diff --git a/src/Security/SecurityConfigUpdater.php b/src/Security/SecurityConfigUpdater.php index 0ec1b38a5..f495f285b 100644 --- a/src/Security/SecurityConfigUpdater.php +++ b/src/Security/SecurityConfigUpdater.php @@ -103,12 +103,7 @@ private function normalizeSecurityYamlFile() private function updateProviders(UserClassConfiguration $userConfig, string $userClass) { - if ($this->isSingleInMemoryProviderConfigured()) { - // empty the providers if the generic "in_memory" is the only one - $newData = $this->manipulator->getData(); - $newData['security']['providers'] = []; - $this->manipulator->setData($newData); - } + $this->removeMemoryProviderIfIsSingleConfigured(); $newData = $this->manipulator->getData(); $newData['security']['providers']['__'] = $this->manipulator->createCommentLine( @@ -149,6 +144,27 @@ private function updateEncoders(UserClassConfiguration $userConfig, string $user $this->manipulator->setData($newData); } + private function removeMemoryProviderIfIsSingleConfigured() + { + if (!$this->isSingleInMemoryProviderConfigured()) { + return; + } + + $newData = $this->manipulator->getData(); + + $memoryProviderName = array_keys($newData['security']['providers'])[0]; + + $newData['security']['providers'] = []; + + foreach ($newData['security']['firewalls'] as &$firewall) { + if (($firewall['provider'] ?? null) === $memoryProviderName) { + $firewall['provider'] = 'app_user_provider'; + } + } + + $this->manipulator->setData($newData); + } + private function isSingleInMemoryProviderConfigured(): bool { if (!isset($this->manipulator->getData()['security']['providers'])) { diff --git a/tests/Security/SecurityConfigUpdaterTest.php b/tests/Security/SecurityConfigUpdaterTest.php index 796d581df..a212ce3a5 100644 --- a/tests/Security/SecurityConfigUpdaterTest.php +++ b/tests/Security/SecurityConfigUpdaterTest.php @@ -72,6 +72,12 @@ public function getUserClassTests() 'empty_source_model_email_with_password.yaml', 'empty_security.yaml', ]; + + yield 'simple_security_with_single_memory_provider_configured' => [ + new UserClassConfiguration(true, 'email', true), + 'simple_security_with_single_memory_provider_configured.yaml', + 'simple_security_with_single_memory_provider_configured.yaml', + ]; } /** diff --git a/tests/Security/yaml_fixtures/expected_user_class/simple_security_with_single_memory_provider_configured.yaml b/tests/Security/yaml_fixtures/expected_user_class/simple_security_with_single_memory_provider_configured.yaml new file mode 100644 index 000000000..f9d927a67 --- /dev/null +++ b/tests/Security/yaml_fixtures/expected_user_class/simple_security_with_single_memory_provider_configured.yaml @@ -0,0 +1,18 @@ +security: + encoders: + App\Entity\User: + algorithm: {BCRYPT_OR_AUTO} + + # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers + providers: + # used to reload user from session & other features (e.g. switch_user) + app_user_provider: + entity: + class: App\Entity\User + property: email + + firewalls: + dev: ~ + main: + anonymous: true + provider: app_user_provider diff --git a/tests/Security/yaml_fixtures/source/simple_security_with_single_memory_provider_configured.yaml b/tests/Security/yaml_fixtures/source/simple_security_with_single_memory_provider_configured.yaml new file mode 100644 index 000000000..a99edf3d1 --- /dev/null +++ b/tests/Security/yaml_fixtures/source/simple_security_with_single_memory_provider_configured.yaml @@ -0,0 +1,10 @@ +security: + # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers + providers: + in_memory: { memory: ~ } + + firewalls: + dev: ~ + main: + anonymous: true + provider: in_memory