symfony · javiereguiluz · Feb 17, 2020 · Feb 16, 2020 · Feb 15, 2020 · Feb 15, 2020
diff --git a/doctrine/event_listeners_subscribers.rst b/doctrine/event_listeners_subscribers.rst
@@ -105,7 +105,7 @@ a ``postPersist()`` method, which will be called when the event is dispatched::
 
     use AppBundle\Entity\Product;
     // for Doctrine < 2.4: use Doctrine\ORM\Event\LifecycleEventArgs;
-    use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
+    use Doctrine\Persistence\Event\LifecycleEventArgs;
 
     class SearchIndexer
     {
@@ -151,8 +151,8 @@ interface and have an event method for each event it subscribes to::
     use AppBundle\Entity\Product;
     use Doctrine\Common\EventSubscriber;
     // for Doctrine < 2.4: use Doctrine\ORM\Event\LifecycleEventArgs;
-    use Doctrine\Common\Persistence\Event\LifecycleEventArgs;
     use Doctrine\ORM\Events;
+    use Doctrine\Persistence\Event\LifecycleEventArgs;
 
     class SearchIndexerSubscriber implements EventSubscriber
     {

diff --git a/doctrine/mapping_model_classes.rst b/doctrine/mapping_model_classes.rst
@@ -116,8 +116,8 @@ Annotations, XML, Yaml, PHP and StaticPHP. The arguments are:
     instead of the ``SymfonyFileLocator``::
 
         use AppBundle\Model;
-        use Doctrine\Common\Persistence\Mapping\Driver\DefaultFileLocator;
         use Doctrine\ORM\Mapping\Driver\XmlDriver;
+        use Doctrine\Persistence\Mapping\Driver\DefaultFileLocator;
 
         // ...
         private function buildMappingCompilerPass()

diff --git a/form/data_transformers.rst b/form/data_transformers.rst
@@ -342,7 +342,6 @@ First, create the custom field type class::
     namespace AppBundle\Form;
 
     use AppBundle\Form\DataTransformer\IssueToNumberTransformer;
-    use Doctrine\Common\Persistence\ObjectManager;
     use Symfony\Component\Form\AbstractType;
     use Symfony\Component\Form\Extension\Core\Type\TextType;
     use Symfony\Component\Form\FormBuilderInterface;

diff --git a/form/unit_testing.rst b/form/unit_testing.rst
@@ -135,7 +135,7 @@ make sure the ``FormRegistry`` uses the created instance::
     namespace Tests\AppBundle\Form\Type;
 
     use AppBundle\Form\Type\TestedType;
-    use Doctrine\Common\Persistence\ObjectManager;
+    use Doctrine\Persistence\ObjectManager;
     use Symfony\Component\Form\PreloadedExtension;
     use Symfony\Component\Form\Test\TypeTestCase;
     // ...

diff --git a/frontend/encore/simple-example.rst b/frontend/encore/simple-example.rst
@@ -332,7 +332,7 @@ If you want to only compile a CSS file, that's possible via ``addStyleEntry()``:
 
 .. code-block:: javascript
 
-    // webpack/config.js
+    // webpack.config.js
     Encore
         // ...
 

@@ -193,7 +193,7 @@ or the short alias name (as shown prior).
 ``em``
 ~~~~~~
 
-**type**: ``string`` | ``Doctrine\Common\Persistence\ObjectManager`` **default**: the default entity manager
+**type**: ``string`` | ``Doctrine\Persistence\ObjectManager`` **default**: the default entity manager
 
 If specified, this entity manager will be used to load the choices
 instead of the ``default`` entity manager.

diff --git a/security.rst b/security.rst
@@ -45,7 +45,7 @@ configuration looks like this:
         # app/config/security.yml
         security:
             providers:
-                in_memory:
+                users_in_memory:
                     memory: ~
 
             firewalls:
@@ -55,6 +55,7 @@ configuration looks like this:
 
                 main:
                     anonymous: ~
+                    provider: users_in_memory
 
     .. code-block:: xml
 
@@ -67,7 +68,7 @@ configuration looks like this:
                 https://symfony.com/schema/dic/services/services-1.0.xsd">
 
             <config>
-                <provider name="in_memory">
+                <provider name="users_in_memory">
                     <memory/>
                 </provider>
 
@@ -77,6 +78,7 @@ configuration looks like this:
 
                 <firewall name="main">
                     <anonymous/>
+                    <provider>users_in_memory</provider>
                 </firewall>
             </config>
         </srv:container>
@@ -86,7 +88,7 @@ configuration looks like this:
         // app/config/security.php
         $container->loadFromExtension('security', [
             'providers' => [
-                'in_memory' => [
+                'users_in_memory' => [
                     'memory' => null,
                 ],
             ],
@@ -97,6 +99,7 @@ configuration looks like this:
                 ],
                 'main' => [
                     'anonymous' => null,
+                    'provider' => 'users_in_memory'
                 ],
             ],
         ]);
@@ -315,7 +318,7 @@ provider, but it's better to think of it as an "in configuration" provider:
         # app/config/security.yml
         security:
             providers:
-                in_memory:
+                users_in_memory:
                     memory:
                         users:
                             ryan:
@@ -324,7 +327,11 @@ provider, but it's better to think of it as an "in configuration" provider:
                             admin:
                                 password: kitten
                                 roles: 'ROLE_ADMIN'
-            # ...
+
+            firewalls:
+                main:
+                    provider: users_in_memory
+                    # ...
 
     .. code-block:: xml
 
@@ -337,13 +344,16 @@ provider, but it's better to think of it as an "in configuration" provider:
                 https://symfony.com/schema/dic/services/services-1.0.xsd">
 
             <config>
-                <provider name="in_memory">
+                <provider name="users_in_memory">
                     <memory>
                         <user name="ryan" password="ryanpass" roles="ROLE_USER"/>
                         <user name="admin" password="kitten" roles="ROLE_ADMIN"/>
                     </memory>
                 </provider>
-                <!-- ... -->
+                <firewall name="main">
+                    <provider>users_in_memory</provider>
+                    <!-- ... -->
+                </firewall>
             </config>
         </srv:container>
 
@@ -352,7 +362,7 @@ provider, but it's better to think of it as an "in configuration" provider:
         // app/config/security.php
         $container->loadFromExtension('security', [
             'providers' => [
-                'in_memory' => [
+                'users_in_memory' => [
                     'memory' => [
                         'users' => [
                             'ryan' => [
@@ -367,13 +377,17 @@ provider, but it's better to think of it as an "in configuration" provider:
                     ],
                 ],
             ],
-            // ...
+            'firewalls' => [
+                'main' => [
+                    'provider' => 'users_in_memory',
+                ],
+            ],
         ]);
 
 Like with ``firewalls``, you can have multiple ``providers``, but you'll
-probably only need one. If you *do* have multiple, you can configure which
+probably only need one. If you *do* have multiple, you have to configure which
 *one* provider to use for your firewall under its ``provider`` key (e.g.
-``provider: in_memory``).
+``provider: users_in_memory``).
 
 .. seealso::
 
@@ -421,20 +435,22 @@ To fix this, add an ``encoders`` key:
     .. code-block:: php
 
         // app/config/security.php
+        use Symfony\Component\Security\Core\User\User;
+
         $container->loadFromExtension('security', [
             // ...
 
             'encoders' => [
-                'Symfony\Component\Security\Core\User\User' => 'plaintext',
+                User::class => 'plaintext',
             ],
             // ...
         ]);
 
-User providers load user information and put it into a ``User`` object. If
-you :doc:`load users from the database </security/entity_provider>`
+User providers load user information and put it into a :class:`Symfony\\Component\\Security\\Core\\User\\UserInterface`
+implementation. If you :doc:`load users from the database </security/entity_provider>`
 or :doc:`some other source </security/custom_provider>`, you'll
-use your own custom User class. But when you use the "in memory" provider,
-it gives you a ``Symfony\Component\Security\Core\User\User`` object.
+use your own custom User class. But when you use the "in memory" provider type,
+it gives you a :class:`Symfony\\Component\\Security\\Core\\User\\User` object.
 
 Whatever your User class is, you need to tell Symfony what algorithm was
 used to encode the passwords. In this case, the passwords are just plaintext,
@@ -449,6 +465,67 @@ you who you are and what roles you have:
 Because this URL requires ``ROLE_ADMIN``, if you had logged in as ``ryan``,
 this would deny you access. More on that later (:ref:`security-authorization-access-control`).
 
+.. tip::
+
+    If you have many providers and want to define the same encoder for all of
+    them, you can configure as follow:
+
+    .. configuration-block::
+
+        .. code-block:: yaml
+
+            # app/config/security.yml
+            security:
+                encoders:
+                    Symfony\Component\Security\Core\User\UserInterface: bcrypt
+
+                    # is equivalent to:
+                    AppBundle\Entity\User: bcrypt
+                    Symfony\Component\Security\Core\User\User: bcrypt
+                    # and any other type you may add in the future
+                # ...
+
+        .. code-block:: xml
+
+            <!-- app/config/security.xml -->
+            <?xml version="1.0" encoding="UTF-8"?>
+            <srv:container xmlns="http://symfony.com/schema/dic/security"
+                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                xmlns:srv="http://symfony.com/schema/dic/services"
+                xsi:schemaLocation="http://symfony.com/schema/dic/services
+                    https://symfony.com/schema/dic/services/services-1.0.xsd">
+
+                <config>
+                    <encoder class="Symfony\Component\Security\Core\User\UserInterface"
+                        algorithm="bcrypt"/>
+                    <!-- is equivalent to: -->
+                    <encoder class="AppBundle\Entity\User"
+                        algorithm="bcrypt"/>
+                    <encoder class="Symfony\Component\Security\Core\User\User"
+                        algorithm="bcrypt"/>
+                    <!-- and any other type you may add in the future -->
+
+                    <!-- ... -->
+                </config>
+            </srv:container>
+
+        .. code-block:: php
+
+            // app/config/security.php
+            use Symfony\Component\Security\Core\User\UserInterface;
+
+            $container->loadFromExtension('security', [
+                'encoders' => [
+                    UserInterface::class => 'bcrypt',
+
+                    // is equivalent to:
+                    AppBundle\Entity\User::class => 'bcrypt',
+                    Symfony\Component\Security\Core\User\User::class => 'bcrypt',
+                    // and any other type you may add in the future
+                ],
+                // ...
+            ]);
+
 Loading Users from the Database
 ...............................
 
@@ -502,11 +579,13 @@ is ``bcrypt``:
     .. code-block:: php
 
         // app/config/security.php
+        use Symfony\Component\Security\Core\User\User;
+
         $container->loadFromExtension('security', [
             // ...
 
             'encoders' => [
-                'Symfony\Component\Security\Core\User\User' => [
+                User::class => [
                     'algorithm' => 'bcrypt',
                     'cost' => 12,
                 ]
@@ -532,7 +611,7 @@ It will give you something like this:
             # ...
 
             providers:
-                in_memory:
+                users_in_memory:
                     memory:
                         users:
                             ryan:
@@ -571,7 +650,7 @@ It will give you something like this:
             // ...
 
             'providers' => [
-                'in_memory' => [
+                'users_in_memory' => [
                     'memory' => [
                         'users' => [
                             'ryan' => [

diff --git a/security/custom_authentication_provider.rst b/security/custom_authentication_provider.rst
@@ -172,7 +172,7 @@ the value returned for the expected WSSE information, creates a token using
 that information, and passes the token on to the authentication manager. If
 the proper information is not provided, or the authentication manager throws
 an :class:`Symfony\\Component\\Security\\Core\\Exception\\AuthenticationException`,
-a 403 Response is returned.
+a 401 Response is returned.
 
 .. note::
 
@@ -188,7 +188,7 @@ a 403 Response is returned.
 
     Returning prematurely from the listener is relevant only if you want to chain
     authentication providers (for example to allow anonymous users). If you want
-    to forbid access to anonymous users and have a nice 403 error, you should set
+    to forbid access to anonymous users and have a 404 error, you should set
     the status code of the response before returning.
 
 The Authentication Provider

diff --git a/security/entity_provider.rst b/security/entity_provider.rst
@@ -246,9 +246,10 @@ the username and then check the password (more on passwords in a moment):
                 <!-- ... -->
 
                 <provider name="our_db_provider">
-                    <!-- if you're using multiple entity managers, add:
-                         manager-name="customer" -->
                     <entity class="AppBundle:User" property="username"/>
+
+                    <!-- if you're using multiple entity managers
+                    <entity class="AppBundle:User" property="username" manager-name="customer"/> -->
                 </provider>
 
                 <firewall name="main" pattern="^/" provider="our_db_provider">

diff --git a/security/force_https.rst b/security/force_https.rst
@@ -33,7 +33,7 @@ to use HTTPS then you could use the following configuration:
                 <config>
                     <!-- ... -->
 
-                    <rule path="^/secure" role="ROLE_ADMIN" requires_channel="https"/>
+                    <rule path="^/secure" role="ROLE_ADMIN" requires-channel="https"/>
                 </config>
             </srv:container>
 
@@ -83,7 +83,7 @@ role:
 
                 <rule path="^/login"
                     role="IS_AUTHENTICATED_ANONYMOUSLY"
-                    requires_channel="https"
+                    requires-channel="https"
                 />
             </config>
         </srv:container>
-Original file line number
+Diff line change
@@ Expand Up @@
     .. code-block:: javascript
-        // webpack/config.js
+        // webpack.config.js
         Encore
             // ...
@@ Expand Down @@