[root]/Tests/Security
ACL
(0 files, 0 lines)
Aspect
(0 files, 0 lines)
Authentication
(0 files, 0 lines)
Controller
(0 files, 0 lines)
EntryPoint
(0 files, 0 lines)
Provider
(0 files, 0 lines)
Token
(0 files, 0 lines)
Authorization
(0 files, 0 lines)
Interceptor
(0 files, 0 lines)
Voter
(0 files, 0 lines)
Cryptography
(0 files, 0 lines)
RequestPattern
(0 files, 0 lines)
| Author | Changes | Lines of Code | Lines per Change |
|---|---|---|---|
| Totals | 78 (100.0%) | 1323 (100.0%) | 16.9 |
| andi | 22 (28.2%) | 1050 (79.4%) | 47.7 |
| k-fish | 36 (46.2%) | 198 (15.0%) | 5.5 |
| robert | 20 (25.6%) | 75 (5.7%) | 3.7 |
Removed everything in trunk after move to git.
0 lines of code changed in 12 files:
[+FEATURE] FLOW3 (Security): Implemented the logoutAction() in the authenctication controller
[+FEATURE] Fluid (ViewHelpers): Implemented an ifGrantedAuthority view helper
[~TASK] Fluid (ViewHelpers): Fixed some doc comments in the ifAccess view helper
20 lines of code changed in 1 file:
* [~TASK] FLOW3 (Security): The security framework now uses the new session scope for its session data.
* [~TASK] FLOW3 (Security): Fixed some doc comments.
12 lines of code changed in 1 file:
[+TASK] FLOW3: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Fluid: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Kickstart: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] PHP6: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] PHPUnit: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Testing: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] Welcome: Removed file level docblocks and @package/@subpackage annotations.
[+TASK] YAML: Removed file level docblocks and @package/@subpackage annotations.
0 lines of code changed in 3 files:
[TASK] FLOW3 (Tests): adjusted some tests to work with changed behaviour of PHPUnit, relates to #3854
4 lines of code changed in 2 files:
Added svn:keywords where missing...
0 lines of code changed in 1 file:
FLOW3:
* fixed test broken since r2374
* tweaked another test
2 lines of code changed in 1 file:
* FLOW3: Renamed a few classes / moved them in the namespaces hierarchy to make naming more consistent. Resolves #2515
* FLOW3: (MVC) Removed the AbstractWidget
1 lines of code changed in 1 file:
* FLOW3: (MVC) Introduced a RequestInterface and a ResponseInterface and made sure those are used everywhere where the Request class was used before.
* FLOW3: (Documentation) Continued writing documentation for the MVC framework.
9 lines of code changed in 2 files:
FLOW3(Security):
* Refactored almost all unit tests. Now the TestPackage is not needed anymore for the security tests.
* Cleaned up the interfaces, as some method aren't needed anymore with the new tests.
Testing:
* fixed a bug in the BaseTestcase, that sometimes crashed class loading.
134 lines of code changed in 3 files:
FLOW3(Security):
* The login controller regenerates RSA keys, if they timed out. No exception anymore.
* The whole security package uses injectSettings() to load configuration settings now.
* Added the possibility to set openSSL options for the RSAWalletServicePHP in the FLOW3.yaml
10 lines of code changed in 1 file:
FLOW3(Security):
* ACL-Voter now uses the new getGrantedAuthorites method from the security context
* fixed a problem with prallel authentication session. Now you can be logged on to more than one part of your installation at the same time.
TYPO3 Distribution:
* Adjusted the FLOW3.yaml according to the recent changes
82 lines of code changed in 1 file:
FLOW3 (Security):
* made parallel authentication mechanisms possible. Now you can login to typo3 with a different mechanism than to flow3
* credentials are no longer stored in the session.
* the RSA keys are now stored in a cache with a TTL of 30.
* reinjectDependencies is now used when authentication tokens are retrieved from the session.
* Exception/Handler is not needed.
* the authentication tokens hold an authentication status now. Look at the TokenInterface for possible values.
* added a getTokensOfType() method to the security context.
* authentication entry points work now.
* Adjusted the security configuration in FLOW3.yaml (you have to enable security to test the new features)
* Access is now denied if no policy entry is found.
TYPO3 (Backend):
* renamed the property $viewObjectName to $defaultViewObjectName, according to latest changes.
159 lines of code changed in 3 files:
* FLOW3: (MVC) (Security) Replaced "Classname" by "ClassName" where it appeared.
* FLOW3: (Security) Replaced $uuid by $UUID where it appeared.
* FLOW3: (Security) Renamed tokenClassName to tokenObjectName because it's essentially that.
* FLOW3: (Security) Removed the call-by-refs in RSAWalletService because they were causing E_STRICT warnings.
1 lines of code changed in 1 file:
!!! Globally renamed all class files to the new shorter version. Resolves #2524
FLOW3: (Resource) Adapted the class loader and other related parts of FLOW3 to the new class filename convention
FLOW3: Moved the FLOW3 bootstrap into the F3\FLOW3 namepace
29 lines of code changed in 3 files:
FLOW3:
* fixed license name in @license annotation, fixes #2454
3 lines of code changed in 3 files:
FLOW3:
* changed license to LGPL v3 or later
42 lines of code changed in 3 files:
!!! 5.3.0alpha3 namespaces refactoring:
* changed namespace delimiter from :: to \
* all class references in namespaced code prepended by \
PHPUnit:
* adapted mock object handling to the new namespaces syntax
FLOW3:
* PropertyReflection now uses setAccessible() instead of array cast to access protected properties
PHPCR:
* added a missing interface already used for type hints
73 lines of code changed in 3 files:
* FLOW3: (Component) Renamed "component" to "object" - everywhere. That means we now have an Object Manager instead of a Component Manager, an Object Factory etc. Resolves #2119
Globally adjusted all code for the above change.
10 lines of code changed in 2 files:
FLOW3:
* configuration now handles every "real" error as exceptional, changed some empty arrays from [] to {}
* defaults in route configuration is now optional
* the MVC dispatcher used old-style configuration access to loginPageURIForDemoPurposes
* fixed uninitialized variables in two security tests
1 lines of code changed in 1 file:
* Fixed FLOW3's yaml configuration: exceptional errors were defined as plain strings instead of constants resulting in even (catchable) fatal errors being ignored
* Fixed several tests which still used the object configuration instead of arrays
5 lines of code changed in 1 file:
FLOW3:
* adjusted test for getContext() to new behaviour as of r1423
4 lines of code changed in 1 file:
The biggest part of the security framework ist finished now:
FLOW3 (Security):
* Implemented the central security aspect
* Refactored the authentication manager
* Implemented the policy enforcement interceptor
* Implemented the access decision voter manager
25 lines of code changed in 1 file:
Set svn:keywords property to Id on all PHP files.
0 lines of code changed in 3 files:
!!! Major change, will break existing code.
Part 3 - Packages
FLOW3, most other packages:
* added namespaces to the code of FLOW3 and all packages in the current TYPO3v5 distribution.
PHPUnit:
* some changes to make PHPUnit (more) namespace-compatible.
Some notes:
* Documentation updates will follow
* you might need to change your class names when adapting namespaces to avoid using "Class", "Empty", "Default", ...
* expect FLOW3CGL and/or PHPCodeSniffer to be broken (I'll have a look)
* some parts might still be broken, especially in edge-cases where the global namespace needs to explicitly used
69 lines of code changed in 3 files:
* FLOW3: (Session) Refactored and renamed method names of the PHP Session implemenation and the general interface
* FLOW3: (Session) Implemented the "Transient Session"
* FLOW3: The Transient Session is now selected by default in CLI mode, and the PHP Session in all other modes
* FLOW3: Created an initialization step for the session mechanism in FLOW3's bootstrap
6 lines of code changed in 1 file:
* Global Configuration: Moved the default routes configuration to within the FLOW3 package
* FLOW3: (Configuration) Refactored the configuration manager. Now there's a dedicated method getSettings() for retrieving settings for a certain package. You will most likely want to use this method instead of the now called "getSpecialConfiguration()" method.
* FLOW3: (Configuration) Converted the configuration source into a non-static class.
* FLOW3: (Configuration) Implemented proper tests for the Configuration Manager
* TYPO3CR and TYPO3: Adapted the code to use the new configuration manager methods
* FLOW3: The special "FLOW3 configuration" (as defined in FLOW3.php) technically are now just settings for the package "FLOW3" with the only difference that they are loaded earlier than other settings and can only be set in the FLOW3 package and the global configuration.
* FLOW3: (MVC) Refactored the Routing mechanism - mainly cosmetic changes. Among other things removed the Route Interface.
* FLOW3: (MVC) Refactored the Web Request Builder a bit.
* FLOW3: (Security) Fixed the Context Holder Session destructor which was throwing uncatched exceptions while trying to close an uninitalized session. Needs further cleanup / handling.
5 lines of code changed in 1 file:
Implemented the first part of the security framework.
* FLOW3 (Security): Implemented the session security context holder
* FLOW3 (Security): Implemented the security context that provides the current context based on request patterns and the configured authentication strategy
* FLOW3 (Security): Implemented a basic filter firewall that can be configured in the FLOW3 configuration file
* FLOW3 (Security): Implemented a basic security interceptor, that triggers the authentication process and can be placed in the firewall
* FLOW3 (Security): Implemented the authentication (provider) manager and a very basic username/password provider with its token
* FLOW3 (MVC): Changed some tests to use mock objects (firewall and security context holder)
* FLOW3 (Validation): Fixed a bug in the alphanumeric validator
278 lines of code changed in 3 files:
!!! Important global change !!!
Extracted the getComponent() method from the Component Manager into its own class, the Component Factory. From now on, use the factory if you only need the getComponent() functionality and use the manager if you need the more advanced functions.
9 lines of code changed in 8 files:
FLOW3 (Session): Implemented a very basic session class, that uses PHP session functionality.
330 lines of code changed in 8 files: