Merge branch '2.8'

* 2.8:
  Fixed tabs when there are several groups of tabs in the same page
  Fix mode
  Fixed failing test for HHVM
  Removed unused logic in MockStream
  Update coding standard for MockStream
  [Filesystem] added tempnam() stream wrapper aware version of PHP's native tempnam() and fixed dumpFile to allow dumping to streams
  Renamed key to secret

Author: fabpot

UPGRADE-3.0.md

@@ -611,7 +611,8 @@ UPGRADE FROM 2.x to 3.0
 
  * The `Resources/` directory was moved to `Core/Resources/`
 
- * The `key` settings of `anonymous` and `remember_me` are renamed to `secret`.
+ * The `key` settings of `anonymous`, `remember_me` and `http_digest` are
+   renamed to `secret`.
 
    Before:
 
@@ -624,6 +625,8 @@ UPGRADE FROM 2.x to 3.0
                anonymous: { key: "%secret%" }
                remember_me:
                    key: "%secret%"
+               http_digest:
+                   key: "%secret%"
    ```
 
    ```xml
@@ -636,6 +639,7 @@ UPGRADE FROM 2.x to 3.0
 
            <anonymous key="%secret%"/>
            <remember-me key="%secret%"/>
+           <http-digest key="%secret%"/>
        </firewall>
    </config>
    ```
@@ -648,6 +652,7 @@ UPGRADE FROM 2.x to 3.0
            // ...
            'anonymous' => array('key' => '%secret%'),
            'remember_me' => array('key' => '%secret%'),
+           'http_digest' => array('key' => '%secret%'),
        ),
    ));
    ```
@@ -663,6 +668,8 @@ UPGRADE FROM 2.x to 3.0
                anonymous: { secret: "%secret%" }
                remember_me:
                    secret: "%secret%"
+               http_digest:
+                   secret: "%secret%"
    ```
 
    ```xml
@@ -675,6 +682,7 @@ UPGRADE FROM 2.x to 3.0
 
            <anonymous secret="%secret%"/>
            <remember-me secret="%secret%"/>
+           <http-digest secret="%secret%"/>
        </firewall>
    </config>
    ```
@@ -687,6 +695,7 @@ UPGRADE FROM 2.x to 3.0
            // ...
            'anonymous' => array('secret' => '%secret%'),
            'remember_me' => array('secret' => '%secret%'),
+           'http_digest' => array('secret' => '%secret%'),
        ),
    ));
   ```

src/Symfony/Bundle/SecurityBundle/CHANGELOG.md

@@ -9,8 +9,8 @@ CHANGELOG
 2.8.0
 -----
 
- * deprecated the `key` setting of `anonymous` and `remember_me` in favor of the
-   `secret` setting.
+ * deprecated the `key` setting of `anonymous`, `remember_me` and `http_digest`
+   in favor of the `secret` setting.
 
 2.6.0
 -----

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpDigestFactory.php

@@ -58,10 +58,26 @@ public function getKey()
     public function addConfiguration(NodeDefinition $node)
     {
         $node
+            ->beforeNormalization()
+                ->ifTrue(function ($v) { return isset($v['key']); })
+                ->then(function ($v) {
+                    if (isset($v['secret'])) {
+                        throw new \LogicException('Cannot set both key and secret options for http_digest, use only secret instead.');
+                    }
+
+                    @trigger_error('http_digest.key is deprecated since version 2.8 and will be removed in 3.0. Use http_digest.secret instead.', E_USER_DEPRECATED);
+
+                    $v['secret'] = $v['key'];
+
+                    unset($v['key']);
+
+                    return $v;
+                })
+            ->end()
             ->children()
                 ->scalarNode('provider')->end()
                 ->scalarNode('realm')->defaultValue('Secured Area')->end()
-                ->scalarNode('key')->isRequired()->cannotBeEmpty()->end()
+                ->scalarNode('secret')->isRequired()->cannotBeEmpty()->end()
             ->end()
         ;
     }
@@ -76,7 +92,7 @@ protected function createEntryPoint($container, $id, $config, $defaultEntryPoint
         $container
             ->setDefinition($entryPointId, new DefinitionDecorator('security.authentication.digest_entry_point'))
             ->addArgument($config['realm'])
-            ->addArgument($config['key'])
+            ->addArgument($config['secret'])
         ;
 
         return $entryPointId;

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php

@@ -64,7 +64,7 @@
         'simple' => array('pattern' => '/login', 'security' => false),
         'secure' => array('stateless' => true,
             'http_basic' => true,
-            'http_digest' => array('key' => 'TheKey'),
+            'http_digest' => array('secret' => 'TheSecret'),
             'form_login' => true,
             'anonymous' => true,
             'switch_user' => true,

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml

@@ -49,7 +49,7 @@
 
         <firewall name="secure" stateless="true">
             <http-basic />
-            <http-digest key="TheKey" />
+            <http-digest secret="TheSecret" />
             <form-login />
             <anonymous />
             <switch-user />

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml

@@ -47,7 +47,7 @@ security:
             stateless: true
             http_basic: true
             http_digest:
-                key: TheKey
+                secret: TheSecret
             form_login: true
             anonymous: true
             switch_user: true

src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/base_js.html.twig

@@ -359,6 +359,8 @@
                                 activeTab = activeTab.parentNode;
                             }
 
+                            /* get the full list of tabs through the parent of the active tab element */
+                            var tabNavigation = activeTab.parentNode.children;
                             for (var k = 0; k < tabNavigation.length; k++) {
                                 var tabId = tabNavigation[k].getAttribute('data-tab-id');
                                 document.getElementById(tabId).className = 'hidden';

src/Symfony/Component/Filesystem/CHANGELOG.md

@@ -6,6 +6,11 @@ CHANGELOG
 
  * removed `$mode` argument from `Filesystem::dumpFile()`
 
+2.8.0
+-----
+
+ * added tempnam() a stream aware version of PHP's native tempnam()
+
 2.6.0
 -----
 

src/Symfony/Component/Filesystem/Filesystem.php

@@ -452,6 +452,58 @@ public function isAbsolutePath($file)
         );
     }
 
+    /**
+     * Creates a temporary file with support for custom stream wrappers.
+     *
+     * @param string $dir    The directory where the temporary filename will be created.
+     * @param string $prefix The prefix of the generated temporary filename.
+     *                       Note: Windows uses only the first three characters of prefix.
+     *
+     * @return string The new temporary filename (with path), or throw an exception on failure.
+     */
+    public function tempnam($dir, $prefix)
+    {
+        list($scheme, $hierarchy) = $this->getSchemeAndHierarchy($dir);
+
+        // If no scheme or scheme is "file" create temp file in local filesystem
+        if (null === $scheme || 'file' === $scheme) {
+            $tmpFile = tempnam($hierarchy, $prefix);
+
+            // If tempnam failed or no scheme return the filename otherwise prepend the scheme
+            if (false !== $tmpFile) {
+                if (null !== $scheme) {
+                    return $scheme.'://'.$tmpFile;
+                }
+
+                return $tmpFile;
+            }
+
+            throw new IOException('A temporary file could not be created.');
+        }
+
+        // Loop until we create a valid temp file or have reached 10 attempts
+        for ($i = 0; $i < 10; ++$i) {
+            // Create a unique filename
+            $tmpFile = $dir.'/'.$prefix.uniqid(mt_rand(), true);
+
+            // Use fopen instead of file_exists as some streams do not support stat
+            // Use mode 'x+' to atomically check existence and create to avoid a TOCTOU vulnerability
+            $handle = @fopen($tmpFile, 'x+');
+
+            // If unsuccessful restart the loop
+            if (false === $handle) {
+                continue;
+            }
+
+            // Close the file if it was successfully opened
+            @fclose($handle);
+
+            return $tmpFile;
+        }
+
+        throw new IOException('A temporary file could not be created.');
+    }
+
     /**
      * Atomically dumps content into a file.
      *
@@ -470,7 +522,7 @@ public function dumpFile($filename, $content)
             throw new IOException(sprintf('Unable to write to the "%s" directory.', $dir), 0, null, $dir);
         }
 
-        $tmpFile = tempnam($dir, basename($filename));
+        $tmpFile = $this->tempnam($dir, basename($filename));
 
         if (false === @file_put_contents($tmpFile, $content)) {
             throw new IOException(sprintf('Failed to write file "%s".', $filename), 0, null, $filename);
@@ -492,4 +544,18 @@ private function toIterator($files)
 
         return $files;
     }
+
+    /**
+     * Gets a 2-tuple of scheme (may be null) and hierarchical part of a filename (e.g. file:///tmp -> array(file, tmp)).
+     *
+     * @param string $filename The filename to be parsed.
+     *
+     * @return array The filename scheme and hierarchical part
+     */
+    private function getSchemeAndHierarchy($filename)
+    {
+        $components = explode('://', $filename, 2);
+
+        return 2 === count($components) ? array($components[0], $components[1]) : array(null, $components[0]);
+    }
 }

src/Symfony/Component/Filesystem/Tests/FilesystemTest.php

@@ -946,6 +946,110 @@ public function providePathsForIsAbsolutePath()
         );
     }
 
+    public function testTempnam()
+    {
+        $dirname = $this->workspace;
+
+        $filename = $this->filesystem->tempnam($dirname, 'foo');
+
+        $this->assertFileExists($filename);
+    }
+
+    public function testTempnamWithFileScheme()
+    {
+        $scheme = 'file://';
+        $dirname = $scheme.$this->workspace;
+
+        $filename = $this->filesystem->tempnam($dirname, 'foo');
+
+        $this->assertStringStartsWith($scheme, $filename);
+        $this->assertFileExists($filename);
+    }
+
+    public function testTempnamWithMockScheme()
+    {
+        stream_wrapper_register('mock', 'Symfony\Component\Filesystem\Tests\Fixtures\MockStream\MockStream');
+
+        $scheme = 'mock://';
+        $dirname = $scheme.$this->workspace;
+
+        $filename = $this->filesystem->tempnam($dirname, 'foo');
+
+        $this->assertStringStartsWith($scheme, $filename);
+        $this->assertFileExists($filename);
+    }
+
+    /**
+     * @expectedException \Symfony\Component\Filesystem\Exception\IOException
+     */
+    public function testTempnamWithZlibSchemeFails()
+    {
+        $scheme = 'compress.zlib://';
+        $dirname = $scheme.$this->workspace;
+
+        // The compress.zlib:// stream does not support mode x: creates the file, errors "failed to open stream: operation failed" and returns false
+        $this->filesystem->tempnam($dirname, 'bar');
+
+    }
+
+    public function testTempnamWithPHPTempSchemeFails()
+    {
+        $scheme = 'php://temp';
+        $dirname = $scheme;
+
+        $filename = $this->filesystem->tempnam($dirname, 'bar');
+
+        $this->assertStringStartsWith($scheme, $filename);
+
+        // The php://temp stream deletes the file after close
+        $this->assertFileNotExists($filename);
+    }
+
+    /**
+     * @expectedException \Symfony\Component\Filesystem\Exception\IOException
+     */
+    public function testTempnamWithPharSchemeFails()
+    {
+        // Skip test if Phar disabled phar.readonly must be 0 in php.ini
+        if (!\Phar::canWrite()) {
+            $this->markTestSkipped('This test cannot run when phar.readonly is 1.');
+        }
+
+        $scheme = 'phar://';
+        $dirname = $scheme.$this->workspace;
+        $pharname = 'foo.phar';
+
+        new \Phar($this->workspace.'/'.$pharname, 0, $pharname);
+        // The phar:// stream does not support mode x: fails to create file, errors "failed to open stream: phar error: "$filename" is not a file in phar "$pharname"" and returns false
+        $this->filesystem->tempnam($dirname, $pharname.'/bar');
+    }
+
+    /**
+     * @expectedException \Symfony\Component\Filesystem\Exception\IOException
+     */
+    public function testTempnamWithHTTPSchemeFails()
+    {
+        $scheme = 'http://';
+        $dirname = $scheme.$this->workspace;
+
+        // The http:// scheme is read-only
+        $this->filesystem->tempnam($dirname, 'bar');
+    }
+
+    public function testTempnamOnUnwritableFallsBackToSysTmp()
+    {
+        $scheme = 'file://';
+        $dirname = $scheme.$this->workspace.DIRECTORY_SEPARATOR.'does_not_exist';
+
+        $filename = $this->filesystem->tempnam($dirname, 'bar');
+
+        $this->assertStringStartsWith(rtrim($scheme.sys_get_temp_dir(), DIRECTORY_SEPARATOR), $filename);
+        $this->assertFileExists($filename);
+
+        // Tear down
+        @unlink($filename);
+    }
+
     public function testDumpFile()
     {
         $filename = $this->workspace.DIRECTORY_SEPARATOR.'foo'.DIRECTORY_SEPARATOR.'baz.txt';
@@ -971,6 +1075,33 @@ public function testDumpFileOverwritesAnExistingFile()
         $this->assertSame('bar', file_get_contents($filename));
     }
 
+    public function testDumpFileWithFileScheme()
+    {
+        if (defined('HHVM_VERSION')) {
+            $this->markTestSkipped('HHVM does not handle the file:// scheme correctly');
+        }
+
+        $scheme = 'file://';
+        $filename = $scheme.$this->workspace.DIRECTORY_SEPARATOR.'foo'.DIRECTORY_SEPARATOR.'baz.txt';
+
+        $this->filesystem->dumpFile($filename, 'bar', null);
+
+        $this->assertFileExists($filename);
+        $this->assertSame('bar', file_get_contents($filename));
+    }
+
+    public function testDumpFileWithZlibScheme()
+    {
+        $scheme = 'compress.zlib://';
+        $filename = $this->workspace.DIRECTORY_SEPARATOR.'foo'.DIRECTORY_SEPARATOR.'baz.txt';
+
+        $this->filesystem->dumpFile($filename, 'bar', null);
+
+        // Zlib stat uses file:// wrapper so remove scheme
+        $this->assertFileExists(str_replace($scheme, '', $filename));
+        $this->assertSame('bar', file_get_contents($filename));
+    }
+
     public function testCopyShouldKeepExecutionPermission()
     {
         $this->markAsSkippedIfChmodIsMissing();