feature #46066 [Security] Add an easier way to get the current firewa…

…ll configuration (Kocal) This PR was merged into the 6.2 branch. Discussion ---------- [Security] Add an easier way to get the current firewall configuration | Q | A | ------------- | --- | Branch? | 6.1  | Bug fix? | no | New feature? | yes  | Deprecations? | no  | Tickets | Fix #46015  | License | MIT | Doc PR | symfony/symfony-docs#...  Added a new method `Security#getFirewallConfig($request)` to easily get the firewall configuration associated to the `Request`. The firewall name can be accessed through `$security->getFirewallConfig($request)?->getName()`. Commits ------- d435e19 [Security] Add an easier way to get the current firewall configuration
symfony · Jun 7, 2022 · 1e85fba · 1e85fba
2 parents 09a0edf + d435e19
commit 1e85fba
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 1 deletion.
diff --git a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
@@ -6,6 +6,7 @@ CHANGELOG
 
  * Add the `Security` helper class
  * Deprecate the `Symfony\Component\Security\Core\Security` service alias, use `Symfony\Bundle\SecurityBundle\Security\Security` instead
+ * Add `Security::getFirewallConfig()` to help to get the firewall configuration associated to the Request
 
 6.1
 ---

diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security.php b/src/Symfony/Bundle/SecurityBundle/Resources/config/security.php
@@ -80,6 +80,7 @@
             ->args([service_locator([
                 'security.token_storage' => service('security.token_storage'),
                 'security.authorization_checker' => service('security.authorization_checker'),
+                'security.firewall.map' => service('security.firewall.map'),
             ])])
         ->alias(Security::class, 'security.helper')
         ->alias(LegacySecurity::class, 'security.helper')

diff --git a/src/Symfony/Bundle/SecurityBundle/Security/Security.php b/src/Symfony/Bundle/SecurityBundle/Security/Security.php
@@ -12,6 +12,7 @@
 namespace Symfony\Bundle\SecurityBundle\Security;
 
 use Psr\Container\ContainerInterface;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Security as LegacySecurity;
 
 /**
@@ -21,8 +22,13 @@
  */
 class Security extends LegacySecurity
 {
-    public function __construct(ContainerInterface $container)
+    public function __construct(private ContainerInterface $container)
     {
         parent::__construct($container, false);
     }
+
+    public function getFirewallConfig(Request $request): ?FirewallConfig
+    {
+        return $this->container->get('security.firewall.map')->getFirewallConfig($request);
+    }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
@@ -11,7 +11,9 @@
 
 namespace Symfony\Bundle\SecurityBundle\Tests\Functional;
 
+use Symfony\Bundle\SecurityBundle\Security\FirewallConfig;
 use Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\SecuredPageBundle\Security\Core\User\ArrayUserProvider;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\User\InMemoryUser;
 use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
@@ -33,6 +35,8 @@ public function testServiceIsFunctional()
         $security = $container->get('functional_test.security.helper');
         $this->assertTrue($security->isGranted('ROLE_USER'));
         $this->assertSame($token, $security->getToken());
+        $this->assertInstanceOf(FirewallConfig::class, $firewallConfig = $security->getFirewallConfig(new Request()));
+        $this->assertSame('default', $firewallConfig->getName());
     }
 
     /**

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Security/SecurityTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Security/SecurityTest.php
@@ -13,8 +13,11 @@
 
 use PHPUnit\Framework\TestCase;
 use Psr\Container\ContainerInterface;
+use Symfony\Bundle\SecurityBundle\Security\FirewallConfig;
+use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
 use Symfony\Bundle\SecurityBundle\Security\Security;
 use Symfony\Component\DependencyInjection\ServiceLocator;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
@@ -82,6 +85,32 @@ public function testIsGranted()
         $this->assertTrue($security->isGranted('SOME_ATTRIBUTE', 'SOME_SUBJECT'));
     }
 
+    /**
+     * @dataProvider getFirewallConfigTests
+     */
+    public function testGetFirewallConfig(Request $request, ?FirewallConfig $expectedFirewallConfig)
+    {
+        $firewallMap = $this->createMock(FirewallMap::class);
+
+        $firewallMap->expects($this->once())
+            ->method('getFirewallConfig')
+            ->with($request)
+            ->willReturn($expectedFirewallConfig);
+
+        $container = $this->createContainer('security.firewall.map', $firewallMap);
+
+        $security = new \Symfony\Component\Security\Core\Security($container);
+        $this->assertSame($expectedFirewallConfig, $security->getFirewallConfig($request));
+    }
+
+    public function getFirewallConfigTests()
+    {
+        $request = new Request();
+
+        yield [$request, null];
+        yield [$request, new FirewallConfig('main', 'acme_user_checker')];
+    }
+
     private function createContainer(string $serviceId, object $serviceObject): ContainerInterface
     {
         return new ServiceLocator([$serviceId => fn () => $serviceObject]);