unit id="95">
                 <source>This value is not a valid hostname.</source>
-                <target>该数值不是有效的主机名称。</target>
+                <target>该值不是有效的主机名称。</target>
             </trans-unit>
             <trans-unit id="96">
                 <source>The number of elements in this collection should be a multiple of {{ compared_value }}.</source>
                 <target>该集合内的元素数量得是 {{ compared_value }} 的倍数。</target>
             </trans-unit>
             <trans-unit id="97">
                 <source>This value should satisfy at least one of the following constraints:</source>
-                <target>该数值需符合以下其中一个约束：</target>
+                <target>该值需符合以下其中一个约束：</target>
             </trans-unit>
             <trans-unit id="98">
                 <source>Each element of this collection should satisfy its own set of constraints.</source>
                 <target>该集合内的每个元素需符合元素本身规定的约束。</target>
             </trans-unit>
             <trans-unit id="99">
                 <source>This value is not a valid International Securities Identification Number (ISIN).</source>
-                <target>该数值不是有效的国际证券识别码 （ISIN）。</target>
+                <target>该值不是有效的国际证券识别码 （ISIN）。</target>
+            </trans-unit>
+            <trans-unit id="100">
+                <source>This value should be a valid expression.</source>
+                <target>该值需为一个有效的表达式。</target>
             </trans-unit>
         </body>
     </file>

diff --git a/src/Symfony/Component/VarDumper/Cloner/AbstractCloner.php b/src/Symfony/Component/VarDumper/Cloner/AbstractCloner.php
@@ -81,8 +81,10 @@ abstract class AbstractCloner implements ClonerInterface
         'Symfony\Bridge\Monolog\Logger' => ['Symfony\Component\VarDumper\Caster\StubCaster', 'cutInternals'],
         'Symfony\Component\DependencyInjection\ContainerInterface' => ['Symfony\Component\VarDumper\Caster\StubCaster', 'cutInternals'],
         'Symfony\Component\EventDispatcher\EventDispatcherInterface' => ['Symfony\Component\VarDumper\Caster\StubCaster', 'cutInternals'],
+        'Symfony\Component\HttpClient\AmpHttpClient' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castHttpClient'],
         'Symfony\Component\HttpClient\CurlHttpClient' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castHttpClient'],
         'Symfony\Component\HttpClient\NativeHttpClient' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castHttpClient'],
+        'Symfony\Component\HttpClient\Response\AmpResponse' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castHttpClientResponse'],
         'Symfony\Component\HttpClient\Response\CurlResponse' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castHttpClientResponse'],
         'Symfony\Component\HttpClient\Response\NativeResponse' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castHttpClientResponse'],
         'Symfony\Component\HttpFoundation\Request' => ['Symfony\Component\VarDumper\Caster\SymfonyCaster', 'castRequest'],