Merge branch 'master' into 2.1

docs/guide-es/db-migrations.md

@@ -684,10 +684,10 @@ Debajo hay una lista de todos los métodos de acceso a la base de datos:
 * [[yii\db\Migration::dropForeignKey()|dropForeignKey()]]: elimina una clave foránea
 * [[yii\db\Migration::createIndex()|createIndex()]]: crea un índice
 * [[yii\db\Migration::dropIndex()|dropIndex()]]: elimina un índice
-* [[yii\db\Migration::addCommentOnColumn()|addCommentOnColumn()]: agrega un comentario a una columna
-* [[yii\db\Migration::dropCommentFromColumn()|dropCommentFromColumn()]: elimina un comentario de una columna
-* [[yii\db\Migration::addCommentOnTable()|addCommentOnTable()]: agrega un comentario a una tabla
-* [[yii\db\Migration::dropCommentFromTable()|dropCommentFromTable()]: elimina un comentario de una tabla
+* [[yii\db\Migration::addCommentOnColumn()|addCommentOnColumn()]]: agrega un comentario a una columna
+* [[yii\db\Migration::dropCommentFromColumn()|dropCommentFromColumn()]]: elimina un comentario de una columna
+* [[yii\db\Migration::addCommentOnTable()|addCommentOnTable()]]: agrega un comentario a una tabla
+* [[yii\db\Migration::dropCommentFromTable()|dropCommentFromTable()]]: elimina un comentario de una tabla
 
 > Info: [[yii\db\Migration]] no provee un método de consulta a la base de datos. Esto es porque normalmente no necesitas
   mostrar mensajes detallados al traer datos de una base de datos. También se debe a que puedes utilizar el poderoso

docs/guide-ja/db-migrations.md

@@ -668,10 +668,10 @@ class m150101_185401_create_news_table extends Migration
 * [[yii\db\Migration::dropForeignKey()|dropForeignKey()]]: 外部キーを削除
 * [[yii\db\Migration::createIndex()|createIndex()]]: インデックスを作成
 * [[yii\db\Migration::dropIndex()|dropIndex()]]: インデックスを削除
-* [[yii\db\Migration::addCommentOnColumn()|addCommentOnColumn()]: カラムにコメントを追加
-* [[yii\db\Migration::dropCommentFromColumn()|dropCommentFromColumn()]: カラムからコメントを削除
-* [[yii\db\Migration::addCommentOnTable()|addCommentOnTable()]: テーブルにコメントを追加
-* [[yii\db\Migration::dropCommentFromTable()|dropCommentFromTable()]: テーブルからコメントを削除
+* [[yii\db\Migration::addCommentOnColumn()|addCommentOnColumn()]]: カラムにコメントを追加
+* [[yii\db\Migration::dropCommentFromColumn()|dropCommentFromColumn()]]: カラムからコメントを削除
+* [[yii\db\Migration::addCommentOnTable()|addCommentOnTable()]]: テーブルにコメントを追加
+* [[yii\db\Migration::dropCommentFromTable()|dropCommentFromTable()]]: テーブルからコメントを削除
 
 > Info: [[yii\db\Migration]] は、データベースクエリメソッドを提供しません。
   これは、通常、データベースからのデータ取得については、メッセージを追加して表示する必要がないからです。

docs/guide/db-migrations.md

@@ -684,10 +684,10 @@ Below is the list of all these database accessing methods:
 * [[yii\db\Migration::dropForeignKey()|dropForeignKey()]]: removing a foreign key
 * [[yii\db\Migration::createIndex()|createIndex()]]: creating an index
 * [[yii\db\Migration::dropIndex()|dropIndex()]]: removing an index
-* [[yii\db\Migration::addCommentOnColumn()|addCommentOnColumn()]: adding comment to column
-* [[yii\db\Migration::dropCommentFromColumn()|dropCommentFromColumn()]: dropping comment from column
-* [[yii\db\Migration::addCommentOnTable()|addCommentOnTable()]: adding comment to table
-* [[yii\db\Migration::dropCommentFromTable()|dropCommentFromTable()]: dropping comment from table
+* [[yii\db\Migration::addCommentOnColumn()|addCommentOnColumn()]]: adding comment to column
+* [[yii\db\Migration::dropCommentFromColumn()|dropCommentFromColumn()]]: dropping comment from column
+* [[yii\db\Migration::addCommentOnTable()|addCommentOnTable()]]: adding comment to table
+* [[yii\db\Migration::dropCommentFromTable()|dropCommentFromTable()]]: dropping comment from table
 
 > Info: [[yii\db\Migration]] does not provide a database query method. This is because you normally do not need
   to display extra message about retrieving data from a database. It is also because you can use the powerful

docs/guide/tutorial-performance-tuning.md

@@ -211,5 +211,10 @@ You should profile your code to find out the performance bottlenecks and take ap
 The following profiling tools may be useful:
 
 - [Yii debug toolbar and debugger](https://github.com/yiisoft/yii2-debug/blob/master/docs/guide/README.md)
-- [XDebug profiler](http://xdebug.org/docs/profiler)
+- [Blackfire](https://blackfire.io/)
 - [XHProf](http://www.php.net/manual/en/book.xhprof.php)
+- [XDebug profiler](http://xdebug.org/docs/profiler)
+
+## Prepare application for scaling
+
+When nothing helps you may try making your application scalabe. A good introduction is provided in [Configuring a Yii2 Application for an Autoscaling Stack](https://github.com/samdark/yii2-cookbook/blob/master/book/scaling.md). For further reading you may refer to [Web apps performance and scaling](http://thehighload.com/).

framework/CHANGELOG.md

@@ -32,6 +32,8 @@ Yii Framework 2 Change Log
 - Bug #11571: Fixed `yii\db\ColumnSchemaBuilder` to work with custom column types (andrey-mokhov, silverfire)
 - Bug #11662: Fixed `schema-oci.sql` for RBAC (jonny7)
 - Bug #11527: Fixed `bigPrimaryKey()` for SQLite (dynasource)
+- Bug #11686: `BaseArrayHelper::isIn()` comparison did not work in strict mode (taobig)
+- Enh #11679: Extracted `CheckAccessInterface` from `ManagerInterface` (SamMousa, samdark, mdomba)
 
 
 2.0.8 April 28, 2016

framework/grid/DataColumn.php

@@ -91,7 +91,7 @@ class DataColumn extends Column
      */
     public $sortLinkOptions = [];
     /**
-     * @var string|array|boolean the HTML code representing a filter input (e.g. a text field, a dropdown list)
+     * @var string|array|null|false the HTML code representing a filter input (e.g. a text field, a dropdown list)
      * that is used for this data column. This property is effective only when [[GridView::filterModel]] is set.
      *
      * - If this property is not set, a text field will be generated as the filter input;

framework/helpers/BaseArrayHelper.php

@@ -699,7 +699,7 @@ class BaseArrayHelper
     {
         if ($haystack instanceof \Traversable) {
             foreach ($haystack as $value) {
-                if ($needle == $value && (!$strict || $needle === $haystack)) {
+                if ($needle == $value && (!$strict || $needle === $value)) {
                     return true;
                 }
             }

framework/rbac/BaseManager.php

@@ -204,7 +204,7 @@ abstract class BaseManager extends Component implements ManagerInterface
      * @param string|integer $user the user ID. This should be either an integer or a string representing
      * the unique identifier of a user. See [[\yii\web\User::id]].
      * @param Item $item the auth item that needs to execute its rule
-     * @param array $params parameters passed to [[ManagerInterface::checkAccess()]] and will be passed to the rule
+     * @param array $params parameters passed to [[CheckAccessInterface::checkAccess()]] and will be passed to the rule
      * @return boolean the return value of [[Rule::execute()]]. If the auth item does not specify a rule, true will be returned.
      * @throws InvalidConfigException if the auth item has an invalid rule.
      */

framework/rbac/CheckAccessInterface.php

@@ -0,0 +1,21 @@
+<?php
+namespace yii\rbac;
+
+/**
+ * @author Sam Mousa <sam@mousa.nl>
+ * @since 2.0.9
+ */
+interface CheckAccessInterface
+{
+    /**
+     * Checks if the user has the specified permission.
+     * @param string|integer $userId the user ID. This should be either an integer or a string representing
+     * the unique identifier of a user. See [[\yii\web\User::id]].
+     * @param string $permissionName the name of the permission to be checked against
+     * @param array $params name-value pairs that will be passed to the rules associated
+     * with the roles and permissions assigned to the user.
+     * @return boolean whether the user has the specified permission.
+     * @throws \yii\base\InvalidParamException if $permissionName does not refer to an existing permission
+     */
+    public function checkAccess($userId, $permissionName, $params = []);
+}

framework/rbac/ManagerInterface.php

@@ -11,21 +11,9 @@ namespace yii\rbac;
  * @author Qiang Xue <qiang.xue@gmail.com>
  * @since 2.0
  */
-interface ManagerInterface
+interface ManagerInterface extends CheckAccessInterface
 {
     /**
-     * Checks if the user has the specified permission.
-     * @param string|integer $userId the user ID. This should be either an integer or a string representing
-     * the unique identifier of a user. See [[\yii\web\User::id]].
-     * @param string $permissionName the name of the permission to be checked against
-     * @param array $params name-value pairs that will be passed to the rules associated
-     * with the roles and permissions assigned to the user.
-     * @return boolean whether the user has the specified permission.
-     * @throws \yii\base\InvalidParamException if $permissionName does not refer to an existing permission
-     */
-    public function checkAccess($userId, $permissionName, $params = []);
-
-    /**
      * Creates a new Role object.
      * Note that the newly created role is not added to the RBAC system yet.
      * You must fill in the needed data and call [[add()]] to add it to the system.

framework/rbac/Rule.php

@@ -37,7 +37,7 @@ abstract class Rule extends Object
      * @param string|integer $user the user ID. This should be either an integer or a string representing
      * the unique identifier of a user. See [[\yii\web\User::id]].
      * @param Item $item the role or permission that this rule is associated with
-     * @param array $params parameters passed to [[ManagerInterface::checkAccess()]].
+     * @param array $params parameters passed to [[CheckAccessInterface::checkAccess()]].
      * @return boolean a value indicating whether the rule permits the auth item it is associated with.
      */
     abstract public function execute($user, $item, $params);

framework/validators/DateValidator.php

@@ -22,7 +22,11 @@ use yii\helpers\FormatConverter;
  * It is further possible to limit the date within a certain range using [[min]] and [[max]].
  *
  * Additional to validating the date it can also export the parsed timestamp as a machine readable format
- * which can be configured using [[timestampAttribute]].
+ * which can be configured using [[timestampAttribute]]. For values that include time information (not date-only values)
+ * also the time zone will be adjusted. The time zone of the input value is assumed to be the one specified by the [[timeZone]]
+ * property and the target timeZone will be UTC when [[timestampAttributeFormat]] is `null` (exporting as UNIX timestamp)
+ * or [[timestampAttributeTimeZone]] otherwise. If you want to avoid the time zone conversion, make sure that [[timeZone]] and
+ * [[timestampAttributeTimeZone]] are the same.
  *
  * @author Qiang Xue <qiang.xue@gmail.com>
  * @author Carsten Brandt <mail@cebe.cc>

framework/validators/Validator.php

@@ -18,7 +18,7 @@ use yii\base\NotSupportedException;
  * logic of performing data validation. Child classes may also override [[clientValidateAttribute()]]
  * to provide client-side validation support.
  *
- * Validator declares a set of [[builtInValidators|built-in validators] which can
+ * Validator declares a set of [[builtInValidators|built-in validators]] which can
  * be referenced using short names. They are listed as follows:
  *
  * - `boolean`: [[BooleanValidator]]

framework/web/User.php

@@ -11,6 +11,7 @@ use Yii;
 use yii\base\Component;
 use yii\base\InvalidConfigException;
 use yii\base\InvalidValueException;
+use yii\rbac\CheckAccessInterface;
 
 /**
  * User is the class for the "user" application component that manages the user authentication status.
@@ -104,6 +105,12 @@ class User extends Component
      */
     public $authTimeout;
     /**
+     * @var CheckAccessInterface The acess checker to use for checking access.
+     * If not set the application auth manager will be used.
+     * @since 2.0.9
+     */
+    public $accessChecker;
+    /**
      * @var integer the number of seconds in which the user will be logged out automatically
      * regardless of activity.
      * Note that this will not work if [[enableAutoLogin]] is true.
@@ -692,7 +699,7 @@ class User extends Component
      * When this parameter is true (default), if the access check of an operation was performed
      * before, its result will be directly returned when calling this method to check the same
      * operation. If this parameter is false, this method will always call
-     * [[\yii\rbac\ManagerInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
+     * [[\yii\rbac\CheckAcessInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
      * caching is effective only within the same request and only works when `$params = []`.
      * @return boolean whether the user can perform the operation as specified by the given permission.
      */
@@ -701,10 +708,10 @@ class User extends Component
         if ($allowCaching && empty($params) && isset($this->_access[$permissionName])) {
             return $this->_access[$permissionName];
         }
-        if (($manager = $this->getAuthManager()) === null) {
+        if (($accessChecker = $this->getAccessChecker()) === null) {
             return false;
         }
-        $access = $manager->checkAccess($this->getId(), $permissionName, $params);
+        $access = $accessChecker->checkAccess($this->getId(), $permissionName, $params);
         if ($allowCaching && empty($params)) {
             $this->_access[$permissionName] = $access;
         }
@@ -743,9 +750,20 @@ class User extends Component
      * You may override this method to return a different auth manager instance if needed.
      * @return \yii\rbac\ManagerInterface
      * @since 2.0.6
+     * @deprecated Use `getAccessChecker()` instead.
      */
     protected function getAuthManager()
     {
         return Yii::$app->getAuthManager();
     }
+
+    /**
+     * Returns the acess checker used for checking access.
+     * @return CheckAccessInterface
+     * @since 2.0.9
+     */
+    protected function getAccessChecker()
+    {
+        return $this->accessChecker !== null ? $this->accessChecker : $this->getAuthManager();
+    }
 }

tests/framework/helpers/ArrayHelperTest.php

@@ -687,6 +687,17 @@ class ArrayHelperTest extends TestCase
         $this->assertTrue(ArrayHelper::isIn(['a'], new \ArrayObject([['a'], 'b'])));
         $this->assertFalse(ArrayHelper::isIn('a', new \ArrayObject([['a'], 'b'])));
         $this->assertFalse(ArrayHelper::isIn('a', [['a'], 'b']));
+
+    }
+
+    public function testIsInStrict()
+    {
+        // strict comparison
+        $this->assertTrue(ArrayHelper::isIn(1, new \ArrayObject([1, 'a']), true));
+        $this->assertTrue(ArrayHelper::isIn(1, [1, 'a'], true));
+
+        $this->assertFalse(ArrayHelper::isIn('1', new \ArrayObject([1, 'a']), true));
+        $this->assertFalse(ArrayHelper::isIn('1', [1, 'a'], true));
     }
 
     /**

tests/framework/helpers/FileHelperTest.php

@@ -2,7 +2,6 @@
 
 use yii\helpers\FileHelper;
 use yiiunit\TestCase;
-
 /**
  * Unit test for [[yii\helpers\FileHelper]]
  * @see FileHelper
@@ -22,6 +21,18 @@ class FileHelperTest extends TestCase
         if (!file_exists($this->testFilePath)) {
             $this->markTestIncomplete('Unit tests runtime directory should have writable permissions!');
         }
+
+        // Check if chmod works as expected.
+        $dir = $this->testFilePath . DIRECTORY_SEPARATOR . 'test_chmod';
+        mkdir($dir);
+        chmod($dir, 0700);
+        if ($this->getMode($dir) !== "0700") {
+            /**
+             * Chmod returns true but fileperms does not reflect this.
+             * This happens on remote file systems, also has been seen in vagrant mounts.
+             */
+            $this->markTestInComplete('Unit tests runtime directory should be local!');
+        }
     }
 
     public function tearDown()
@@ -113,6 +124,23 @@ class FileHelperTest extends TestCase
 
     // Tests :
 
+    public function testCreateDirectory()
+    {
+        $basePath = $this->testFilePath;
+        $dirName = $basePath . DIRECTORY_SEPARATOR . 'test_dir_level_1' . DIRECTORY_SEPARATOR . 'test_dir_level_2';
+        $this->assertTrue(FileHelper::createDirectory($dirName), 'FileHelper::createDirectory should return true if directory was created!');
+        $this->assertFileExists($dirName, 'Unable to create directory recursively!');
+        $this->assertTrue(FileHelper::createDirectory($dirName), 'FileHelper::createDirectory should return true for already existing directories!');
+
+        $dirName = $basePath . DIRECTORY_SEPARATOR . 'test_dir_perms';
+        $this->assertTrue(FileHelper::createDirectory($dirName, 0700, false));
+        $this->assertFileMode(0700, $dirName);
+
+    }
+
+    /**
+     * @depends testCreateDirectory
+     */
     public function testCopyDirectory()
     {
         $srcDirName = 'test_src_dir';
@@ -567,15 +595,6 @@ class FileHelperTest extends TestCase
         $this->assertCount(2, $foundFiles);
     }
 
-    public function testCreateDirectory()
-    {
-        $basePath = $this->testFilePath;
-        $dirName = $basePath . DIRECTORY_SEPARATOR . 'test_dir_level_1' . DIRECTORY_SEPARATOR . 'test_dir_level_2';
-        $this->assertTrue(FileHelper::createDirectory($dirName), 'FileHelper::createDirectory should return true if directory was created!');
-        $this->assertFileExists($dirName, 'Unable to create directory recursively!');
-        $this->assertTrue(FileHelper::createDirectory($dirName), 'FileHelper::createDirectory should return true for already existing directories!');
-    }
-
     public function testGetMimeTypeByExtension()
     {
         $magicFile = $this->testFilePath . DIRECTORY_SEPARATOR . 'mime_type.php';

tests/framework/web/DbSessionTest.php

@@ -17,6 +17,13 @@ class DbSessionTest extends TestCase
     protected function setUp()
     {
         parent::setUp();
+        /**
+         * @todo Optionally do fallback to some other database, however this might be overkill for tests only since
+         * sqlite is always available on travis.
+         */
+        if (!in_array('sqlite', \PDO::getAvailableDrivers())) {
+            $this->markTestIncomplete('DbSessionTest requires SQLite!');
+        }
         $this->mockApplication();
         Yii::$app->set('db', [
             'class' => Connection::class,