sonata-project / SonataUserBundle

Symfony SonataUserBundle
https://docs.sonata-project.org/projects/SonataUserBundle
MIT License
342 stars 487 forks source link

SonataUserBundle 5.6.0 changes to `BaseUser.mongodb.xml` break XML validation #1612

Closed landure closed 1 year ago

landure commented 1 year ago

Environment

Sonata packages

show

``` $ composer show --latest 'sonata-project/*' Direct dependencies required in composer.json: sonata-project/admin-bundle 4.22.4 4.22.4 The missing Symfony Admin Generator sonata-project/block-bundle 4.20.0 4.20.0 Symfony SonataBlockBundle sonata-project/doctrine-mongodb-admin-bundle 4.7.0 4.7.0 Symfony Sonata / Integrate Doctrine MongoDB ODM into the SonataAdminBundle sonata-project/user-bundle 5.6.0 5.6.0 Symfony SonataUserBundle Transitive dependencies not required in composer.json: sonata-project/cache 2.2.0 2.2.0 Cache library Package sonata-project/cache is abandoned, you should avoid using it. No replacement was suggested. sonata-project/doctrine-extensions 2.2.0 2.2.0 Doctrine2 behavioral extensions sonata-project/exporter 3.1.1 3.1.1 Lightweight Exporter library sonata-project/form-extensions 1.18.1 1.18.1 Symfony form extensions sonata-project/twig-extensions 2.0.0 2.0.0 Sonata twig extensions ```

Symfony packages

show

``` $ composer show --latest 'symfony/*' Direct dependencies required in composer.json: symfony/asset v6.2.7 v6.2.7 Manages URL generation and versioning of web assets such as CSS stylesheets, JavaScript files and image files symfony/browser-kit v6.2.7 v6.2.7 Simulates the behavior of a web browser, allowing you to make requests, click on links and submit forms programmatically symfony/console v6.2.7 v6.2.7 Eases the creation of beautiful and testable command line interfaces symfony/css-selector v6.2.7 v6.2.7 Converts CSS selectors to XPath expressions symfony/debug-bundle v6.2.7 v6.2.7 Provides a tight integration of the Symfony VarDumper component and the ServerLogCommand from MonologBridge into the Symfony full-stack framework symfony/dependency-injection v6.2.7 v6.2.7 Allows you to standardize and centralize the way objects are constructed in your application symfony/doctrine-messenger v6.2.7 v6.2.7 Symfony Doctrine Messenger Bridge symfony/dotenv v6.2.7 v6.2.7 Registers environment variables from a .env file symfony/expression-language v6.2.7 v6.2.7 Provides an engine that can compile and evaluate expressions symfony/flex v2.2.5 v2.2.5 Composer plugin for Symfony symfony/form v6.2.7 v6.2.7 Allows to easily create, process and reuse HTML forms symfony/framework-bundle v6.2.7 v6.2.7 Provides a tight integration between Symfony components and the Symfony full-stack framework symfony/http-client v6.2.7 v6.2.7 Provides powerful methods to fetch HTTP resources synchronously or asynchronously symfony/intl v6.2.7 v6.2.7 Provides a PHP replacement layer for the C intl extension that includes additional data from the ICU library symfony/mailer v6.2.7 v6.2.7 Helps sending emails symfony/maker-bundle v1.48.0 v1.48.0 Symfony Maker helps you create empty commands, controllers, form classes, tests and more so you can forget about writing boilerplate code. symfony/mercure-bundle v0.3.6 v0.3.6 Symfony MercureBundle symfony/mime v6.2.7 v6.2.7 Allows manipulating MIME messages symfony/monolog-bundle v3.8.0 v3.8.0 Symfony MonologBundle symfony/notifier v6.2.7 v6.2.7 Sends notifications via one or more channels (email, SMS, ...) symfony/phpunit-bridge v6.2.7 v6.2.7 Provides utilities for PHPUnit, especially user deprecation notices management symfony/process v6.2.7 v6.2.7 Executes commands in sub-processes symfony/property-access v6.2.7 v6.2.7 Provides functions to read and write from/to an object or array using a simple string notation symfony/property-info v6.2.7 v6.2.7 Extracts information about PHP class' properties using metadata of popular sources symfony/proxy-manager-bridge v6.2.7 v6.2.7 Provides integration for ProxyManager with various Symfony components symfony/runtime v6.2.7 v6.2.7 Enables decoupling PHP applications from global state symfony/security-bundle v6.2.7 v6.2.7 Provides a tight integration of the Security component into the Symfony full-stack framework symfony/serializer v6.2.7 v6.2.7 Handles serializing and deserializing data structures, including object graphs, into array structures or other formats like XML and JSON. symfony/stopwatch v6.2.7 v6.2.7 Provides a way to profile code symfony/string v6.2.7 v6.2.7 Provides an object-oriented API to strings and deals with bytes, UTF-8 code points and grapheme clusters in a unified way symfony/templating v6.2.7 v6.2.7 Provides all the tools needed to build any kind of template system symfony/translation v6.2.7 v6.2.7 Provides tools to internationalize your application symfony/twig-bundle v6.2.7 v6.2.7 Provides a tight integration of Twig into the Symfony full-stack framework symfony/ux-chartjs v2.7.1 v2.7.1 Chart.js integration for Symfony symfony/validator v6.2.7 v6.2.7 Provides tools to validate values symfony/web-link v6.2.7 v6.2.7 Manages links between resources symfony/web-profiler-bundle v6.2.7 v6.2.7 Provides a development tool that gives detailed information about the execution of any request symfony/webpack-encore-bundle v1.16.1 v1.16.1 Integration with your Symfony app & Webpack Encore! symfony/yaml v6.2.7 v6.2.7 Loads and dumps YAML files Transitive dependencies not required in composer.json: symfony/cache v6.2.7 v6.2.7 Provides extended PSR-6, PSR-16 (and tags) implementations symfony/cache-contracts v3.2.1 v3.2.1 Generic abstractions related to caching symfony/config v6.2.7 v6.2.7 Helps you find, load, combine, autofill and validate configuration values of any kind symfony/deprecation-contracts v3.2.1 v3.2.1 A generic function and convention to trigger deprecation notices symfony/doctrine-bridge v6.2.7 v6.2.7 Provides integration for Doctrine with various Symfony components symfony/dom-crawler v6.2.7 v6.2.7 Eases DOM navigation for HTML and XML documents symfony/error-handler v6.2.7 v6.2.7 Provides tools to manage errors and ease debugging PHP code symfony/event-dispatcher v6.2.7 v6.2.7 Provides tools that allow your application components to communicate with each other by dispatching events and listening to them symfony/event-dispatcher-contracts v3.2.1 v3.2.1 Generic abstractions related to dispatching event symfony/filesystem v6.2.7 v6.2.7 Provides basic utilities for the filesystem symfony/finder v6.2.7 v6.2.7 Finds files and directories via an intuitive fluent interface symfony/http-client-contracts v3.2.1 v3.2.1 Generic abstractions related to HTTP clients symfony/http-foundation v6.2.7 v6.2.7 Defines an object-oriented layer for the HTTP specification symfony/http-kernel v6.2.7 v6.2.7 Provides a structured process for converting a Request into a Response symfony/mercure v0.6.3 v0.6.3 Symfony Mercure Component symfony/messenger v6.2.7 v6.2.7 Helps applications send and receive messages to/from other applications or via message queues symfony/monolog-bridge v6.2.7 v6.2.7 Provides integration for Monolog with various Symfony components symfony/options-resolver v6.2.7 v6.2.7 Provides an improved replacement for the array_replace PHP function symfony/password-hasher v6.2.7 v6.2.7 Provides password hashing utilities symfony/polyfill-intl-grapheme v1.27.0 v1.27.0 Symfony polyfill for intl's grapheme_* functions symfony/polyfill-intl-icu v1.27.0 v1.27.0 Symfony polyfill for intl's ICU-related data and classes symfony/polyfill-intl-idn v1.27.0 v1.27.0 Symfony polyfill for intl's idn_to_ascii and idn_to_utf8 functions symfony/polyfill-intl-normalizer v1.27.0 v1.27.0 Symfony polyfill for intl's Normalizer class and related functions symfony/polyfill-mbstring v1.27.0 v1.27.0 Symfony polyfill for the Mbstring extension symfony/routing v6.2.7 v6.2.7 Maps an HTTP request to a set of configuration variables symfony/security-acl v3.3.2 v3.3.2 Symfony Security Component - ACL (Access Control List) symfony/security-core v6.2.7 v6.2.7 Symfony Security Component - Core Library symfony/security-csrf v6.2.7 v6.2.7 Symfony Security Component - CSRF Library symfony/security-http v6.2.7 v6.2.7 Symfony Security Component - HTTP Integration symfony/service-contracts v3.2.1 v3.2.1 Generic abstractions related to writing services symfony/translation-contracts v3.2.1 v3.2.1 Generic abstractions related to translation symfony/twig-bridge v6.2.7 v6.2.7 Provides integration for Twig with various Symfony components symfony/var-dumper v6.2.7 v6.2.7 Provides mechanisms for walking through any arbitrary PHP variable symfony/var-exporter v6.2.7 v6.2.7 Allows exporting any serializable PHP data structure to plain PHP code ```

PHP version

$ php -v
PHP 8.2.4 (cli) (built: Mar 16 2023 14:34:48) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.4, Copyright (c) Zend Technologies
    with Zend OPcache v8.2.4, Copyright (c), by Zend Technologies
    with Xdebug v3.2.0, Copyright (c) 2002-2022, by Derick Rethans

Subject

SonataUserBundle 5.6.0 changes to BaseUser.mongodb.xml triggers a XML validation failure error.

The change replace http by https in xmlns and xmlns:xsi attributes:

<doctrine-mongo-mapping xmlns="https://doctrine-project.org/schemas/odm/doctrine-mongo-mapping" xmlns:xsi="https://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="https://doctrine-project.org/schemas/odm/doctrine-mongo-mapping https://doctrine-project.org/schemas/odm/doctrine-mongo-mapping.xsd">

But https://doctrine-project.org/schemas/odm/doctrine-mongo-mapping and https://www.w3.org/2001/XMLSchema-instance are not valid XML namespaces. The only https allowed is in xsi:schemaLocation. The following line fix the issue and use HTTPS for the XSD file URL.

<doctrine-mongo-mapping xmlns="http://doctrine-project.org/schemas/odm/doctrine-mongo-mapping" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://doctrine-project.org/schemas/odm/doctrine-mongo-mapping https://www.doctrine-project.org/schemas/odm/doctrine-mongo-mapping.xsd">
``

## Minimal repository with the bug

The issue appears with SonataUserBundle 5.6.0

## Steps to reproduce

Use SonataUserBundle 5.6.0 with Doctrine MongoDB ODM and `sonata-project/doctrine-mongodb-admin-bundle`.

## Expected results

Symfony cache should clear without issue, and the Doctring MongoDB ODM mapping should load without errors.

## Actual results

After upgrading to SonataUserBundle 5.6.0, this error appears when clearing Symfony cache:

```log
In MappingException.php line 242:

  The mapping file /home/user/project/vendor/sonata-project/user-bundle/src/Resources/config/doctrine/BaseUser.mongodb.xml is invalid:                              
  Line 2:0: Element '{https://doctrine-project.org/schemas/odm/doctrine-mongo-mapping}doctrine-mongo-mapping': No matching global declaration available for the validation root.                                                                                                                                                                                 
VincentLanglet commented 1 year ago

Hi @landure, can you provide the PR ? :)

VincentLanglet commented 1 year ago

@jordisala1991 I think we will have the same issue for ORM

jordisala1991 commented 1 year ago

Would be nice to have a way to check those files on CI.

jordisala1991 commented 1 year ago

Not sure for ODM, but for ORM, the docs use https for all urls: https://www.doctrine-project.org/projects/doctrine-orm/en/2.14/reference/xml-mapping.html

Im going to check odm right now.

jordisala1991 commented 1 year ago

For ODM, seems to be using http for all urls: https://www.doctrine-project.org/projects/doctrine-mongodb-odm/en/latest/reference/xml-mapping.html