diff --git a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php index a795177962..53bc0e1fb5 100644 --- a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php +++ b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php @@ -11,7 +11,7 @@ namespace Symfony\Bundle\SecurityBundle\DataCollector; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\DataCollector\DataCollector; @@ -25,7 +25,7 @@ class SecurityDataCollector extends DataCollector { protected $context; - public function __construct(SecurityContext $context = null) + public function __construct(SecurityContextInterface $context = null) { $this->context = $context; } @@ -53,7 +53,7 @@ class SecurityDataCollector extends DataCollector $this->data = array( 'enabled' => true, 'authenticated' => $token->isAuthenticated(), - 'user' => (string) $token->getUser(), + 'user' => (string) $token, 'roles' => array_map(function ($role){ return $role->getRole();}, $token->getRoles()), ); } diff --git a/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php b/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php index 1a347cdb71..f9325adadb 100644 --- a/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php +++ b/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php @@ -11,8 +11,9 @@ namespace Symfony\Bundle\SecurityBundle\Templating\Helper; +use Symfony\Component\Security\Acl\Voter\FieldVote; use Symfony\Component\Templating\Helper\Helper; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; /** * SecurityHelper provides read-only access to the security context. @@ -28,7 +29,7 @@ class SecurityHelper extends Helper * * @param SecurityContext $context A SecurityContext instance */ - public function __construct(SecurityContext $context = null) + public function __construct(SecurityContextInterface $context = null) { $this->context = $context; } @@ -39,7 +40,11 @@ class SecurityHelper extends Helper return false; } - return $this->context->vote($role, $object, $field); + if (null !== $field) { + $object = new FieldVote($object, $field); + } + + return $this->context->vote($role, $object); } /** diff --git a/src/Symfony/Bundle/SecurityBundle/Twig/Extension/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/Twig/Extension/SecurityExtension.php index 748e8629c2..77a701b586 100644 --- a/src/Symfony/Bundle/SecurityBundle/Twig/Extension/SecurityExtension.php +++ b/src/Symfony/Bundle/SecurityBundle/Twig/Extension/SecurityExtension.php @@ -11,7 +11,8 @@ namespace Symfony\Bundle\SecurityBundle\Twig\Extension; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Acl\Voter\FieldVote; +use Symfony\Component\Security\Core\SecurityContextInterface; /** * SecurityExtension exposes security context features. @@ -22,7 +23,7 @@ class SecurityExtension extends \Twig_Extension { protected $context; - public function __construct(SecurityContext $context = null) + public function __construct(SecurityContextInterface $context = null) { $this->context = $context; } @@ -33,7 +34,11 @@ class SecurityExtension extends \Twig_Extension return false; } - return $this->context->vote($role, $object, $field); + if (null !== $field) { + $object = new FieldVote($object, $field); + } + + return $this->context->vote($role, $object); } /** diff --git a/src/Symfony/Bundle/TwigBundle/GlobalVariables.php b/src/Symfony/Bundle/TwigBundle/GlobalVariables.php index d8be97f069..f9dca9f47f 100644 --- a/src/Symfony/Bundle/TwigBundle/GlobalVariables.php +++ b/src/Symfony/Bundle/TwigBundle/GlobalVariables.php @@ -36,10 +36,20 @@ class GlobalVariables public function getUser() { - $security = $this->getSecurity(); - if ($security && $user = $security->getUser()) { - return $user; + if (!$security = $this->getSecurity()) { + return; } + + if (!$token = $security->getToken()) { + return; + } + + $user = $token->getUser(); + if (!is_object($user)) { + return; + } + + return $user; } public function getRequest() diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/Token.php b/src/Symfony/Component/Security/Core/Authentication/Token/Token.php index 1efa5d6cb8..41b9f6767e 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/Token.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/Token.php @@ -85,9 +85,7 @@ abstract class Token implements TokenInterface */ public function __toString() { - if (is_string($this->user)) { - return $this->user; - } else if ($this->user instanceof AccountInterface) { + if ($this->user instanceof AccountInterface) { return $this->user->getUsername(); } diff --git a/src/Symfony/Component/Security/Core/SecurityContext.php b/src/Symfony/Component/Security/Core/SecurityContext.php index 405ace9e62..079636afc4 100644 --- a/src/Symfony/Component/Security/Core/SecurityContext.php +++ b/src/Symfony/Component/Security/Core/SecurityContext.php @@ -11,6 +11,8 @@ namespace Symfony\Component\Security\Core; +use Symfony\Component\Security\Core\User\AccountInterface; +use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; @@ -22,13 +24,10 @@ use Symfony\Component\Security\Acl\Voter\FieldVote; * It gives access to the token representing the current user authentication. * * @author Fabien Potencier + * @author Johannes M. Schmitt */ -class SecurityContext +class SecurityContext implements SecurityContextInterface { - const ACCESS_DENIED_ERROR = '_security.403_error'; - const AUTHENTICATION_ERROR = '_security.last_error'; - const LAST_USERNAME = '_security.last_username'; - protected $token; protected $accessDecisionManager; protected $authenticationManager; @@ -39,30 +38,17 @@ class SecurityContext * * @param AccessDecisionManagerInterface|null $accessDecisionManager An AccessDecisionManager instance */ - public function __construct(AuthenticationManagerInterface $authenticationManager, AccessDecisionManagerInterface $accessDecisionManager = null, $alwaysAuthenticate = false) + public function __construct(AuthenticationManagerInterface $authenticationManager, AccessDecisionManagerInterface $accessDecisionManager, $alwaysAuthenticate = false) { $this->authenticationManager = $authenticationManager; $this->accessDecisionManager = $accessDecisionManager; $this->alwaysAuthenticate = $alwaysAuthenticate; } - public function getUser() + public final function vote($attributes, $object = null) { - return null === $this->token ? null : $this->token->getUser(); - } - - public function vote($attributes, $object = null, $field = null) - { - if (null === $this->token || null === $this->accessDecisionManager) { - return false; - } - - if ($field !== null) { - if (null === $object) { - throw new \InvalidArgumentException('$object cannot be null when field is not null.'); - } - - $object = new FieldVote($object, $field); + if (null === $this->token) { + throw new AuthenticationCredentialsNotFoundException('The security context contains no authentication token.'); } if ($this->alwaysAuthenticate || !$this->token->isAuthenticated()) { diff --git a/src/Symfony/Component/Security/Core/SecurityContextInterface.php b/src/Symfony/Component/Security/Core/SecurityContextInterface.php new file mode 100644 index 0000000000..fd205d6dbd --- /dev/null +++ b/src/Symfony/Component/Security/Core/SecurityContextInterface.php @@ -0,0 +1,21 @@ + + */ +interface SecurityContextInterface +{ + const ACCESS_DENIED_ERROR = '_security.403_error'; + const AUTHENTICATION_ERROR = '_security.last_error'; + const LAST_USERNAME = '_security.last_username'; + + function getToken(); + function setToken(TokenInterface $account); + function vote($attributes, $object = null); +} \ No newline at end of file diff --git a/src/Symfony/Component/Security/Http/EntryPoint/FormAuthenticationEntryPoint.php b/src/Symfony/Component/Security/Http/EntryPoint/FormAuthenticationEntryPoint.php index 7bf4881c0c..0993fa7231 100644 --- a/src/Symfony/Component/Security/Http/EntryPoint/FormAuthenticationEntryPoint.php +++ b/src/Symfony/Component/Security/Http/EntryPoint/FormAuthenticationEntryPoint.php @@ -16,7 +16,6 @@ use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; -use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\HttpKernel\HttpKernelInterface; /** diff --git a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php index 5d50df3020..33351102d1 100644 --- a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php @@ -17,7 +17,7 @@ use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterfa use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; @@ -61,12 +61,12 @@ abstract class AbstractAuthenticationListener implements ListenerInterface /** * Constructor. * - * @param SecurityContext $securityContext A SecurityContext instance + * @param SecurityContextInterface $securityContext A SecurityContext instance * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance * @param array $options An array of options for the processing of a successful, or failed authentication attempt * @param LoggerInterface $logger A LoggerInterface instance */ - public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); diff --git a/src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php b/src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php index 9555bfe7db..555dadb2ce 100644 --- a/src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php @@ -12,7 +12,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\EventDispatcher\Event; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; @@ -36,7 +36,7 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface protected $logger; protected $eventDispatcher; - public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null) { $this->securityContext = $securityContext; $this->authenticationManager = $authenticationManager; diff --git a/src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php index 986cd21ee5..05d23012e0 100644 --- a/src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\EventDispatcher\EventInterface; @@ -29,7 +29,7 @@ class AnonymousAuthenticationListener implements ListenerInterface protected $key; protected $logger; - public function __construct(SecurityContext $context, $key, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $context, $key, LoggerInterface $logger = null) { $this->context = $context; $this->key = $key; @@ -47,7 +47,7 @@ class AnonymousAuthenticationListener implements ListenerInterface { $dispatcher->connect('core.security', array($this, 'handle'), 0); } - + /** * {@inheritDoc} */ diff --git a/src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php index 710d184f61..972d081e77 100644 --- a/src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; @@ -34,7 +34,7 @@ class BasicAuthenticationListener implements ListenerInterface protected $logger; protected $ignoreFailure; - public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); diff --git a/src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php index 040795a880..76517a4d8a 100644 --- a/src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; use Symfony\Component\HttpKernel\Log\LoggerInterface; @@ -38,7 +38,7 @@ class DigestAuthenticationListener implements ListenerInterface protected $authenticationEntryPoint; protected $logger; - public function __construct(SecurityContext $securityContext, UserProviderInterface $provider, $providerKey, DigestAuthenticationEntryPoint $authenticationEntryPoint, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, $providerKey, DigestAuthenticationEntryPoint $authenticationEntryPoint, LoggerInterface $logger = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); diff --git a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php index 0116b46185..7a47437e62 100644 --- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php @@ -13,7 +13,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; @@ -41,7 +41,7 @@ class ExceptionListener implements ListenerInterface protected $errorPage; protected $logger; - public function __construct(SecurityContext $context, AuthenticationTrustResolverInterface $trustResolver, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null) { $this->context = $context; $this->accessDeniedHandler = $accessDeniedHandler; diff --git a/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php b/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php index fb4bac91fc..681ed68589 100644 --- a/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/LogoutListener.php @@ -12,7 +12,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\HttpFoundation\Response; @@ -32,11 +32,11 @@ class LogoutListener implements ListenerInterface /** * Constructor * - * @param SecurityContext $securityContext + * @param SecurityContextInterface $securityContext * @param string $logoutPath The path that starts the logout process * @param string $targetUrl The URL to redirect to after logout */ - public function __construct(SecurityContext $securityContext, $logoutPath, $targetUrl = '/') + public function __construct(SecurityContextInterface $securityContext, $logoutPath, $targetUrl = '/') { $this->securityContext = $securityContext; $this->logoutPath = $logoutPath; diff --git a/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php b/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php index d8ae42d2ea..65cb428a8e 100644 --- a/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php @@ -12,7 +12,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\EventDispatcher\Event; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\AccountCheckerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; @@ -48,7 +48,7 @@ class SwitchUserListener implements ListenerInterface /** * Constructor. */ - public function __construct(SecurityContext $securityContext, UserProviderInterface $provider, AccountCheckerInterface $accountChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH') + public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, AccountCheckerInterface $accountChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH') { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); diff --git a/src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php index bd8e57b89d..0d642e6f48 100644 --- a/src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContext; +use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; @@ -27,7 +27,7 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener protected $userKey; protected $credentialKey; - public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null) { parent::__construct($securityContext, $authenticationManager, $providerKey, $logger); diff --git a/tests/Symfony/Tests/Component/Security/Core/SecurityContextTest.php b/tests/Symfony/Tests/Component/Security/Core/SecurityContextTest.php index 0b79230979..8bfb7e982e 100644 --- a/tests/Symfony/Tests/Component/Security/Core/SecurityContextTest.php +++ b/tests/Symfony/Tests/Component/Security/Core/SecurityContextTest.php @@ -16,18 +16,6 @@ use Symfony\Component\Security\Core\SecurityContext; class SecurityContextTest extends \PHPUnit_Framework_TestCase { - public function testGetUser() - { - $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')); - - $this->assertNull($context->getUser()); - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token->expects($this->once())->method('getUser')->will($this->returnValue('foo')); - $context->setToken($token); - $this->assertEquals('foo', $context->getUser()); - } - public function testVoteAuthenticatesTokenIfNecessary() { $authManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); @@ -53,13 +41,21 @@ class SecurityContextTest extends \PHPUnit_Framework_TestCase $this->assertSame($newToken, $context->getToken()); } + /** + * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException + */ + public function testVoteWithoutAuthenticationToken() + { + $context = new SecurityContext( + $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), + $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface') + ); + + $context->vote('ROLE_FOO'); + } + public function testVote() { - $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')); - $this->assertFalse($context->vote('ROLE_FOO')); - $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); - $this->assertFalse($context->vote('ROLE_FOO')); - $manager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); $manager->expects($this->once())->method('decide')->will($this->returnValue(false)); $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), $manager); @@ -85,7 +81,10 @@ class SecurityContextTest extends \PHPUnit_Framework_TestCase public function testGetSetToken() { - $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')); + $context = new SecurityContext( + $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), + $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface') + ); $this->assertNull($context->getToken()); $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'));