N°8771 - Add Symfony form component to iTop core (#760)

- Add Symfony Form Component
- Add Symfony CSRF security component
- Add iTop default form template
- Add Twig debug extension to Twig Environment
- Add iTop abstract controller facility to get form builder
- Add Twig filter to make trans an alias of dict_s filter

lib/symfony/security-core/Validator/Constraints/UserPassword.php

@@ -0,0 +1,44 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Validator\Constraints;
+
+use Symfony\Component\Validator\Constraint;
+
+/**
+ * @Annotation
+ * @Target({"PROPERTY", "METHOD", "ANNOTATION"})
+ */
+#[\Attribute(\Attribute::TARGET_PROPERTY | \Attribute::TARGET_METHOD | \Attribute::IS_REPEATABLE)]
+class UserPassword extends Constraint
+{
+    public const INVALID_PASSWORD_ERROR = '2d2a8bb4-ddc8-45e4-9b0f-8670d3a3e290';
+
+    protected const ERROR_NAMES = [
+        self::INVALID_PASSWORD_ERROR => 'INVALID_PASSWORD_ERROR',
+    ];
+
+    public $message = 'This value should be the user\'s current password.';
+    public $service = 'security.validator.user_password';
+
+    public function __construct(?array $options = null, ?string $message = null, ?string $service = null, ?array $groups = null, mixed $payload = null)
+    {
+        parent::__construct($options, $groups, $payload);
+
+        $this->message = $message ?? $this->message;
+        $this->service = $service ?? $this->service;
+    }
+
+    public function validatedBy(): string
+    {
+        return $this->service;
+    }
+}

lib/symfony/security-core/Validator/Constraints/UserPasswordValidator.php

@@ -0,0 +1,69 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Validator\Constraints;
+
+use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\User\LegacyPasswordAuthenticatedUserInterface;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+use Symfony\Component\Validator\Constraint;
+use Symfony\Component\Validator\ConstraintValidator;
+use Symfony\Component\Validator\Exception\ConstraintDefinitionException;
+use Symfony\Component\Validator\Exception\UnexpectedTypeException;
+
+class UserPasswordValidator extends ConstraintValidator
+{
+    private TokenStorageInterface $tokenStorage;
+    private PasswordHasherFactoryInterface $hasherFactory;
+
+    public function __construct(TokenStorageInterface $tokenStorage, PasswordHasherFactoryInterface $hasherFactory)
+    {
+        $this->tokenStorage = $tokenStorage;
+        $this->hasherFactory = $hasherFactory;
+    }
+
+    /**
+     * @return void
+     */
+    public function validate(mixed $password, Constraint $constraint)
+    {
+        if (!$constraint instanceof UserPassword) {
+            throw new UnexpectedTypeException($constraint, UserPassword::class);
+        }
+
+        if (null === $password || '' === $password) {
+            $this->context->buildViolation($constraint->message)
+                ->setCode(UserPassword::INVALID_PASSWORD_ERROR)
+                ->addViolation();
+
+            return;
+        }
+
+        if (!\is_string($password)) {
+            throw new UnexpectedTypeException($password, 'string');
+        }
+
+        $user = $this->tokenStorage->getToken()->getUser();
+
+        if (!$user instanceof PasswordAuthenticatedUserInterface) {
+            throw new ConstraintDefinitionException(\sprintf('The "%s" class must implement the "%s" interface.', get_debug_type($user), PasswordAuthenticatedUserInterface::class));
+        }
+
+        $hasher = $this->hasherFactory->getPasswordHasher($user);
+
+        if (null === $user->getPassword() || !$hasher->verify($user->getPassword(), $password, $user instanceof LegacyPasswordAuthenticatedUserInterface ? $user->getSalt() : null)) {
+            $this->context->buildViolation($constraint->message)
+                ->setCode(UserPassword::INVALID_PASSWORD_ERROR)
+                ->addViolation();
+        }
+    }
+}