Merge branch '2.7'

book/security.rst

@@ -21,7 +21,8 @@ sections:
 #. Fetching the current User object.
 
 These are followed by a number of small (but still captivating) sections,
-like :ref:`logging out <book-security-logging-out>` and :ref:`encoding user passwords <security-encoding-password>`.
+like :ref:`logging out <book-security-logging-out>` and
+:ref:`encoding user passwords <security-encoding-password>`.
 
 .. _book-security-firewalls:
 
@@ -362,6 +363,11 @@ probably only need one. If you *do* have multiple, you can configure which
 *one* provider to use for your firewall under its ``provider`` key (e.g.
 ``provider: in_memory``).
 
+.. seealso::
+
+    See :doc:`/cookbook/security/multiple_user_providers` for
+    all the details about multiple providers setup.
+
 Try to login using username ``admin`` and password ``kitten``. You should
 see an error!
 
@@ -666,11 +672,11 @@ Add Code to Deny Access
 
 There are **two** ways to deny access to something:
 
-1) :ref:`access_control in security.yml <security-authorization-access-control>`
+#. :ref:`access_control in security.yml <security-authorization-access-control>`
    allows you to protect URL patterns (e.g. ``/admin/*``). This is easy,
    but less flexible;
 
-2) :ref:`in your code via the security.authorization_checker service <book-security-securing-controller>`.
+#. :ref:`in your code via the security.authorization_checker service <book-security-securing-controller>`.
 
 .. _security-authorization-access-control:
 
@@ -838,8 +844,10 @@ In both cases, a special
 is thrown, which ultimately triggers a 403 HTTP response inside Symfony.
 
 That's it! If the user isn't logged in yet, they will be asked to login (e.g.
-redirected to the login page). If they *are* logged in, they'll be shown
-the 403 access denied page (which you can :ref:`customize <cookbook-error-pages-by-status-code>`).
+redirected to the login page). If they *are* logged in, but do *not* have the
+``ROLE_ADMIN`` role, they'll be shown the 403 access denied page (which you can
+:ref:`customize <cookbook-error-pages-by-status-code>`). If they are logged in
+and have the correct roles, the code will be executed.
 
 .. _book-security-securing-controller-annotations:
 
@@ -881,14 +889,13 @@ the built-in helper function:
             <a href="...">Delete</a>
         <?php endif ?>
 
-If you use this function and are *not* behind a firewall, an exception
-will be thrown. Again, it's almost always a good
-idea to have a main firewall that covers all URLs (as has been shown
-in this chapter).
+If you use this function and you are *not* behind a firewall, an exception will
+be thrown. Again, it's almost always a good idea to have a main firewall that
+covers all URLs (as shown before in this chapter).
 
 .. caution::
 
-    Be careful with this in your layout or on your error pages! Because of
+    Be careful with this in your base layout or on your error pages! Because of
     some internal Symfony details, to avoid broken error pages in the ``prod``
     environment, wrap calls in these templates with a check for ``app.user``:
 
@@ -899,10 +906,10 @@ in this chapter).
 Securing other Services
 .......................
 
-In fact, anything in Symfony can be protected by doing something similar
-to this. For example, suppose you have a service (i.e. a PHP class) whose
-job is to send emails. You can restrict use of this class - no matter where
-it's being used from - to only certain users.
+Anything in Symfony can be protected by doing something similar to the code
+used to secure a controller. For example, suppose you have a service (i.e. a
+PHP class) whose job is to send emails. You can restrict use of this class - no
+matter where it's being used from - to only certain users.
 
 For more information see :doc:`/cookbook/security/securing_services`.
 
@@ -911,7 +918,8 @@ Checking to see if a User is Logged In (IS_AUTHENTICATED_FULLY)
 
 So far, you've checked access based on roles - those strings that start with
 ``ROLE_`` and are assigned to users. But if you *only* want to check if a
-user is logged in (you don't care about roles), then you can see ``IS_AUTHENTICATED_FULLY``::
+user is logged in (you don't care about roles), then you can use
+``IS_AUTHENTICATED_FULLY``::
 
     // ...
 
@@ -1026,6 +1034,7 @@ Now you can call whatever methods are on *your* User object. For example,
 if your User object has a ``getFirstName()`` method, you could use that::
 
     use Symfony\Component\HttpFoundation\Response;
+    // ...
 
     public function indexAction()
     {
@@ -1359,7 +1368,7 @@ configuration tree may be useful.
 
 Good luck!
 
-Learn more from the Cookbook
+Learn More from the Cookbook
 ----------------------------
 
 * :doc:`Forcing HTTP/HTTPS </cookbook/security/force_https>`

book/templating.rst

@@ -135,10 +135,10 @@ Throughout this chapter, template examples will be shown in both Twig and PHP.
     web designers everywhere.
 
     Twig can also do things that PHP can't, such as whitespace control,
-    sandboxing, automatic and contextual output escaping, and the inclusion of
-    custom functions and filters that only affect templates. Twig contains
-    little features that make writing templates easier and more concise. Take
-    the following example, which combines a loop with a logical ``if``
+    sandboxing, automatic HTML escaping, manual contextual output escaping, 
+    and the inclusion of custom functions and filters that only affect templates.
+    Twig contains little features that make writing templates easier and more concise.
+    Take the following example, which combines a loop with a logical ``if``
     statement:
 
     .. code-block:: html+jinja

book/validation.rst

@@ -103,6 +103,11 @@ following:
     Protected and private properties can also be validated, as well as "getter"
     methods (see :ref:`validator-constraint-targets`).
 
+.. versionadded:: 2.7
+    As of Symfony 2.7, XML and Yaml constraint files located in the
+    ``Resources/config/validation`` sub-directory of a bundle are loaded. Prior
+    to 2.7, only ``Resources/config/validation.yml`` (or ``.xml``) were loaded.
+
 .. index::
    single: Validation; Using the validator
 

components/console/helpers/progressbar.rst

@@ -330,4 +330,4 @@ your own::
 For the ``filename`` to be part of the progress bar, just add the
 ``%filename%`` placeholder in your format::
 
-    $bar->setFormat(" %message%\n %step%/%max%\n Working on %filename%");
+    $bar->setFormat(" %message%\n %current%/%max%\n Working on %filename%");

components/console/logger.rst

@@ -96,8 +96,8 @@ constructor::
 
     // ...
     $formatLevelMap = array(
-        LogLevel::CRITICAL => self::INFO,
-        LogLevel::DEBUG    => self::ERROR,
+        LogLevel::CRITICAL => ConsoleLogger::INFO,
+        LogLevel::DEBUG    => ConsoleLogger::ERROR,
     );
     $logger = new ConsoleLogger($output, array(), $formatLevelMap);
 

components/dependency_injection/factories.rst

@@ -4,11 +4,6 @@
 Using a Factory to Create Services
 ==================================
 
-.. versionadded:: 2.6
-    The new :method:`Symfony\\Component\\DependencyInjection\\Definition::setFactory`
-    method was introduced in Symfony 2.6. Refer to older versions for the
-    syntax for factories prior to 2.6.
-
 Symfony's Service Container provides a powerful way of controlling the
 creation of objects, allowing you to specify arguments passed to the constructor
 as well as calling methods and setting parameters. Sometimes, however, this
@@ -17,6 +12,11 @@ For this situation, you can use a factory to create the object and tell the
 service container to call a method on the factory rather than directly instantiating
 the class.
 
+.. versionadded:: 2.6
+    The new :method:`Symfony\\Component\\DependencyInjection\\Definition::setFactory`
+    method was introduced in Symfony 2.6. Refer to older versions for the
+    syntax for factories prior to 2.6.
+
 Suppose you have a factory that configures and returns a new ``NewsletterManager``
 object::
 

components/serializer.rst

@@ -241,7 +241,7 @@ CamelCase to snake_case
 ~~~~~~~~~~~~~~~~~~~~~~~
 
 .. versionadded:: 2.7
-    The :class:`Symfony\\Component\\Serializer\\NameConverter\\CamelCaseToUnderscoreNameConverter`
+    The :class:`Symfony\\Component\\Serializer\\NameConverter\\CamelCaseToSnakeCaseNameConverter`
     interface was introduced in Symfony 2.7.
 
 In many formats, it's common to use underscores to separate words (also known

components/var_dumper/advanced.rst

@@ -145,8 +145,7 @@ Another option for doing the same could be::
     $output = fopen('php://memory', 'r+b');
 
     $dumper->dump($cloner->cloneVar($variable), $output);
-    rewind($output);
-    $output = stream_get_contents($output);
+    $output = stream_get_contents($output, -1, 0);
 
     // $output is now populated with the dump representation of $variable
 

cookbook/security/entity_provider.rst

@@ -321,7 +321,7 @@ If a User's ``isActive`` property is set to ``false`` (i.e. ``is_active``
 is 0 in the database), the user will still be able to login to the site
 normally. This is easily fixable.
 
-To exclude inactive users, change your ``User`` clas to implement
+To exclude inactive users, change your ``User`` class to implement
 :class:`Symfony\\Component\\Security\\Core\\User\\AdvancedUserInterface`.
 This extends :class:`Symfony\\Component\\Security\\Core\\User\\UserInterface`,
 so you only need the new interface::

cookbook/templating/render_without_controller.rst

@@ -10,7 +10,7 @@ a simple template that doesn't need any data passed into it, you can avoid
 creating the controller entirely, by using the built-in ``FrameworkBundle:Template:template``
 controller.
 
-For example, suppose you want to render a ``AppBundle:Static:privacy.html.twig``
+For example, suppose you want to render a ``static/privacy.html.twig``
 template, which doesn't require that any variables are passed to it. You
 can do this without creating a controller:
 
@@ -22,7 +22,7 @@ can do this without creating a controller:
             path: /privacy
             defaults:
                 _controller: FrameworkBundle:Template:template
-                template:    'AppBundle:Static:privacy.html.twig'
+                template:    static/privacy.html.twig
 
     .. code-block:: xml
 
@@ -34,7 +34,7 @@ can do this without creating a controller:
 
             <route id="acme_privacy" path="/privacy">
                 <default key="_controller">FrameworkBundle:Template:template</default>
-                <default key="template">AppBundle:Static:privacy.html.twig</default>
+                <default key="template">static/privacy.html.twig</default>
             </route>
         </routes>
 
@@ -46,7 +46,7 @@ can do this without creating a controller:
         $collection = new RouteCollection();
         $collection->add('acme_privacy', new Route('/privacy', array(
             '_controller'  => 'FrameworkBundle:Template:template',
-            'template'     => 'AppBundle:Static:privacy.html.twig',
+            'template'     => 'static/privacy.html.twig',
         )));
 
         return $collection;
@@ -89,7 +89,7 @@ other variables in your route, you can control exactly how your page is cached:
             path: /privacy
             defaults:
                 _controller:  FrameworkBundle:Template:template
-                template:     'AppBundle:Static:privacy.html.twig'
+                template:     'static/privacy.html.twig'
                 maxAge:       86400
                 sharedAge:    86400
 
@@ -103,7 +103,7 @@ other variables in your route, you can control exactly how your page is cached:
 
             <route id="acme_privacy" path="/privacy">
                 <default key="_controller">FrameworkBundle:Template:template</default>
-                <default key="template">AppBundle:Static:privacy.html.twig</default>
+                <default key="template">static/privacy.html.twig</default>
                 <default key="maxAge">86400</default>
                 <default key="sharedAge">86400</default>
             </route>
@@ -117,7 +117,7 @@ other variables in your route, you can control exactly how your page is cached:
         $collection = new RouteCollection();
         $collection->add('acme_privacy', new Route('/privacy', array(
             '_controller'  => 'FrameworkBundle:Template:template',
-            'template'     => 'AppBundle:Static:privacy.html.twig',
+            'template'     => 'static/privacy.html.twig',
             'maxAge'       => 86400,
             'sharedAge' => 86400,
         )));

reference/configuration/twig.rst

@@ -10,13 +10,19 @@ TwigBundle Configuration ("twig")
 
         twig:
             exception_controller:  twig.controller.exception:showAction
+
             form_themes:
 
                 # Default:
                 - form_div_layout.html.twig
 
+                # Bootstrap:
+                - bootstrap_3_layout.html.twig
+                - bootstrap_3_horizontal_layout.html.twig
+
                 # Example:
                 - MyBundle::form.html.twig
+
             globals:
 
                 # Examples:

reference/forms/types/checkbox.rst

@@ -37,8 +37,8 @@ Example Usage
 .. code-block:: php
 
     $builder->add('public', 'checkbox', array(
-        'label'     => 'Show this entry publicly?',
-        'required'  => false,
+        'label'    => 'Show this entry publicly?',
+        'required' => false,
     ));
 
 Field Options

reference/forms/types/choice.rst

@@ -51,8 +51,8 @@ user sees on the form (e.g. ``Male``).
 .. code-block:: php
 
     $builder->add('gender', 'choice', array(
-        'choices'   => array('m' => 'Male', 'f' => 'Female'),
-        'required'  => false,
+        'choices'  => array('m' => 'Male', 'f' => 'Female'),
+        'required' => false,
     ));
 
 By setting ``multiple`` to true, you can allow the user to choose multiple
@@ -62,12 +62,12 @@ of checkboxes depending on the ``expanded`` option:
 .. code-block:: php
 
     $builder->add('availability', 'choice', array(
-        'choices'   => array(
+        'choices' => array(
             'morning'   => 'Morning',
             'afternoon' => 'Afternoon',
             'evening'   => 'Evening',
         ),
-        'multiple'  => true,
+        'multiple' => true,
     ));
 
 You can also use the ``choice_list`` option, which takes an object that can
@@ -90,7 +90,7 @@ by this field. The ``choices`` option is an array, where the array key
 is the item value and the array value is the item's label::
 
     $builder->add('gender', 'choice', array(
-        'choices' => array('m' => 'Male', 'f' => 'Female')
+        'choices' => array('m' => 'Male', 'f' => 'Female'),
     ));
 
 .. tip::

reference/forms/types/entity.rst

@@ -76,7 +76,7 @@ option. The easiest way to use the option is as follows::
 
     $builder->add('users', 'entity', array(
         'class' => 'AcmeHelloBundle:User',
-        'query_builder' => function(EntityRepository $er) {
+        'query_builder' => function (EntityRepository $er) {
             return $er->createQueryBuilder('u')
                 ->orderBy('u.username', 'ASC');
         },

reference/forms/types/options/trim.rst.inc

@@ -4,6 +4,6 @@ trim
 **type**: ``Boolean`` **default**: ``true``
 
 If true, the whitespace of the submitted string value will be stripped
-via the ``trim()`` function when the data is bound. This guarantees that
+via the :phpfunction:`trim` function when the data is bound. This guarantees that
 if a value is submitted with extra whitespace, it will be removed before
 the value is merged back onto the underlying object.

reference/forms/types/password.rst

@@ -76,4 +76,12 @@ The default value is ``''`` (the empty string).
 
 .. include:: /reference/forms/types/options/required.rst.inc
 
-.. include:: /reference/forms/types/options/trim.rst.inc
+trim
+~~~~
+
+**type**: ``Boolean`` **default**: ``false``
+
+If true, the whitespace of the submitted string value will be stripped
+via the :phpfunction:`trim` function when the data is bound. This guarantees that
+if a value is submitted with extra whitespace, it will be removed before
+the value is merged back onto the underlying object.

reference/forms/types/timezone.rst

@@ -18,7 +18,7 @@ you should just use the ``choice`` type directly.
 +-------------+------------------------------------------------------------------------+
 | Rendered as | can be various tags (see :ref:`forms-reference-choice-tags`)           |
 +-------------+------------------------------------------------------------------------+
-| Overridden  | - `choice_list`_                                                       |
+| Overridden  | - `choices`_                                                           |
 | Options     |                                                                        |
 +-------------+------------------------------------------------------------------------+
 | Inherited   | from the :doc:`choice </reference/forms/types/choice>` type            |
@@ -49,12 +49,12 @@ you should just use the ``choice`` type directly.
 Overridden Options
 ------------------
 
-choice_list
-~~~~~~~~~~~
+choices
+~~~~~~~
 
 **default**: :class:`Symfony\\Component\\Form\\Extension\\Core\\ChoiceList\\TimezoneChoiceList`
 
-The Timezone type defaults the choice_list to all timezones returned by
+The Timezone type defaults the choices to all timezones returned by
 :phpmethod:`DateTimeZone::listIdentifiers`, broken down by continent.
 
 Inherited Options