diff --git a/src/Symfony/Bridge/Doctrine/Tests/Security/User/EntityUserProviderTest.php b/src/Symfony/Bridge/Doctrine/Tests/Security/User/EntityUserProviderTest.php index 0b616a588f9c..ace44202b61e 100644 --- a/src/Symfony/Bridge/Doctrine/Tests/Security/User/EntityUserProviderTest.php +++ b/src/Symfony/Bridge/Doctrine/Tests/Security/User/EntityUserProviderTest.php @@ -11,6 +11,7 @@ namespace Symfony\Bridge\Doctrine\Tests\Security\User; +use Doctrine\ORM\EntityRepository; use Doctrine\ORM\Tools\SchemaTool; use PHPUnit\Framework\TestCase; use Symfony\Bridge\Doctrine\Security\User\EntityUserProvider; @@ -172,7 +173,7 @@ public function testLoadUserByUserNameShouldLoadUserWhenProperInterfaceProvided( */ public function testLoadUserByUserNameShouldDeclineInvalidInterface() { - $repository = $this->getMockBuilder('\Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); + $repository = $this->getMockBuilder(EntityRepository::class)->disableOriginalConstructor()->getMock(); $provider = new EntityUserProvider( $this->getManager($this->getObjectManager($repository)), diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md index b2074b70aca9..4b8e97884bb3 100644 --- a/src/Symfony/Component/Security/CHANGELOG.md +++ b/src/Symfony/Component/Security/CHANGELOG.md @@ -4,6 +4,7 @@ CHANGELOG 5.0.0 ----- +* Removed the `AdvancedUserInterface`, use a custom user checker instead. * Removed `Argon2iPasswordEncoder`, use `SodiumPasswordEncoder` instead * Removed `BcryptPasswordEncoder`, use `NativePasswordEncoder` instead * Removed the `has_role()` function from security expressions, use `is_granted()` instead. diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php index b30d13682153..f8a7b97ae261 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php @@ -12,7 +12,6 @@ namespace Symfony\Component\Security\Core\Authentication\Token; use Symfony\Component\Security\Core\Role\Role; -use Symfony\Component\Security\Core\User\AdvancedUserInterface; use Symfony\Component\Security\Core\User\EquatableInterface; use Symfony\Component\Security\Core\User\UserInterface; @@ -321,29 +320,6 @@ private function hasUserChanged(UserInterface $user) return true; } - if ($this->user instanceof AdvancedUserInterface && $user instanceof AdvancedUserInterface) { - @trigger_error(sprintf('Checking for the AdvancedUserInterface in "%s()" is deprecated since Symfony 4.1 and support for it will be removed in 5.0. Implement the %s to check if the user has been changed,', __METHOD__, EquatableInterface::class), E_USER_DEPRECATED); - if ($this->user->isAccountNonExpired() !== $user->isAccountNonExpired()) { - return true; - } - - if ($this->user->isAccountNonLocked() !== $user->isAccountNonLocked()) { - return true; - } - - if ($this->user->isCredentialsNonExpired() !== $user->isCredentialsNonExpired()) { - return true; - } - - if ($this->user->isEnabled() !== $user->isEnabled()) { - return true; - } - } elseif ($this->user instanceof AdvancedUserInterface xor $user instanceof AdvancedUserInterface) { - @trigger_error(sprintf('Checking for the AdvancedUserInterface in "%s()" is deprecated since Symfony 4.1 and support for it will be removed in 5.0. Implement the %s to check if the user has been changed,', __METHOD__, EquatableInterface::class), E_USER_DEPRECATED); - - return true; - } - return false; } } diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php index c8b5fed8d77f..ba718689eae2 100644 --- a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php +++ b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php @@ -192,47 +192,6 @@ public function getUserChanges() ]; } - /** - * @group legacy - * - * @dataProvider getUserChangesAdvancedUser - */ - public function testSetUserSetsAuthenticatedToFalseWhenUserChangesAdvancedUser($firstUser, $secondUser) - { - $token = new ConcreteToken(); - $token->setAuthenticated(true); - $this->assertTrue($token->isAuthenticated()); - - $token->setUser($firstUser); - $this->assertTrue($token->isAuthenticated()); - - $token->setUser($secondUser); - $this->assertFalse($token->isAuthenticated()); - } - - public function getUserChangesAdvancedUser() - { - $user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(); - $advancedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - - return [ - ['foo', 'bar'], - ['foo', new TestUser('bar')], - ['foo', $user], - ['foo', $advancedUser], - [$user, 'foo'], - [$advancedUser, 'foo'], - [$user, new TestUser('foo')], - [$advancedUser, new TestUser('foo')], - [new TestUser('foo'), new TestUser('bar')], - [new TestUser('foo'), 'bar'], - [new TestUser('foo'), $user], - [new TestUser('foo'), $advancedUser], - [$user, $advancedUser], - [$advancedUser, $user], - ]; - } - /** * @dataProvider getUsers */ diff --git a/src/Symfony/Component/Security/Core/Tests/User/UserCheckerTest.php b/src/Symfony/Component/Security/Core/Tests/User/UserCheckerTest.php index a1f62aa5db90..b7eeaea0dbea 100644 --- a/src/Symfony/Component/Security/Core/Tests/User/UserCheckerTest.php +++ b/src/Symfony/Component/Security/Core/Tests/User/UserCheckerTest.php @@ -30,20 +30,6 @@ public function testCheckPostAuthPass() $this->assertNull($checker->checkPostAuth(new User('John', 'password'))); } - /** - * @group legacy - * @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPostAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality. - */ - public function testCheckPostAuthPassAdvancedUser() - { - $checker = new UserChecker(); - - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - $account->expects($this->once())->method('isCredentialsNonExpired')->willReturn(true); - - $this->assertNull($checker->checkPostAuth($account)); - } - /** * @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException */ @@ -53,37 +39,6 @@ public function testCheckPostAuthCredentialsExpired() $checker->checkPostAuth(new User('John', 'password', [], true, true, false, true)); } - /** - * @group legacy - * @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPostAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality. - * @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException - */ - public function testCheckPostAuthCredentialsExpiredAdvancedUser() - { - $checker = new UserChecker(); - - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - $account->expects($this->once())->method('isCredentialsNonExpired')->willReturn(false); - - $checker->checkPostAuth($account); - } - - /** - * @group legacy - * @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality. - */ - public function testCheckPreAuthPassAdvancedUser() - { - $checker = new UserChecker(); - - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - $account->expects($this->once())->method('isAccountNonLocked')->willReturn(true); - $account->expects($this->once())->method('isEnabled')->willReturn(true); - $account->expects($this->once())->method('isAccountNonExpired')->willReturn(true); - - $this->assertNull($checker->checkPreAuth($account)); - } - /** * @expectedException \Symfony\Component\Security\Core\Exception\LockedException */ @@ -93,21 +48,6 @@ public function testCheckPreAuthAccountLocked() $checker->checkPreAuth(new User('John', 'password', [], true, true, false, false)); } - /** - * @group legacy - * @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality. - * @expectedException \Symfony\Component\Security\Core\Exception\LockedException - */ - public function testCheckPreAuthAccountLockedAdvancedUser() - { - $checker = new UserChecker(); - - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - $account->expects($this->once())->method('isAccountNonLocked')->willReturn(false); - - $checker->checkPreAuth($account); - } - /** * @expectedException \Symfony\Component\Security\Core\Exception\DisabledException */ @@ -117,22 +57,6 @@ public function testCheckPreAuthDisabled() $checker->checkPreAuth(new User('John', 'password', [], false, true, false, true)); } - /** - * @group legacy - * @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality. - * @expectedException \Symfony\Component\Security\Core\Exception\DisabledException - */ - public function testCheckPreAuthDisabledAdvancedUser() - { - $checker = new UserChecker(); - - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - $account->expects($this->once())->method('isAccountNonLocked')->willReturn(true); - $account->expects($this->once())->method('isEnabled')->willReturn(false); - - $checker->checkPreAuth($account); - } - /** * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException */ @@ -141,21 +65,4 @@ public function testCheckPreAuthAccountExpired() $checker = new UserChecker(); $checker->checkPreAuth(new User('John', 'password', [], true, false, true, true)); } - - /** - * @group legacy - * @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality. - * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException - */ - public function testCheckPreAuthAccountExpiredAdvancedUser() - { - $checker = new UserChecker(); - - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock(); - $account->expects($this->once())->method('isAccountNonLocked')->willReturn(true); - $account->expects($this->once())->method('isEnabled')->willReturn(true); - $account->expects($this->once())->method('isAccountNonExpired')->willReturn(false); - - $checker->checkPreAuth($account); - } } diff --git a/src/Symfony/Component/Security/Core/User/AdvancedUserInterface.php b/src/Symfony/Component/Security/Core/User/AdvancedUserInterface.php deleted file mode 100644 index 66d5a22416ec..000000000000 --- a/src/Symfony/Component/Security/Core/User/AdvancedUserInterface.php +++ /dev/null @@ -1,88 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Core\User; - -use Symfony\Component\Security\Core\Exception\AccountExpiredException; -use Symfony\Component\Security\Core\Exception\AccountStatusException; -use Symfony\Component\Security\Core\Exception\CredentialsExpiredException; -use Symfony\Component\Security\Core\Exception\DisabledException; -use Symfony\Component\Security\Core\Exception\LockedException; - -/** - * Adds extra features to a user class related to account status flags. - * - * This interface can be implemented in place of UserInterface if you'd like - * the authentication system to consider different account status flags - * during authentication. If any of the methods in this interface return - * false, authentication will fail. - * - * If you need to perform custom logic for any of these situations, then - * you will need to register an exception listener and watch for the specific - * exception instances thrown in each case. All exceptions are a subclass - * of AccountStatusException - * - * @see UserInterface - * @see AccountStatusException - * @deprecated since Symfony 4.1 - * - * @author Fabien Potencier - */ -interface AdvancedUserInterface extends UserInterface -{ - /** - * Checks whether the user's account has expired. - * - * Internally, if this method returns false, the authentication system - * will throw an AccountExpiredException and prevent login. - * - * @return bool true if the user's account is non expired, false otherwise - * - * @see AccountExpiredException - */ - public function isAccountNonExpired(); - - /** - * Checks whether the user is locked. - * - * Internally, if this method returns false, the authentication system - * will throw a LockedException and prevent login. - * - * @return bool true if the user is not locked, false otherwise - * - * @see LockedException - */ - public function isAccountNonLocked(); - - /** - * Checks whether the user's credentials (password) has expired. - * - * Internally, if this method returns false, the authentication system - * will throw a CredentialsExpiredException and prevent login. - * - * @return bool true if the user's credentials are non expired, false otherwise - * - * @see CredentialsExpiredException - */ - public function isCredentialsNonExpired(); - - /** - * Checks whether the user is enabled. - * - * Internally, if this method returns false, the authentication system - * will throw a DisabledException and prevent login. - * - * @return bool true if the user is enabled, false otherwise - * - * @see DisabledException - */ - public function isEnabled(); -} diff --git a/src/Symfony/Component/Security/Core/User/User.php b/src/Symfony/Component/Security/Core/User/User.php index 18faeb7af040..dca5c4fe2bbc 100644 --- a/src/Symfony/Component/Security/Core/User/User.php +++ b/src/Symfony/Component/Security/Core/User/User.php @@ -18,7 +18,7 @@ * * @author Fabien Potencier */ -final class User implements UserInterface, EquatableInterface, AdvancedUserInterface +final class User implements UserInterface, EquatableInterface { private $username; private $password; diff --git a/src/Symfony/Component/Security/Core/User/UserChecker.php b/src/Symfony/Component/Security/Core/User/UserChecker.php index e715f06c1498..810ab21c0b40 100644 --- a/src/Symfony/Component/Security/Core/User/UserChecker.php +++ b/src/Symfony/Component/Security/Core/User/UserChecker.php @@ -28,14 +28,10 @@ class UserChecker implements UserCheckerInterface */ public function checkPreAuth(UserInterface $user) { - if (!$user instanceof AdvancedUserInterface && !$user instanceof User) { + if (!$user instanceof User) { return; } - if ($user instanceof AdvancedUserInterface && !$user instanceof User) { - @trigger_error(sprintf('Calling "%s()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.', __METHOD__), E_USER_DEPRECATED); - } - if (!$user->isAccountNonLocked()) { $ex = new LockedException('User account is locked.'); $ex->setUser($user); @@ -60,14 +56,10 @@ public function checkPreAuth(UserInterface $user) */ public function checkPostAuth(UserInterface $user) { - if (!$user instanceof AdvancedUserInterface && !$user instanceof User) { + if (!$user instanceof User) { return; } - if ($user instanceof AdvancedUserInterface && !$user instanceof User) { - @trigger_error(sprintf('Calling "%s()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.', __METHOD__), E_USER_DEPRECATED); - } - if (!$user->isCredentialsNonExpired()) { $ex = new CredentialsExpiredException('User credentials have expired.'); $ex->setUser($user);