bug symfony#58943 [FrameworkBundle] Revert " Don't auto-register form/csrf when the corresponding components are not installed" (nicolas-grekas)

This PR was merged into the 7.2 branch.

Discussion
----------

[FrameworkBundle] Revert " Don't auto-register form/csrf when the corresponding components are not installed"

| Q             | A
| ------------- | ---
| Branch?       | 7.2
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Issues        | -
| License       | MIT

As discussed in symfony#58937 (comment)

This still keeps https://github.com/symfony/symfony/pull/58937/files#diff-041b166c698c254a3f61cfc6390785d4f5097794b77a4b2f3f888996729cbce4R214 to make symfony/recipes#1361 work out of the box.

Commits
-------

05149ae Revert "bug symfony#58937 [FrameworkBundle] Don't auto-register form/csrf when the corresponding components are not installed (nicolas-grekas)"

Author: nicolas-grekas

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php

@@ -237,12 +237,8 @@ private function addFormSection(ArrayNodeDefinition $rootNode, callable $enableI
             ->children()
                 ->arrayNode('form')
                     ->info('Form configuration')
-                    ->treatFalseLike(['enabled' => false])
-                    ->treatTrueLike(['enabled' => true])
-                    ->treatNullLike(['enabled' => true])
-                    ->addDefaultsIfNotSet()
+                    ->{$enableIfStandalone('symfony/form', Form::class)}()
                     ->children()
-                        ->scalarNode('enabled')->defaultNull()->end() // defaults to !class_exists(FullStack::class) && class_exists(Form::class)
                         ->arrayNode('csrf_protection')
                             ->treatFalseLike(['enabled' => false])
                             ->treatTrueLike(['enabled' => true])

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php

@@ -278,19 +278,6 @@ public function load(array $configs, ContainerBuilder $container): void
         $this->readConfigEnabled('profiler', $container, $config['profiler']);
         $this->readConfigEnabled('workflows', $container, $config['workflows']);
 
-        // csrf depends on session or stateless token ids being registered
-        if (null === $config['csrf_protection']['enabled']) {
-            $this->writeConfigEnabled('csrf_protection', ($config['csrf_protection']['stateless_token_ids'] || $this->readConfigEnabled('session', $container, $config['session'])) && !class_exists(FullStack::class) && ContainerBuilder::willBeAvailable('symfony/security-csrf', CsrfTokenManagerInterface::class, ['symfony/framework-bundle']), $config['csrf_protection']);
-        }
-
-        if (null === $config['form']['enabled']) {
-            $this->writeConfigEnabled('form', !class_exists(FullStack::class) && ContainerBuilder::willBeAvailable('symfony/form', Form::class, ['symfony/framework-bundle']), $config['form']);
-        }
-
-        if (null === $config['form']['csrf_protection']['enabled']) {
-            $this->writeConfigEnabled('form.csrf_protection', $config['csrf_protection']['enabled'], $config['form']['csrf_protection']);
-        }
-
         // A translator must always be registered (as support is included by
         // default in the Form and Validator component). If disabled, an identity
         // translator will be used and everything will still work as expected.
@@ -479,6 +466,10 @@ public function load(array $configs, ContainerBuilder $container): void
             $container->removeDefinition('test.session.listener');
         }
 
+        // csrf depends on session or stateless token ids being registered
+        if (null === $config['csrf_protection']['enabled']) {
+            $this->writeConfigEnabled('csrf_protection', ($config['csrf_protection']['stateless_token_ids'] || $this->readConfigEnabled('session', $container, $config['session'])) && !class_exists(FullStack::class) && ContainerBuilder::willBeAvailable('symfony/security-csrf', CsrfTokenManagerInterface::class, ['symfony/framework-bundle']), $config['csrf_protection']);
+        }
         $this->registerSecurityCsrfConfiguration($config['csrf_protection'], $container, $loader);
 
         // form depends on csrf being registered
@@ -763,6 +754,10 @@ private function registerFormConfiguration(array $config, ContainerBuilder $cont
     {
         $loader->load('form.php');
 
+        if (null === $config['form']['csrf_protection']['enabled']) {
+            $this->writeConfigEnabled('form.csrf_protection', $config['csrf_protection']['enabled'], $config['form']['csrf_protection']);
+        }
+
         if ($this->readConfigEnabled('form.csrf_protection', $container, $config['form']['csrf_protection'])) {
             if (!$container->hasDefinition('security.csrf.token_generator')) {
                 throw new \LogicException('To use form CSRF protection, "framework.csrf_protection" must be enabled.');

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/form_csrf_disabled.php

@@ -4,7 +4,6 @@
     'annotations' => false,
     'csrf_protection' => false,
     'form' => [
-        'enabled' => true,
         'csrf_protection' => true,
     ],
     'http_method_override' => false,

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/form_no_csrf.php

@@ -6,7 +6,6 @@
     'handle_all_throwables' => true,
     'php_errors' => ['log' => true],
     'form' => [
-        'enabled' => true,
         'csrf_protection' => [
             'enabled' => false,
         ],

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php

@@ -6,7 +6,6 @@
     'enabled_locales' => ['fr', 'en'],
     'csrf_protection' => true,
     'form' => [
-        'enabled' => true,
         'csrf_protection' => [
             'field_name' => '_csrf',
         ],

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/form_csrf_disabled.xml

@@ -12,7 +12,7 @@
         <framework:annotations enabled="false"/>
         <framework:php-errors log="true" />
         <framework:csrf-protection enabled="false"/>
-        <framework:form enabled="true">
+        <framework:form>
             <framework:csrf-protection enabled="true"/>
         </framework:form>
     </framework:config>

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/form_no_csrf.xml

@@ -9,7 +9,7 @@
     <framework:config http-method-override="false" handle-all-throwables="true">
         <framework:annotations enabled="false" />
         <framework:php-errors log="true" />
-        <framework:form enabled="true">
+        <framework:form>
             <framework:csrf-protection enabled="false" />
         </framework:form>
     </framework:config>

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml

@@ -10,7 +10,7 @@
         <framework:enabled-locale>fr</framework:enabled-locale>
         <framework:enabled-locale>en</framework:enabled-locale>
         <framework:csrf-protection />
-        <framework:form enabled="true">
+        <framework:form>
             <framework:csrf-protection field-name="_csrf"/>
         </framework:form>
         <framework:esi enabled="true" />

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/form_csrf_disabled.yml

@@ -2,7 +2,6 @@ framework:
     annotations: false
     csrf_protection: false
     form:
-        enabled: true
         csrf_protection: true
     http_method_override: false
     handle_all_throwables: true

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/form_no_csrf.yml

@@ -5,6 +5,5 @@ framework:
     php_errors:
         log: true
     form:
-        enabled: true
         csrf_protection:
             enabled: false