Merge remote branch 'schmittjoh/security'

* schmittjoh/security:
  [Security/Core] force implementations to accept null values
  [Security/Acl] some misc fixes
  [Security/Acl] removed Doctrine dependency from interfaces and moved them to the actual implementation
  [SecurityBundle] changed expected value for token_provider key in the rememberme section

UPDATE.md

@@ -21,6 +21,9 @@ PR12 to PR13
 
         $container->removeDefinition('my_definition');
         $definition->replaceArgument(0, 'foo');
+        
+* In the rememberme configuration, the token_provider key now expects a real 
+  service id instead of only a suffix.
 
 PR11 to PR12
 ------------

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php

@@ -35,9 +35,6 @@ class RememberMeFactory implements SecurityFactoryInterface
 
         // remember me services
         if (isset($config['token_provider'])) {
-            $config['token-provider'] = $config['token_provider'];
-        }
-        if (isset($config['token-provider'])) {
             $templateId = 'security.authentication.rememberme.services.persistent';
             $rememberMeServicesId = $templateId.'.'.$id;
         } else {
@@ -56,10 +53,9 @@ class RememberMeFactory implements SecurityFactoryInterface
         $rememberMeServices->replaceArgument(1, $config['key']);
         $rememberMeServices->replaceArgument(2, $id);
 
-        if (isset($config['token-provider'])) {
-            // FIXME: make the naming assumption more flexible
+        if (isset($config['token_provider'])) {
             $rememberMeServices->addMethodCall('setTokenProvider', array(
-                new Reference('security.rememberme.token.provider.'.$config['token-provider'])
+                new Reference($config['token_provider'])
             ));
         }
 

src/Symfony/Component/Security/Acl/Domain/Acl.php

@@ -10,6 +10,7 @@
 
 namespace Symfony\Component\Security\Acl\Domain;
 
+use Doctrine\Common\NotifyPropertyChanged;
 use Doctrine\Common\PropertyChangedListener;
 use Symfony\Component\Security\Acl\Model\AclInterface;
 use Symfony\Component\Security\Acl\Model\AuditableAclInterface;
@@ -33,7 +34,7 @@ use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
  *
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
-class Acl implements AuditableAclInterface
+class Acl implements AuditableAclInterface, NotifyPropertyChanged
 {
     private $parentAcl;
     private $permissionGrantingStrategy;

src/Symfony/Component/Security/Acl/Domain/FieldEntry.php

@@ -12,7 +12,7 @@
 namespace Symfony\Component\Security\Acl\Domain;
 
 use Symfony\Component\Security\Acl\Model\AclInterface;
-use Symfony\Component\Security\Acl\Model\FieldAwareEntryInterface;
+use Symfony\Component\Security\Acl\Model\FieldEntryInterface;
 use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
 
 /**
@@ -20,7 +20,7 @@ use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
  *
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
-class FieldEntry extends Entry implements FieldAwareEntryInterface
+class FieldEntry extends Entry implements FieldEntryInterface
 {
     private $field;
 

src/Symfony/Component/Security/Acl/Domain/PermissionGrantingStrategy.php

@@ -30,16 +30,8 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
     const ALL   = 'all';
     const ANY   = 'any';
 
-    private static $noAceException;
     private $auditLogger;
 
-    public function __construct()
-    {
-        if (null === static::$noAceException) {
-            static::$noAceException = new NoAceFoundException('No ACE.');
-        }
-    }
-
     /**
      * Sets the audit logger
      *
@@ -61,7 +53,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
                 $aces = $acl->getObjectAces();
 
                 if (!$aces) {
-                    throw static::$noAceException;
+                    throw new NoAceFoundException();
                 }
 
                 return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
@@ -69,7 +61,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
                 $aces = $acl->getClassAces();
 
                 if (!$aces) {
-                    throw static::$noAceException;
+                    throw $noObjectAce;
                 }
 
                 return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
@@ -79,7 +71,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
                 return $parentAcl->isGranted($masks, $sids, $administrativeMode);
             }
 
-            throw new NoAceFoundException('No applicable ACE was found.');
+            throw $noClassAce;
         }
     }
 
@@ -92,14 +84,14 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
             try {
                 $aces = $acl->getObjectFieldAces($field);
                 if (!$aces) {
-                    throw static::$noAceException;
+                    throw new NoAceFoundException();
                 }
 
                 return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
             } catch (NoAceFoundException $noObjectAces) {
                 $aces = $acl->getClassFieldAces($field);
                 if (!$aces) {
-                    throw static::$noAceException;
+                    throw $noObjectAces;
                 }
 
                 return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
@@ -109,7 +101,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
                 return $parentAcl->isFieldGranted($field, $masks, $sids, $administrativeMode);
             }
 
-            throw new NoAceFoundException('No applicable ACE was found.');
+            throw $noClassAces;
         }
     }
 
@@ -177,7 +169,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
             return false;
         }
 
-        throw static::$noAceException;
+        throw new NoAceFoundException();
     }
 
     /**

src/Symfony/Component/Security/Acl/Exception/NoAceFoundException.php

@@ -19,4 +19,8 @@ namespace Symfony\Component\Security\Acl\Exception;
  */
 class NoAceFoundException extends Exception
 {
+    public function __construct()
+    {
+        parent::__construct('No applicable ACE was found.');
+    }
 }

src/Symfony/Component/Security/Acl/Model/FieldAwareEntryInterface.php

@@ -16,7 +16,7 @@ namespace Symfony\Component\Security\Acl\Model;
  *
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
-interface FieldAwareEntryInterface
+interface FieldEntryInterface extends EntryInterface
 {
     /**
      * Returns the field used for this entry.

src/Symfony/Component/Security/Acl/Model/MutableAclInterface.php

@@ -11,8 +11,6 @@
 
 namespace Symfony\Component\Security\Acl\Model;
 
-use Doctrine\Common\NotifyPropertyChanged;
-
 /**
  * This interface adds mutators for the AclInterface.
  *
@@ -21,7 +19,7 @@ use Doctrine\Common\NotifyPropertyChanged;
  *
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
-interface MutableAclInterface extends AclInterface, NotifyPropertyChanged
+interface MutableAclInterface extends AclInterface
 {
     /**
      * Deletes a class-based ACE

src/Symfony/Component/Security/Core/SecurityContextInterface.php

@@ -28,7 +28,7 @@ interface SecurityContextInterface
      * @param TokenInterface $token
      * @return void
      */
-    function setToken(TokenInterface $token);
+    function setToken(TokenInterface $token = null);
 
     /**
      * Checks if the attributes are granted against the current authentication token and optionally supplied object.