diff --git a/.github/workflows/test-application.yaml b/.github/workflows/test-application.yaml index c8d8261d..ae52da13 100644 --- a/.github/workflows/test-application.yaml +++ b/.github/workflows/test-application.yaml @@ -82,7 +82,7 @@ jobs: database: mysql dependency-versions: 'highest' tools: 'composer:v2' - composer-options: '--ignore-platform-reqs' + composer-stability: 'dev' env: SYMFONY_DEPRECATIONS_HELPER: weak DATABASE_URL: mysql://root:root@127.0.0.1/sulu_form_test?serverVersion=5.7 @@ -124,6 +124,10 @@ jobs: # testing lowest versions. run: composer remove "*php-cs-fixer*" "*phpstan*" "*rector*" --dev --no-update + - name: Set composer stability + if: ${{ matrix.composer-stability }} + run: composer config minimum-stability ${{ matrix.composer-stability }} + - name: Install composer dependencies uses: ramsey/composer-install@v2 with: diff --git a/.php-cs-fixer.dist.php b/.php-cs-fixer.dist.php index ee71c67d..b3a006b8 100644 --- a/.php-cs-fixer.dist.php +++ b/.php-cs-fixer.dist.php @@ -31,6 +31,7 @@ 'phpdoc_types_order' => false, 'single_line_throw' => false, 'single_line_comment_spacing' => false, + 'trailing_comma_in_multiline' => false, ]) ->setFinder($finder); diff --git a/Resources/doc/csrf.md b/Resources/doc/csrf.md index 646995a0..c225c78f 100644 --- a/Resources/doc/csrf.md +++ b/Resources/doc/csrf.md @@ -12,7 +12,7 @@ sulu_form: ## Ajax -> This solution is required when pages are cached using `Varnish`: +We need to add a new `Route` generates use the csrf token for the ajax based loading: ```yaml # config/routes/sulu_form.yaml @@ -24,7 +24,7 @@ sulu_form.token: _requestAnalyzer: false ``` -### A. Ajax with jquery +### A. Ajax without a JavaScript Framework A simple example for loading the csrf token over ajax looks like this: @@ -67,7 +67,7 @@ When using [`@sulu/web`](https://github.com/sulu/web-js) / [`sulu/web-twig`](htt {%- block csrf_token_widget -%} {{ block('hidden_widget') }} - {% do register_component('csrf-token', { id: id, formName: form.parent.vars.name }) %} + {% do prepare_component('csrf-token', { id: id, formName: form.parent.vars.name }) %} {% endblock %} ``` @@ -97,20 +97,3 @@ import CsrfToken from './components/csrf-token'; web.registerComponent('csrf-token', CsrfToken); ``` - -## ESI - -> This solution does not work with Symfony 5.4 or later. Please use ajax loading when enabling csrf protection. - -Add the following to your form theme to overwrite the default -behaviour of token generation or use the `@SuluForm/themes/basic.html.twig` theme. - -```twig -{%- block csrf_token_widget -%} - {{ render_esi(controller('Sulu\\Bundle\\FormBundle\\Controller\\FormTokenController::tokenAction', { - 'form': form.parent.vars.name, - 'html': true, - _requestAnalyzer: false - })) }} -{% endblock %} -``` diff --git a/Resources/doc/static.md b/Resources/doc/static.md index 76ce7831..a2456dc1 100644 --- a/Resources/doc/static.md +++ b/Resources/doc/static.md @@ -232,14 +232,6 @@ https://github.com/symfony/symfony/blob/v2.7.0/src/Symfony/Bridge/Twig/Resources ``` -ClientWebsiteBundle:forms:theme.html.twig: - -``` twig -{% block token_widget %} - { render_esi(controller('Sulu\\Bundle\\FormBundle\\Controller\\FormTokenController::tokenAction', { 'form': 'form_type_alias', 'html': true })) }} -{% endblock token_widget %} -``` - ## E-Mail You need to create 2 emails(visitor/admin). Default Path are: diff --git a/Resources/views/themes/basic.html.twig b/Resources/views/themes/basic.html.twig index d77efa71..32f3b4ea 100644 --- a/Resources/views/themes/basic.html.twig +++ b/Resources/views/themes/basic.html.twig @@ -32,6 +32,7 @@ If a request is not cacheable (eg. POST request), we can directly render it. #} {% if app.request.isMethodCacheable %} + {% deprecated 'CSRF Token over ESI is deprecated and fails since Symfony 5.4, use Ajax based CSRF Token loading, see CSRF docs.' %} {{ render_esi(controller) }} {% else %} {{ render(controller) }} diff --git a/Tests/Functional/Mail/Fixtures/LoadFormFixture.php b/Tests/Functional/Mail/Fixtures/LoadFormFixture.php index 8811fd03..7681e126 100644 --- a/Tests/Functional/Mail/Fixtures/LoadFormFixture.php +++ b/Tests/Functional/Mail/Fixtures/LoadFormFixture.php @@ -22,7 +22,7 @@ class LoadFormFixture implements FixtureInterface { - public function load(ObjectManager $manager) + public function load(ObjectManager $manager): void { $form = new Form(); $form->setDefaultLocale('de'); diff --git a/composer.json b/composer.json index 13287a74..603e757f 100644 --- a/composer.json +++ b/composer.json @@ -32,10 +32,10 @@ "symfony/validator": "^4.4 || ^5.0 || ^6.0 || ^7.0", "symfony/security-csrf": "^4.4 || ^5.0 || ^6.0 || ^7.0", "symfony/translation": "^4.4 || ^5.0 || ^6.0 || ^7.0", - "twig/twig": "^1.41 || ^2.0 || ^3.0" + "twig/twig": "^1.41 || ^2.6 || ^3.0" }, "require-dev": { - "doctrine/data-fixtures": "^1.3.3", + "doctrine/data-fixtures": "^1.3.3 || ^2.0", "doctrine/doctrine-bundle": "^1.10 || ^2.0", "drewm/mailchimp-api": "^2.2", "excelwebzone/recaptcha-bundle": "^1.4.2", diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index e2f04931..76e38710 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -40,11 +40,6 @@ parameters: count: 1 path: Command/FormGeneratorCommand.php - - - message: "#^Method Sulu\\\\Bundle\\\\FormBundle\\\\Command\\\\FormGeneratorCommand\\:\\:loadTestForm\\(\\) should return Sulu\\\\Bundle\\\\FormBundle\\\\Entity\\\\Form\\|null but returns mixed\\.$#" - count: 1 - path: Command/FormGeneratorCommand.php - - message: "#^Property Sulu\\\\Bundle\\\\FormBundle\\\\Configuration\\\\FormConfiguration\\:\\:\\$adminMailConfiguration \\(Sulu\\\\Bundle\\\\FormBundle\\\\Configuration\\\\MailConfigurationInterface\\) does not accept Sulu\\\\Bundle\\\\FormBundle\\\\Configuration\\\\MailConfigurationInterface\\|null\\.$#" count: 1 @@ -1385,11 +1380,6 @@ parameters: count: 2 path: Repository/FormRepository.php - - - message: "#^Method Sulu\\\\Bundle\\\\FormBundle\\\\Repository\\\\FormRepository\\:\\:loadById\\(\\) should return Sulu\\\\Bundle\\\\FormBundle\\\\Entity\\\\Form\\|null but returns mixed\\.$#" - count: 1 - path: Repository/FormRepository.php - - message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\RequestStack\\:\\:getMasterRequest\\(\\)\\.$#" count: 1