added the Security Component and its integration into the MVC framework

Happy birthday symfony!
fabpot · Oct 19, 2010 · f216f31 · blue-eyes · Oct 22, 2010 · fabpot
1 parent 0fc6b15
commit f216f31
Show file tree

Hide file tree

Showing 110 changed files with 6,308 additions and 1 deletion.
diff --git a/src/Symfony/Bundle/DoctrineBundle/Resources/config/orm.xml b/src/Symfony/Bundle/DoctrineBundle/Resources/config/orm.xml
@@ -38,6 +38,9 @@
         <parameter key="doctrine.orm.xml_mapping_dirs">%doctrine.orm.metadata_driver.mapping_dirs%</parameter>
         <parameter key="doctrine.orm.yml_mapping_dirs">%doctrine.orm.metadata_driver.mapping_dirs%</parameter>
         <parameter key="doctrine.orm.metadata_driver.entity_dirs" type="collection"></parameter>
+
+        <!-- security/user -->
+        <parameter key="security.user.provider.entity.class">Symfony\Bundle\DoctrineBundle\Security\EntityUserProvider</parameter>
     </parameters>
 
     <services>
@@ -63,5 +66,7 @@
         <service id="doctrine.orm.metadata_driver.yml" class="%doctrine.orm.metadata.yml_class%">
             <argument>%doctrine.orm.metadata_driver.mapping_dirs%</argument>
         </service>
+
+        <service id="security.user.entity_manager" alias="doctrine.orm.default_entity_manager" />
     </services>
-</container>
+</container>
diff --git a/src/Symfony/Bundle/DoctrineBundle/Security/EntityUserProvider.php b/src/Symfony/Bundle/DoctrineBundle/Security/EntityUserProvider.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace Symfony\Bundle\DoctrineBundle\Security;
+
+use Doctrine\ORM\EntityRepository;
+use Symfony\Component\Security\User\UserProviderInterface;
+use Symfony\Component\Security\Exception\UsernameNotFoundException;
+
+class EntityUserProvider implements UserProviderInterface
+{
+    protected $repository;
+    protected $property;
+
+    public function __construct($em, $class, $property = null)
+    {
+        $this->repository = $em->getRepository($class);
+        $this->property = $property;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function loadUserByUsername($username)
+    {
+        if (null !== $this->property) {
+            $user = $this->repository->findOneBy(array($this->property => $username));
+        } else {
+            if (!$this->repository instanceof UserProviderInterface) {
+                throw new \InvalidArgumentException('The Doctrine user manager must implement UserManagerInterface.');
+            }
+
+            $user = $this->repository->loadUserByUsername($username);
+        }
+
+        if (null === $user) {
+            throw new UsernameNotFoundException(sprintf('User "%s" not found.', $username));
+        }
+
+        return $user;
+    }
+}
diff --git a/src/Symfony/Bundle/FrameworkBundle/Controller/ExceptionController.php b/src/Symfony/Bundle/FrameworkBundle/Controller/ExceptionController.php
@@ -42,6 +42,10 @@ public function exceptionAction(FlattenException $exception, DebugLoggerInterfac
             $currentContent .= $content;
         }
 
+        if ('Symfony\Component\Security\Exception\AccessDeniedException' === $exception->getClass()) {
+            $exception->setStatusCode($exception->getCode());
+        }
+
         $response = $this->container->get('templating')->renderResponse(
             'FrameworkBundle:Exception:'.($this->container->get('kernel')->isDebug() ? 'exception.php' : 'error.php'),
             array(
@@ -51,6 +55,7 @@ public function exceptionAction(FlattenException $exception, DebugLoggerInterfac
                 'embedded'       => $embedded,
             )
         );
+
         $response->setStatusCode($exception->getStatusCode());
 
         return $response;

diff --git a/src/Symfony/Bundle/FrameworkBundle/Controller/SecurityController.php b/src/Symfony/Bundle/FrameworkBundle/Controller/SecurityController.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace Symfony\Bundle\FrameworkBundle\Controller;
+
+use Symfony\Component\DependencyInjection\ContainerAware;
+use Symfony\Component\Security\SecurityContext;
+
+/*
+ * This file is part of the Symfony framework.
+ *
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * This source file is subject to the MIT license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+/**
+ * SecurityController.
+ *
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ */
+class SecurityController extends ContainerAware
+{
+    /**
+     * Displays the login form.
+     *
+     * @return Response A Response instance
+     */
+    public function loginAction()
+    {
+        $request = $this->container->get('request');
+        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
+            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+        } else {
+            $error = $request->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
+        }
+
+        return $this->container->get('templating')->renderResponse('FrameworkBundle:Security:login.php', array(
+            'last_username' => $request->getSession()->get(SecurityContext::LAST_USERNAME),
+            'error'         => $error,
+        ));
+    }
+}
diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -9,6 +9,7 @@
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Component\DependencyInjection\Definition;
 use Symfony\Component\Finder\Finder;
+use Symfony\Component\HttpFoundation\RequestMatcher;
 
 /*
  * This file is part of the Symfony framework.
@@ -92,6 +93,11 @@ public function configLoad($config, ContainerBuilder $container)
             $this->registerTemplatingConfiguration($config, $container);
         }
 
+        if (isset($config['security'])) {
+            $security = new SecurityLoader();
+            $security->registerSecurityConfiguration($config, $container);
+        }
+
         if (array_key_exists('test', $config)) {
             $this->registerTestConfiguration($config, $container);
         }