Controller
(0 files, 0 lines)
EntryPoint
(0 files, 0 lines)
Provider
(0 files, 0 lines)
Token
(0 files, 0 lines)
[root]/Classes/Security/Authentication
Controller
(0 files, 0 lines)
EntryPoint
(0 files, 0 lines)
Provider
(0 files, 0 lines)
Token
(0 files, 0 lines)
| Author | Changes | Lines of Code | Lines per Change |
|---|---|---|---|
| Totals | 202 (100.0%) | 2189 (100.0%) | 10.8 |
| andi | 49 (24.3%) | 1201 (54.9%) | 24.5 |
| robert | 44 (21.8%) | 686 (31.3%) | 15.5 |
| k-fish | 109 (54.0%) | 302 (13.8%) | 2.7 |
Removed everything in trunk after move to git.
0 lines of code changed in 25 files:
[-TASK] FLOW3: Removed @version keyword from files, resolves #8835.
0 lines of code changed in 7 files:
[+FEATURE] FLOW3 (Security): The new AccountFactory now allows for convenient creation of a new account with username and password. Resolves #5846
[+BUGFIX] FLOW3 (Property): Fixed the failing tests of the Property Mapper. Also replaced a few occurrences of $objectManager->get() by $objectManager->create()
3 lines of code changed in 1 file:
[+FEATURE] FLOW3 (Object): Implemented a static object container which is automatically built. It's essentially a hardcoded version of the autowired and configured object dependencies - just a lot faster. Many tests are still missing, but the version in this commit should be mostly functional. Addresses #3740 and resolves #2123.
[!!!][~API] FLOW3 (Object): Heavily refactored the Object Manager and its tests. The most important change is the removal of the Object Factory whose create() method is now located in the Object Manager. Furthermore, the getObject() method has been renamed to get() and a few minor important API functions within the Object Manager have been modified. This commit also contains a script which allows for semi automatically migrating existing code to the new API (see ./flow3 migrate objectmanagerusage). Resolves #6562
[~TASK] FLOW3 (Configuration): The Configuration Manager and its YAML source now doesn't depend on the YAML package anymore but refers to a YAML parser class within the FLOW3 package. Resolves #6564.
4 lines of code changed in 1 file:
[~TASK] FLOW3 (Security): Removed the GrantedAuhorityInterface and replaced all uses of "Granted Authority" by "Role". Resolves #6317
3 lines of code changed in 1 file:
[~TASK] FLOW3 (Documentation): Updated the Coding Guidelines: removed inconsistent exceptions from the general class naming rules. Also added the rule that names of aspect classes must end with "Aspect". Relates to #5658
[~TASK] Global: Renamed many classes and interfaces in order to be consistent with FLOW3's naming rules. A migration script to update third-party applications will follow soon. Resolves #5658
463 lines of code changed in 6 files:
[+FEATURE] FLOW3 (MVC): If the result of an action method is an object providing a __toString() method, this method will be called by the ActionController and its result will be added to the response content. Resolves #5995
[+FEATURE] FLOW3 (MVC): The routes property @controller now allows the use of namespace separators for referring to classes in file / class structure below "Controllers". Resolves #5998
[~TASK] FLOW3 (Documentation): Fixed a few typos in the AOP documentation.
3 lines of code changed in 1 file:
[+API] FLOW3 (AOP): Added the JoinPoint class to the supported API. Also added a new method "hasException()" to the JoinPoint implementation. Resolves #5480
[~TASK] FLOW3 (Cache): Set the log level of flushCachesByTag to DEBUG
[~FEATURE] FLOW3 (Security): Implemented a logging aspect which currently logs all relevant actions of the authentication mechanism. The advices are currently active regardless of the configured logging threshold. Addresses #5481
[~TASK] FLOW3 (Security): Removed getSecurityContext() from the Authentication Manager Interface ? it was not used anywhere.
[~CONFIGURATION] FLOW3 (Security): Removed the requestPatterns configuration from the default security configuration. This configuration was only an example and got in the way if one wanted to reuse the DefaultProvider configuration for other login controllers.
[~TASK] Fluid (ViewHelpers): Corrected some inline documentation in the FormViewHelper
36 lines of code changed in 2 files:
[+FEATURE] FLOW3 (Security): Implemented the logoutAction() in the authenctication controller
[+FEATURE] Fluid (ViewHelpers): Implemented an ifGrantedAuthority view helper
[~TASK] Fluid (ViewHelpers): Fixed some doc comments in the ifAccess view helper
21 lines of code changed in 3 files:
[~TASK] FLOW3: Fixed method parameter documentation found by new reflection service checks.
[+FEATURE] FLOW3 (Persistence): added removeAll() to base repository, resolves #3852.
2 lines of code changed in 2 files:
[+FEATURE] FLOW3 (AOP): Parse errors in AOP proxy code (introduced by a potential bug) will now be treated properly by throwing a meaningful exception.
[-FEATURE] FLOW3 (Configuration): Removed support for PHP-based configuration files. This caused a lot of overhead and in practice we want everyone to use YAML files anyway.
[+FEATURE] FLOW3 (Configuration): Implemented support for cached ("compiled") configuration. When the new FLOW3.yaml option "configuration: comileConfigurationFiles" is turned on, all configuration will be compiled into a PHP file which from then on is read instead of parsing the YAML files everytime. Please see the updated documentation for more information. Resolves #4460
[~TASK] FLOW3 (Configuration): Completely refactored the Configuration Manager and a few related classes. Its methods now each fullfil a clear purpose and work more effective. The method names now also better describe what each method is doing. Resolves #2711
[-TASK] FLOW3 (Configuration): Removed the WritableSourceInterface - this is now a standard feature of a configuration source.
[+TASK] FLOW3 (Core): Refactored and cleaned up the FLOW3 Bootstrap. Constants are now defined by a static method and all configuration related functionality has been moved to the Configuration sub package. Also replaced the evil die() calls by more handsome exit() calls. Relates to #2117
[+TASK] FLOW3 (Object): Moved some object initialization code from the Bootstrap to the Object Manager and further cleaned up the Object Manager's code. Wrote additional tests - now this class has 100% test coverage. Relates to #2117
[+API] FLOW3 (MVC): Added a few @api annotations to properties of the AbstractController and ActionController.
[-API] FLOW3 (Utility): Removed the getSAPIType() method from the Environment class. Just use the constant FLOW3_SAPITYPE instead. Resolves #3567 and relates to #2117.
3 lines of code changed in 1 file:
[~BUGFIX] FLOW3 (Object): The object serializer now handles persitence objects correctly.
[~TASK] FLOW3 (AOP): Removed the FLOW3 Security subpackage from the AOP blacklist, to be able to store roles in the content repository.
[~BUGFIX] FLOW3 (Core): Changed the initialization order to initialize the persistence framework early engough for the new session scope.
[~BUGFIX] Testing: Changed the framewor initialization order to initialize the persistence framework early engough for the new session scope.
[+FEATURE] Party: Added a basic account model.
[+FEATURE] FLOW3 (Security): Added a new authentication provider and token that uses account objects for authentication.
[-FEATURE] FLOW3 (Security): Removed the RSA authentication mechanism for now.
[~CONFIGURATION] FLOW3: Changed the policy configuration according to the new syntax.
49 lines of code changed in 3 files:
[+TASK] FLOW3: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Fluid: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Kickstart: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] PHP6: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] PHPUnit: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Testing: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Welcome: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] YAML: Removed file level docblocks and @package/@subpackage annotations.
0 lines of code changed in 10 files:
[TASK] FLOW3: moved from @internal to @api, resolves #3883
0 lines of code changed in 10 files:
* [~CONF]: FLOW(Security): Cleaned up the authentication provider configuration syntax
* [TASK]: FLOW(Security): Fixed a doc comment in the RSAWalletService
* [FIX]: FLOW(Security): The encrypted password is not written to the visible input fields of the login form anymore.
11 lines of code changed in 1 file:
Added svn:keywords where missing...
2 lines of code changed in 1 file:
* FLOW3: Marked all methods as @internal except those which are considered part of the official API. Resolves #1280
* TYPO3CR: Fixed two tests of the Storage\PDO\Search testcase.
36 lines of code changed in 10 files:
* FLOW3: (MVC) Introduced a RequestInterface and a ResponseInterface and made sure those are used everywhere where the Request class was used before.
* FLOW3: (Documentation) Continued writing documentation for the MVC framework.
5 lines of code changed in 1 file:
FLOW3(Security):
* Refactored almost all unit tests. Now the TestPackage is not needed anymore for the security tests.
* Cleaned up the interfaces, as some method aren't needed anymore with the new tests.
Testing:
* fixed a bug in the BaseTestcase, that sometimes crashed class loading.
20 lines of code changed in 4 files:
FLOW3(Security):
* The ProviderManager now throws exceptions if the configuration is incorrect.
9 lines of code changed in 1 file:
FLOW3 (Security):
* made parallel authentication mechanisms possible. Now you can login to typo3 with a different mechanism than to flow3
* credentials are no longer stored in the session.
* the RSA keys are now stored in a cache with a TTL of 30.
* reinjectDependencies is now used when authentication tokens are retrieved from the session.
* Exception/Handler is not needed.
* the authentication tokens hold an authentication status now. Look at the TokenInterface for possible values.
* added a getTokensOfType() method to the security context.
* authentication entry points work now.
* Adjusted the security configuration in FLOW3.yaml (you have to enable security to test the new features)
* Access is now denied if no policy entry is found.
TYPO3 (Backend):
* renamed the property $viewObjectName to $defaultViewObjectName, according to latest changes.
183 lines of code changed in 4 files:
* FLOW3: (MVC) (Security) Replaced "Classname" by "ClassName" where it appeared.
* FLOW3: (Security) Replaced $uuid by $UUID where it appeared.
* FLOW3: (Security) Renamed tokenClassName to tokenObjectName because it's essentially that.
* FLOW3: (Security) Removed the call-by-refs in RSAWalletService because they were causing E_STRICT warnings.
12 lines of code changed in 3 files:
FLOW3 (Security): Implemented the RSA based Login-Controller. You can call it under: http://yourhost/flow3/login
7 lines of code changed in 2 files:
!!! Globally renamed all class files to the new shorter version. Resolves #2524
FLOW3: (Resource) Adapted the class loader and other related parts of FLOW3 to the new class filename convention
FLOW3: Moved the FLOW3 bootstrap into the F3\FLOW3 namepace
83 lines of code changed in 9 files:
* FLOW3: (Security) Renamed the aspect InterceptorInvocation to PolicyEnforcementAspect
* FLOW3: (Security) Completely removed the security code from the MVC dispatcher. Instead it is now woven in by advices in the new RequestDispatchingAspect. Resolves #2118
* FLOW3: (Security) The old and the new aspect are now only active if security is enabled. That means: No security related proxies are generated if security is turned off. Addresses #2118
* FLOW3: (Security) Security is now (again) enabled by default. But that doesn't mean that everything is secure yet ...
* FLOW3: (AOP) Fixed the "Setting" poinctut designator by adding the class to the Objects configuration.
1 lines of code changed in 1 file:
FLOW3:
* fixed license name in @license annotation, fixes #2454
9 lines of code changed in 9 files:
FLOW3:
* changed license to LGPL v3 or later
126 lines of code changed in 9 files:
!!! 5.3.0alpha3 namespaces refactoring:
* changed namespace delimiter from :: to \
* all class references in namespaced code prepended by \
PHPUnit:
* adapted mock object handling to the new namespaces syntax
FLOW3:
* PropertyReflection now uses setAccessible() instead of array cast to access protected properties
PHPCR:
* added a missing interface already used for type hints
79 lines of code changed in 9 files:
* FLOW3: (Component) Renamed "component" to "object" - everywhere. That means we now have an Object Manager instead of a Component Manager, an Object Factory etc. Resolves #2119
Globally adjusted all code for the above change.
17 lines of code changed in 2 files:
COMMIT PART 1
* FLOW3: Implemented a YAML configuration source, resolves #1852
* Globally refactored code and converted configuration files to use the new YAML configuration format
Note: FLOW3 is now getting even slower because the whole YAML parsing results are not cached yet.
You can still use .php based configuration but it is recommended to switch over to YAML ASAP.
Documentation and speed improvements follow
3 lines of code changed in 1 file:
* FLOW3: (Component) Renamed the method Component::Factory->getComponent() to Component::Factory->create(). Resolves #1846
* FLOW3: (Component) Component::Factory->create() will now throw an exception on trying to create a component of scope != prototype
* FLOW3: (Component) The Component::Manager->getComponent() method can still be used as a last resort to retrieve components of any scope. However dependency injection for singletons and the component factory for prototype should always be the first choice!
Refactored all packages of the TYPO3 distribution to match the above changes.
Note: The test "F3::TYPO3CR::NodeTest::setPropertySetsValue" currently fails on my machine with the following message:
Error in setPropertySetsValue with data set #34 Detail
TYPO3CR/Classes/F3_TYPO3CR_Node.php:577
Unable to convert value of type string to Name: Namespace prefix is invalid
8 lines of code changed in 2 files:
FLOW3 (Validation): Fixed the integer validator. Now it handles strings correctly
FLOW3 (Security): Implemented the missing decision and ACL classes. No we can authenticate a user and authorize methods over AOP!
14 lines of code changed in 2 files:
The biggest part of the security framework ist finished now:
FLOW3 (Security):
* Implemented the central security aspect
* Refactored the authentication manager
* Implemented the policy enforcement interceptor
* Implemented the access decision voter manager
67 lines of code changed in 4 files:
Set svn:keywords property to Id on all PHP files.
0 lines of code changed in 9 files:
!!! Major change, will break existing code.
Part 3 - Packages
FLOW3, most other packages:
* added namespaces to the code of FLOW3 and all packages in the current TYPO3v5 distribution.
PHPUnit:
* some changes to make PHPUnit (more) namespace-compatible.
Some notes:
* Documentation updates will follow
* you might need to change your class names when adapting namespaces to avoid using "Class", "Empty", "Default", ...
* expect FLOW3CGL and/or PHPCodeSniffer to be broken (I'll have a look)
* some parts might still be broken, especially in edge-cases where the global namespace needs to explicitly used
77 lines of code changed in 9 files:
FLOW3:
* fixed a bunch of CGL violations
* some TODO comments converted into @todo annotations
7 lines of code changed in 9 files:
* Global Configuration: Moved the default routes configuration to within the FLOW3 package
* FLOW3: (Configuration) Refactored the configuration manager. Now there's a dedicated method getSettings() for retrieving settings for a certain package. You will most likely want to use this method instead of the now called "getSpecialConfiguration()" method.
* FLOW3: (Configuration) Converted the configuration source into a non-static class.
* FLOW3: (Configuration) Implemented proper tests for the Configuration Manager
* TYPO3CR and TYPO3: Adapted the code to use the new configuration manager methods
* FLOW3: The special "FLOW3 configuration" (as defined in FLOW3.php) technically are now just settings for the package "FLOW3" with the only difference that they are loaded earlier than other settings and can only be set in the FLOW3 package and the global configuration.
* FLOW3: (MVC) Refactored the Routing mechanism - mainly cosmetic changes. Among other things removed the Route Interface.
* FLOW3: (MVC) Refactored the Web Request Builder a bit.
* FLOW3: (Security) Fixed the Context Holder Session destructor which was throwing uncatched exceptions while trying to close an uninitalized session. Needs further cleanup / handling.
4 lines of code changed in 1 file:
Implemented the first part of the security framework.
* FLOW3 (Security): Implemented the session security context holder
* FLOW3 (Security): Implemented the security context that provides the current context based on request patterns and the configured authentication strategy
* FLOW3 (Security): Implemented a basic filter firewall that can be configured in the FLOW3 configuration file
* FLOW3 (Security): Implemented a basic security interceptor, that triggers the authentication process and can be placed in the firewall
* FLOW3 (Security): Implemented the authentication (provider) manager and a very basic username/password provider with its token
* FLOW3 (MVC): Changed some tests to use mock objects (firewall and security context holder)
* FLOW3 (Validation): Fixed a bug in the alphanumeric validator
199 lines of code changed in 6 files:
FLOW3 (Session): Implemented a very basic session class, that uses PHP session functionality.
1 lines of code changed in 1 file:
* FLOW3 (Security): Added method stubs for authentication, authorization and the first part of the acl service.
* FLOW3 (Session): Added a very basic session interface.
191 lines of code changed in 9 files:
(3 more)