Skip to content

Commit

Permalink
bug #22470 [SecurityBundle] conditionally register user checker FQCN …
Browse files Browse the repository at this point in the history 
…alias (xabbuh)

This PR was merged into the 3.3-dev branch.

Discussion
----------

[SecurityBundle] conditionally register user checker FQCN alias

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #22466
| License       | MIT
| Doc PR        |

Commits
-------

eede70a conditionally register user checker FQCN alias
  • Loading branch information
@fabpot
fabpot committed Apr 19, 2017
2 parents 610a238 + eede70a commit df155dd
Show file tree
Hide file tree
Showing 5 changed files with 101 additions and 0 deletions.
11 changes: 11 additions & 0 deletions src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
View file
Expand Up @@ -245,10 +245,16 @@ private function createFirewalls($config, ContainerBuilder $container)
$arguments[1] = $userProviders;
$definition->setArguments($arguments);

$customUserChecker = false;

// load firewall map
$mapDef = $container->getDefinition('security.firewall.map');
$map = $authenticationProviders = $contextRefs = array();
foreach ($firewalls as $name => $firewall) {
if (isset($firewall['user_checker']) && 'security.user_checker' !== $firewall['user_checker']) {
$customUserChecker = true;
}

$configId = 'security.firewall.map.config.'.$name;

list($matcher, $listeners, $exceptionListener) = $this->createFirewall($container, $name, $firewall, $authenticationProviders, $providerIds, $configId);
Expand All @@ -275,6 +281,11 @@ private function createFirewalls($config, ContainerBuilder $container)
->getDefinition('security.authentication.manager')
->replaceArgument(0, new IteratorArgument($authenticationProviders))
;

// register an autowire alias for the UserCheckerInterface if no custom user checker service is configured
if (!$customUserChecker) {
$container->setAlias('Symfony\Component\Security\Core\User\UserCheckerInterface', new Alias('security.user_checker', false));
}
}

private function createFirewall(ContainerBuilder $container, $id, $firewall, &$authenticationProviders, $providerIds, $configId)
Expand Down
10 changes: 10 additions & 0 deletions src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
View file
Expand Up @@ -172,6 +172,8 @@ public function testFirewalls()
'security.access_listener',
),
), $listeners);

$this->assertFalse($container->hasAlias('Symfony\Component\Security\Core\User\UserCheckerInterface', 'No user checker alias is registered when custom user checker services are registered'));
}

public function testFirewallRequestMatchers()
Expand Down Expand Up @@ -200,6 +202,14 @@ public function testFirewallRequestMatchers()
), $matchers);
}

public function testUserCheckerAliasIsRegistered()
{
$container = $this->getContainer('no_custom_user_checker');

$this->assertTrue($container->hasAlias('Symfony\Component\Security\Core\User\UserCheckerInterface', 'Alias for user checker is registered when no custom user checker service is registered'));
$this->assertFalse($container->getAlias('Symfony\Component\Security\Core\User\UserCheckerInterface')->isPublic());
}

public function testAccess()
{
$container = $this->getContainer('container1');
Expand Down
28 changes: 28 additions & 0 deletions ...y/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/no_custom_user_checker.php
View file
@@ -0,0 +1,28 @@
<?php

$container->loadFromExtension('security', array(
'providers' => array(
'default' => array(
'memory' => array(
'users' => array(
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
),
),
),
),
'firewalls' => array(
'simple' => array('pattern' => '/login', 'security' => false),
'secure' => array('stateless' => true,
'http_basic' => true,
'http_digest' => array('secret' => 'TheSecret'),
'form_login' => true,
'anonymous' => true,
'switch_user' => true,
'x509' => true,
'remote_user' => true,
'logout' => true,
'remember_me' => array('secret' => 'TheSecret'),
'user_checker' => null,
),
),
));
29 changes: 29 additions & 0 deletions ...y/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/no_custom_user_checker.xml
View file
@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<srv:container xmlns="http://symfony.com/schema/dic/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:srv="http://symfony.com/schema/dic/services"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<config>
<provider name="default">
<memory>
<user name="foo" password="foo" roles="ROLE_USER" />
</memory>
</provider>

<firewall name="simple" pattern="/login" security="false" />

<firewall name="secure" stateless="true">
<http-basic />
<http-digest secret="TheSecret" />
<form-login />
<anonymous />
<switch-user />
<x509 />
<remote-user />
<user-checker />
<logout />
<remember-me secret="TheSecret"/>
</firewall>
</config>
</srv:container>
23 changes: 23 additions & 0 deletions ...y/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/no_custom_user_checker.yml
View file
@@ -0,0 +1,23 @@
security:
providers:
default:
memory:
users:
foo: { password: foo, roles: ROLE_USER }

firewalls:
simple: { pattern: /login, security: false }
secure:
stateless: true
http_basic: true
http_digest:
secret: TheSecret
form_login: true
anonymous: true
switch_user: true
x509: true
remote_user: true
logout: true
remember_me:
secret: TheSecret
user_checker: ~

0 comments on commit df155dd

Please sign in to comment.