Skip to content

Commit

Permalink
Merge branch '2.8'
Browse files Browse the repository at this point in the history 
* 2.8:
  Updated the stlyes of the YAML commands
  [Security] Configuring a user checker per firewall
  [PropertyInfo] Test behavior when an extractor return null.
  • Loading branch information
@fabpot
fabpot committed Oct 2, 2015
2 parents ad29a3f + 194ad4c commit 6b462b2
Show file tree
Hide file tree
Showing 19 changed files with 106 additions and 19 deletions.
5 changes: 5 additions & 0 deletions DependencyInjection/MainConfiguration.php
View file
Expand Up @@ -216,6 +216,11 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
->prototype('scalar')->end()
->end()
->booleanNode('security')->defaultTrue()->end()
->scalarNode('user_checker')
->defaultValue('security.user_checker')
->treatNullLike('security.user_checker')
->info('The UserChecker to use when authenticating users in this firewall.')
->end()
->scalarNode('request_matcher')->end()
->scalarNode('access_denied_url')->end()
->scalarNode('access_denied_handler')->end()
Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/FormLoginFactory.php
View file
Expand Up @@ -65,6 +65,7 @@ protected function createAuthProvider(ContainerBuilder $container, $id, $config,
$container
->setDefinition($provider, new DefinitionDecorator('security.authentication.provider.dao'))
->replaceArgument(0, new Reference($userProviderId))
->replaceArgument(1, new Reference('security.user_checker.'.$id))
->replaceArgument(2, $id)
;

Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/FormLoginLdapFactory.php
View file
Expand Up @@ -30,6 +30,7 @@ protected function createAuthProvider(ContainerBuilder $container, $id, $config,
$container
->setDefinition($provider, new DefinitionDecorator('security.authentication.provider.ldap_bind'))
->replaceArgument(0, new Reference($userProviderId))
->replaceArgument(1, new Reference('security.user_checker.'.$id))
->replaceArgument(2, $id)
->replaceArgument(3, new Reference($config['service']))
->replaceArgument(4, $config['dn_string'])
Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/GuardAuthenticationFactory.php
View file
Expand Up @@ -69,6 +69,7 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
->replaceArgument(0, $authenticatorReferences)
->replaceArgument(1, new Reference($userProvider))
->replaceArgument(2, $id)
->replaceArgument(3, new Reference('security.user_checker.'.$id))
;

// listener
Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/HttpBasicFactory.php
View file
Expand Up @@ -29,6 +29,7 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
$container
->setDefinition($provider, new DefinitionDecorator('security.authentication.provider.dao'))
->replaceArgument(0, new Reference($userProvider))
->replaceArgument(1, new Reference('security.user_checker.'.$id))
->replaceArgument(2, $id)
;

Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/HttpBasicLdapFactory.php
View file
Expand Up @@ -31,6 +31,7 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
$container
->setDefinition($provider, new DefinitionDecorator('security.authentication.provider.ldap_bind'))
->replaceArgument(0, new Reference($userProvider))
->replaceArgument(1, new Reference('security.user_checker.'.$id))
->replaceArgument(2, $id)
->replaceArgument(3, new Reference($config['service']))
->replaceArgument(4, $config['dn_string'])
Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/RememberMeFactory.php
View file
Expand Up @@ -35,6 +35,7 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
$authProviderId = 'security.authentication.provider.rememberme.'.$id;
$container
->setDefinition($authProviderId, new DefinitionDecorator('security.authentication.provider.rememberme'))
->replaceArgument(0, new Reference('security.user_checker.'.$id))
->addArgument($config['secret'])
->addArgument($id)
;
Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/RemoteUserFactory.php
View file
Expand Up @@ -30,6 +30,7 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
$container
->setDefinition($providerId, new DefinitionDecorator('security.authentication.provider.pre_authenticated'))
->replaceArgument(0, new Reference($userProvider))
->replaceArgument(1, new Reference('security.user_checker.'.$id))
->addArgument($id)
;

Expand Down
1 change: 1 addition & 0 deletions DependencyInjection/Security/Factory/X509Factory.php
View file
Expand Up @@ -29,6 +29,7 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
$container
->setDefinition($providerId, new DefinitionDecorator('security.authentication.provider.pre_authenticated'))
->replaceArgument(0, new Reference($userProvider))
->replaceArgument(1, new Reference('security.user_checker.'.$id))
->addArgument($id)
;

Expand Down
24 changes: 14 additions & 10 deletions DependencyInjection/SecurityExtension.php
View file
Expand Up @@ -14,6 +14,7 @@
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface;
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\UserProvider\UserProviderFactoryInterface;
use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException;
use Symfony\Component\DependencyInjection\Definition;
use Symfony\Component\DependencyInjection\DefinitionDecorator;
use Symfony\Component\DependencyInjection\Alias;
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
Expand Down Expand Up @@ -100,16 +101,16 @@ public function load(array $configs, ContainerBuilder $container)

// add some required classes for compilation
$this->addClassesToCompile(array(
'Symfony\\Component\\Security\\Http\\Firewall',
'Symfony\\Component\\Security\\Core\\User\\UserProviderInterface',
'Symfony\\Component\\Security\\Core\\Authentication\\AuthenticationProviderManager',
'Symfony\\Component\\Security\\Core\\Authentication\\Token\\Storage\\TokenStorage',
'Symfony\\Component\\Security\\Core\\Authorization\\AccessDecisionManager',
'Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationChecker',
'Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface',
'Symfony\\Bundle\\SecurityBundle\\Security\\FirewallMap',
'Symfony\\Bundle\\SecurityBundle\\Security\\FirewallContext',
'Symfony\\Component\\HttpFoundation\\RequestMatcher',
'Symfony\Component\Security\Http\Firewall',
'Symfony\Component\Security\Core\User\UserProviderInterface',
'Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager',
'Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage',
'Symfony\Component\Security\Core\Authorization\AccessDecisionManager',
'Symfony\Component\Security\Core\Authorization\AuthorizationChecker',
'Symfony\Component\Security\Core\Authorization\Voter\VoterInterface',
'Symfony\Bundle\SecurityBundle\Security\FirewallMap',
'Symfony\Bundle\SecurityBundle\Security\FirewallContext',
'Symfony\Component\HttpFoundation\RequestMatcher',
));
}

Expand Down Expand Up @@ -369,6 +370,8 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a
// Exception listener
$exceptionListener = new Reference($this->createExceptionListener($container, $firewall, $id, $configuredEntryPoint ?: $defaultEntryPoint, $firewall['stateless']));

$container->setAlias(new Alias('security.user_checker.'.$id, false), $firewall['user_checker']);

return array($matcher, $listeners, $exceptionListener);
}

Expand Down Expand Up @@ -577,6 +580,7 @@ private function createSwitchUserListener($container, $id, $config, $defaultProv
$switchUserListenerId = 'security.authentication.switchuser_listener.'.$id;
$listener = $container->setDefinition($switchUserListenerId, new DefinitionDecorator('security.authentication.switchuser_listener'));
$listener->replaceArgument(1, new Reference($userProvider));
$listener->replaceArgument(2, new Reference('security.user_checker.'.$id));
$listener->replaceArgument(3, $id);
$listener->replaceArgument(6, $config['parameter']);
$listener->replaceArgument(7, $config['role']);
Expand Down
2 changes: 1 addition & 1 deletion Resources/config/guard.xml
View file
Expand Up @@ -21,7 +21,7 @@
<argument /> <!-- Simple Authenticator -->
<argument /> <!-- User Provider -->
<argument /> <!-- Provider-shared Key -->
<argument type="service" id="security.user_checker" />
<argument /> <!-- User Checker -->
</service>

<service id="security.authentication.listener.guard"
Expand Down
8 changes: 4 additions & 4 deletions Resources/config/security_listeners.xml
View file
Expand Up @@ -172,15 +172,15 @@

<service id="security.authentication.provider.dao" class="Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider" abstract="true" public="false">
<argument /> <!-- User Provider -->
<argument type="service" id="security.user_checker" />
<argument /> <!-- User Checker -->
<argument /> <!-- Provider-shared Key -->
<argument type="service" id="security.encoder_factory" />
<argument>%security.authentication.hide_user_not_found%</argument>
</service>

<service id="security.authentication.provider.ldap_bind" class="Symfony\Component\Security\Core\Authentication\Provider\LdapBindAuthenticationProvider" public="false" abstract="true">
<argument /> <!-- User Provider -->
<argument type="service" id="security.user_checker" />
<argument /> <!-- UserChecker -->
<argument /> <!-- Provider-shared Key -->
<argument /> <!-- LDAP -->
<argument /> <!-- Base DN -->
Expand All @@ -195,7 +195,7 @@

<service id="security.authentication.provider.pre_authenticated" class="Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider" abstract="true" public="false">
<argument /> <!-- User Provider -->
<argument type="service" id="security.user_checker" />
<argument /> <!-- User Checker -->
</service>

<service id="security.exception_listener" class="Symfony\Component\Security\Http\Firewall\ExceptionListener" public="false" abstract="true">
Expand All @@ -215,7 +215,7 @@
<tag name="monolog.logger" channel="security" />
<argument type="service" id="security.token_storage" />
<argument /> <!-- User Provider -->
<argument type="service" id="security.user_checker" />
<argument /> <!-- User Checker -->
<argument /> <!-- Provider Key -->
<argument type="service" id="security.access.decision_manager" />
<argument type="service" id="logger" on-invalid="null" />
Expand Down
2 changes: 1 addition & 1 deletion Resources/config/security_rememberme.xml
View file
Expand Up @@ -16,7 +16,7 @@
</service>

<service id="security.authentication.provider.rememberme" class="Symfony\Component\Security\Core\Authentication\Provider\RememberMeAuthenticationProvider" abstract="true" public="false">
<argument type="service" id="security.user_checker" />
<argument /> <!-- User Checker -->
</service>

<service id="security.rememberme.token.provider.in_memory" class="Symfony\Component\Security\Core\Authentication\RememberMe\InMemoryTokenProvider" public="false" />
Expand Down
22 changes: 22 additions & 0 deletions Tests/DependencyInjection/CompleteConfigurationTest.php
View file
Expand Up @@ -92,6 +92,13 @@ public function testFirewalls()
'security.authentication.listener.anonymous.host',
'security.access_listener',
),
array(
'security.channel_listener',
'security.context_listener.1',
'security.authentication.listener.basic.with_user_checker',
'security.authentication.listener.anonymous.with_user_checker',
'security.access_listener',
),
), $listeners);
}

Expand Down Expand Up @@ -231,6 +238,21 @@ public function testRememberMeThrowExceptions()
$this->assertFalse($service->getArgument(5));
}

public function testUserCheckerConfig()
{
$this->assertEquals('app.user_checker', $this->getContainer('container1')->getAlias('security.user_checker.with_user_checker'));
}

public function testUserCheckerConfigWithDefaultChecker()
{
$this->assertEquals('security.user_checker', $this->getContainer('container1')->getAlias('security.user_checker.host'));
}

public function testUserCheckerConfigWithNoCheckers()
{
$this->assertEquals('security.user_checker', $this->getContainer('container1')->getAlias('security.user_checker.secure'));
}

protected function getContainer($file)
{
$container = new ContainerBuilder();
Expand Down
6 changes: 6 additions & 0 deletions Tests/DependencyInjection/Fixtures/php/container1.php
View file
Expand Up @@ -72,6 +72,7 @@
'remote_user' => true,
'logout' => true,
'remember_me' => array('secret' => 'TheSecret'),
'user_checker' => null,
),
'host' => array(
'pattern' => '/test',
Expand All @@ -80,6 +81,11 @@
'anonymous' => true,
'http_basic' => true,
),
'with_user_checker' => array(
'user_checker' => 'app.user_checker',
'anonymous' => true,
'http_basic' => true,
),
),

'access_control' => array(
Expand Down
7 changes: 7 additions & 0 deletions Tests/DependencyInjection/Fixtures/xml/container1.xml
View file
Expand Up @@ -55,6 +55,7 @@
<switch-user />
<x509 />
<remote-user />
<user-checker />
<logout />
<remember-me secret="TheSecret"/>
</firewall>
Expand All @@ -64,6 +65,12 @@
<http-basic />
</firewall>

<firewall name="with_user_checker">
<anonymous />
<http-basic />
<user-checker>app.user_checker</user-checker>
</firewall>

<role id="ROLE_ADMIN">ROLE_USER</role>
<role id="ROLE_SUPER_ADMIN">ROLE_USER,ROLE_ADMIN,ROLE_ALLOWED_TO_SWITCH</role>
<role id="ROLE_REMOTE">ROLE_USER,ROLE_ADMIN</role>
Expand Down
7 changes: 7 additions & 0 deletions Tests/DependencyInjection/Fixtures/yml/container1.yml
View file
Expand Up @@ -56,13 +56,20 @@ security:
logout: true
remember_me:
secret: TheSecret
user_checker: ~

host:
pattern: /test
host: foo\.example\.org
methods: [GET,POST]
anonymous: true
http_basic: true

with_user_checker:
anonymous: ~
http_basic: ~
user_checker: app.user_checker

role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
Expand Down
31 changes: 29 additions & 2 deletions Tests/DependencyInjection/MainConfigurationTest.php
View file
Expand Up @@ -46,7 +46,7 @@ public function testNoConfigForProvider()

$processor = new Processor();
$configuration = new MainConfiguration(array(), array());
$config = $processor->processConfiguration($configuration, array($config));
$processor->processConfiguration($configuration, array($config));
}

/**
Expand All @@ -65,7 +65,7 @@ public function testManyConfigForProvider()

$processor = new Processor();
$configuration = new MainConfiguration(array(), array());
$config = $processor->processConfiguration($configuration, array($config));
$processor->processConfiguration($configuration, array($config));
}

public function testCsrfAliases()
Expand Down Expand Up @@ -108,8 +108,35 @@ public function testCsrfOriginalAndAliasValueCausesException()
);
$config = array_merge(static::$minimalConfig, $config);

$processor = new Processor();
$configuration = new MainConfiguration(array(), array());
$processor->processConfiguration($configuration, array($config));
}

public function testDefaultUserCheckers()
{
$processor = new Processor();
$configuration = new MainConfiguration(array(), array());
$processedConfig = $processor->processConfiguration($configuration, array(static::$minimalConfig));

$this->assertEquals('security.user_checker', $processedConfig['firewalls']['stub']['user_checker']);
}

public function testUserCheckers()
{
$config = array(
'firewalls' => array(
'stub' => array(
'user_checker' => 'app.henk_checker',
),
),
);
$config = array_merge(static::$minimalConfig, $config);

$processor = new Processor();
$configuration = new MainConfiguration(array(), array());
$processedConfig = $processor->processConfiguration($configuration, array($config));

$this->assertEquals('app.henk_checker', $processedConfig['firewalls']['stub']['user_checker']);
}
}
3 changes: 2 additions & 1 deletion Tests/DependencyInjection/Security/Factory/GuardAuthenticationFactoryTest.php
View file
Expand Up @@ -109,6 +109,7 @@ public function testBasicCreate()
'index_0' => array(new Reference('authenticator123')),
'index_1' => new Reference('my_user_provider'),
'index_2' => 'my_firewall',
'index_3' => new Reference('security.user_checker.my_firewall'),
), $providerDefinition->getArguments());

$listenerDefinition = $container->getDefinition('security.authentication.listener.guard.my_firewall');
Expand All @@ -123,7 +124,7 @@ public function testExistingDefaultEntryPointUsed()
'authenticators' => array('authenticator123'),
'entry_point' => null,
);
list($container, $entryPointId) = $this->executeCreate($config, 'some_default_entry_point');
list(, $entryPointId) = $this->executeCreate($config, 'some_default_entry_point');
$this->assertEquals('some_default_entry_point', $entryPointId);
}

Expand Down

0 comments on commit 6b462b2

Please sign in to comment.