symfony/src/Symfony/Component/HttpKernel/Security/Firewall.php

<?php

/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\HttpKernel\Security;

use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\EventDispatcher\Event;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpFoundation\Request;

/**
 * Firewall uses a FirewallMap to register security listeners for the given
 * request.
 *
 * It allows for different security strategies within the same application
 * (a Basic authentication for the /api, and a web based authentication for
 * everything else for instance).
 *
 * @author Fabien Potencier <fabien.potencier@symfony-project.com>
 */
class Firewall
{
    protected $map;
    protected $dispatcher;
    protected $currentListeners;

    /**
     * Constructor.
     *
     * @param FirewallMap $map A FirewallMap instance
     */
    public function __construct(FirewallMapInterface $map)
    {
        $this->map = $map;
        $this->currentListeners = array();
    }

    /**
     * Registers a core.request listener to enforce security.
     *
     * @param EventDispatcher $dispatcher An EventDispatcher instance
     * @param integer         $priority   The priority
     */
    public function register(EventDispatcher $dispatcher, $priority = 0)
    {
        $dispatcher->connect('core.request', array($this, 'handle'), $priority);
        $this->dispatcher = $dispatcher;
    }

    /**
     * Handles security.
     *
     * @param Event $event An Event instance
     */
    public function handle(Event $event)
    {
        if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) {
            return;
        }

        $request = $event->get('request');

        // disconnect all listeners from core.security to avoid the overhead
        // of most listeners having to do this manually
        $this->dispatcher->disconnect('core.security');

        // ensure that listeners disconnect from wherever they have connected to
        foreach ($this->currentListeners as $listener) {
            $listener->unregister($this->dispatcher);
        }

        // register listeners for this firewall
        list($listeners, $exception) = $this->map->getListeners($request);
        if (null !== $exception) {
            $exception->register($this->dispatcher);
        }
        foreach ($listeners as $listener) {
            $listener->register($this->dispatcher);
        }

        // save current listener instances
        $this->currentListeners = $listeners;
        if (null !== $exception) {
            $this->currentListeners[] = $exception;
        }

        // initiate the listener chain
        $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request)));
        if ($e->isProcessed()) {
            $event->setReturnValue($e->getReturnValue());

            return true;
        }

        return;
    }
}
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`<?php`

normalized license messages in PHP files 2011-01-15 13:29:43 +00:00			`/*`
			`* This file is part of the Symfony package.`
			`*`
			`* (c) Fabien Potencier <fabien.potencier@symfony-project.com>`
			`*`
			`* For the full copyright and license information, please view the LICENSE`
			`* file that was distributed with this source code.`
			`*/`

added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`namespace Symfony\Component\HttpKernel\Security;`

			`use Symfony\Component\EventDispatcher\EventDispatcher;`
			`use Symfony\Component\EventDispatcher\Event;`
			`use Symfony\Component\HttpKernel\HttpKernelInterface;`
			`use Symfony\Component\HttpFoundation\Request;`

			`/**`
[HttpKernel\Security]Fixed markup 2010-10-23 09:42:49 +01:00			`* Firewall uses a FirewallMap to register security listeners for the given`
			`* request.`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`*`
			`* It allows for different security strategies within the same application`
[HttpKernel\Security]Fixed markup 2010-10-23 09:42:49 +01:00			`* (a Basic authentication for the /api, and a web based authentication for`
			`* everything else for instance).`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`*`
			`* @author Fabien Potencier <fabien.potencier@symfony-project.com>`
			`*/`
			`class Firewall`
			`{`
			`protected $map;`
			`protected $dispatcher;`
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`protected $currentListeners;`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
			`/**`
			`* Constructor.`
			`*`
			`* @param FirewallMap $map A FirewallMap instance`
			`*/`
some performance tweaks This adds lazy loading for firewall configurations. This is useful when you have multiple firewalls, only the firewalls which are actually needed to process the Request are initialized. So, your event dispatcher is not as costly to initialize anymore. It also implements re-using of RequestMatchers if all matching rules are the same, and exposes the remaining rules which are already implemented by the request matcher (host, ip, methods) in the access-control section 2011-01-21 10:00:52 +00:00			`public function __construct(FirewallMapInterface $map)`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`{`
			`$this->map = $map;`
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`$this->currentListeners = array();`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`}`

			`/**`
			`* Registers a core.request listener to enforce security.`
			`*`
			`* @param EventDispatcher $dispatcher An EventDispatcher instance`
			`* @param integer $priority The priority`
			`*/`
			`public function register(EventDispatcher $dispatcher, $priority = 0)`
			`{`
			`$dispatcher->connect('core.request', array($this, 'handle'), $priority);`
			`$this->dispatcher = $dispatcher;`
			`}`

			`/**`
			`* Handles security.`
			`*`
			`* @param Event $event An Event instance`
			`*/`
			`public function handle(Event $event)`
			`{`
made some method name changes to have a better coherence throughout the framework When an object has a "main" many relation with related "things" (objects, parameters, ...), the method names are normalized: * get() * set() * all() * replace() * remove() * clear() * isEmpty() * add() * register() * count() * keys() The classes below follow this method naming convention: * BrowserKit\CookieJar -> Cookie * BrowserKit\History -> Request * Console\Application -> Command * Console\Application\Helper\HelperSet -> HelperInterface * DependencyInjection\Container -> services * DependencyInjection\ContainerBuilder -> services * DependencyInjection\ParameterBag\ParameterBag -> parameters * DependencyInjection\ParameterBag\FrozenParameterBag -> parameters * DomCrawler\Form -> FormField * EventDispatcher\Event -> parameters * Form\FieldGroup -> Field * HttpFoundation\HeaderBag -> headers * HttpFoundation\ParameterBag -> parameters * HttpFoundation\Session -> attributes * HttpKernel\Profiler\Profiler -> DataCollectorInterface * Routing\RouteCollection -> Route * Security\Authentication\AuthenticationProviderManager -> AuthenticationProviderInterface * Templating\Engine -> HelperInterface * Translation\MessageCatalogue -> messages The usage of these methods are only allowed when it is clear that there is a main relation: * a CookieJar has many Cookies; * a Container has many services and many parameters (as services is the main relation, we use the naming convention for this relation); * a Console Input has many arguments and many options. There is no "main" relation, and so the naming convention does not apply. For many relations where the convention does not apply, the following methods must be used instead (where XXX is the name of the related thing): * get() -> getXXX() * set() -> setXXX() * all() -> getXXXs() * replace() -> setXXXs() * remove() -> removeXXX() * clear() -> clearXXX() * isEmpty() -> isEmptyXXX() * add() -> addXXX() * register() -> registerXXX() * count() -> countXXX() * keys() 2010-11-23 08:42:19 +00:00			`if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) {`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`return;`
			`}`

made some method name changes to have a better coherence throughout the framework When an object has a "main" many relation with related "things" (objects, parameters, ...), the method names are normalized: * get() * set() * all() * replace() * remove() * clear() * isEmpty() * add() * register() * count() * keys() The classes below follow this method naming convention: * BrowserKit\CookieJar -> Cookie * BrowserKit\History -> Request * Console\Application -> Command * Console\Application\Helper\HelperSet -> HelperInterface * DependencyInjection\Container -> services * DependencyInjection\ContainerBuilder -> services * DependencyInjection\ParameterBag\ParameterBag -> parameters * DependencyInjection\ParameterBag\FrozenParameterBag -> parameters * DomCrawler\Form -> FormField * EventDispatcher\Event -> parameters * Form\FieldGroup -> Field * HttpFoundation\HeaderBag -> headers * HttpFoundation\ParameterBag -> parameters * HttpFoundation\Session -> attributes * HttpKernel\Profiler\Profiler -> DataCollectorInterface * Routing\RouteCollection -> Route * Security\Authentication\AuthenticationProviderManager -> AuthenticationProviderInterface * Templating\Engine -> HelperInterface * Translation\MessageCatalogue -> messages The usage of these methods are only allowed when it is clear that there is a main relation: * a CookieJar has many Cookies; * a Container has many services and many parameters (as services is the main relation, we use the naming convention for this relation); * a Console Input has many arguments and many options. There is no "main" relation, and so the naming convention does not apply. For many relations where the convention does not apply, the following methods must be used instead (where XXX is the name of the related thing): * get() -> getXXX() * set() -> setXXX() * all() -> getXXXs() * replace() -> setXXXs() * remove() -> removeXXX() * clear() -> clearXXX() * isEmpty() -> isEmptyXXX() * add() -> addXXX() * register() -> registerXXX() * count() -> countXXX() * keys() 2010-11-23 08:42:19 +00:00			`$request = $event->get('request');`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`// disconnect all listeners from core.security to avoid the overhead`
			`// of most listeners having to do this manually`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`$this->dispatcher->disconnect('core.security');`
some performance tweaks This adds lazy loading for firewall configurations. This is useful when you have multiple firewalls, only the firewalls which are actually needed to process the Request are initialized. So, your event dispatcher is not as costly to initialize anymore. It also implements re-using of RequestMatchers if all matching rules are the same, and exposes the remaining rules which are already implemented by the request matcher (host, ip, methods) in the access-control section 2011-01-21 10:00:52 +00:00
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`// ensure that listeners disconnect from wherever they have connected to`
			`foreach ($this->currentListeners as $listener) {`
			`$listener->unregister($this->dispatcher);`
			`}`
some performance tweaks This adds lazy loading for firewall configurations. This is useful when you have multiple firewalls, only the firewalls which are actually needed to process the Request are initialized. So, your event dispatcher is not as costly to initialize anymore. It also implements re-using of RequestMatchers if all matching rules are the same, and exposes the remaining rules which are already implemented by the request matcher (host, ip, methods) in the access-control section 2011-01-21 10:00:52 +00:00
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`// register listeners for this firewall`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`list($listeners, $exception) = $this->map->getListeners($request);`
			`if (null !== $exception) {`
			`$exception->register($this->dispatcher);`
			`}`
			`foreach ($listeners as $listener) {`
			`$listener->register($this->dispatcher);`
			`}`
some performance tweaks This adds lazy loading for firewall configurations. This is useful when you have multiple firewalls, only the firewalls which are actually needed to process the Request are initialized. So, your event dispatcher is not as costly to initialize anymore. It also implements re-using of RequestMatchers if all matching rules are the same, and exposes the remaining rules which are already implemented by the request matcher (host, ip, methods) in the access-control section 2011-01-21 10:00:52 +00:00
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`// save current listener instances`
			`$this->currentListeners = $listeners;`
fixed user refreshing after unserialization 2010-12-08 12:51:26 +00:00			`if (null !== $exception) {`
			`$this->currentListeners[] = $exception;`
			`}`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
fixes bugs due to not disconnected listeners 2010-12-03 17:47:54 +00:00			`// initiate the listener chain`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`$e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request)));`
			`if ($e->isProcessed()) {`
			`$event->setReturnValue($e->getReturnValue());`

			`return true;`
			`}`

			`return;`
			`}`
			`}`