diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] Refactored security context, moved getUser() implementation to templating

Browse Source
This commit is contained in:
Johannes Schmitt 2011-02-11 01:07:59 +01:00 committed by Fabien Potencier
parent 66fbbd6b17
commit 19bbafc441
18 changed files with 100 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
View File

@ -11,7 +11,7 @@
namespace Symfony\Bundle\SecurityBundle\DataCollector; namespace Symfony\Bundle\SecurityBundle\DataCollector;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\DataCollector\DataCollector; use Symfony\Component\HttpKernel\DataCollector\DataCollector;
@ -25,7 +25,7 @@ class SecurityDataCollector extends DataCollector
{ {
protected $context; protected $context;
public function __construct(SecurityContext $context = null) public function __construct(SecurityContextInterface $context = null)
{ {
$this->context = $context; $this->context = $context;
} }
@ -53,7 +53,7 @@ class SecurityDataCollector extends DataCollector
$this->data = array( $this->data = array(
'enabled' => true, 'enabled' => true,
'authenticated' => $token->isAuthenticated(), 'authenticated' => $token->isAuthenticated(),
'user' => (string) $token->getUser(), 'user' => (string) $token,
'roles' => array_map(function ($role){ return $role->getRole();}, $token->getRoles()), 'roles' => array_map(function ($role){ return $role->getRole();}, $token->getRoles()),
); );
} }

11
src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php
View File

@ -11,8 +11,9 @@
namespace Symfony\Bundle\SecurityBundle\Templating\Helper; namespace Symfony\Bundle\SecurityBundle\Templating\Helper;
use Symfony\Component\Security\Acl\Voter\FieldVote;
use Symfony\Component\Templating\Helper\Helper; use Symfony\Component\Templating\Helper\Helper;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
/** /**
* SecurityHelper provides read-only access to the security context. * SecurityHelper provides read-only access to the security context.
@ -28,7 +29,7 @@ class SecurityHelper extends Helper
* *
* @param SecurityContext $context A SecurityContext instance * @param SecurityContext $context A SecurityContext instance
*/ */
public function __construct(SecurityContext $context = null) public function __construct(SecurityContextInterface $context = null)
{ {
$this->context = $context; $this->context = $context;
} }
@ -39,7 +40,11 @@ class SecurityHelper extends Helper
return false; return false;
} }
return $this->context->vote($role, $object, $field); if (null !== $field) {
$object = new FieldVote($object, $field);
}
return $this->context->vote($role, $object);
} }
/** /**

11
src/Symfony/Bundle/SecurityBundle/Twig/Extension/SecurityExtension.php
View File

@ -11,7 +11,8 @@
namespace Symfony\Bundle\SecurityBundle\Twig\Extension; namespace Symfony\Bundle\SecurityBundle\Twig\Extension;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Acl\Voter\FieldVote;
use Symfony\Component\Security\Core\SecurityContextInterface;
/** /**
* SecurityExtension exposes security context features. * SecurityExtension exposes security context features.
@ -22,7 +23,7 @@ class SecurityExtension extends \Twig_Extension
{ {
protected $context; protected $context;
public function __construct(SecurityContext $context = null) public function __construct(SecurityContextInterface $context = null)
{ {
$this->context = $context; $this->context = $context;
} }
@ -33,7 +34,11 @@ class SecurityExtension extends \Twig_Extension
return false; return false;
} }
return $this->context->vote($role, $object, $field); if (null !== $field) {
$object = new FieldVote($object, $field);
}
return $this->context->vote($role, $object);
} }
/** /**

16
src/Symfony/Bundle/TwigBundle/GlobalVariables.php
View File

@ -36,10 +36,20 @@ class GlobalVariables
public function getUser() public function getUser()
{ {
$security = $this->getSecurity(); if (!$security = $this->getSecurity()) {
if ($security && $user = $security->getUser()) { return;
return $user;
} }
if (!$token = $security->getToken()) {
return;
}
$user = $token->getUser();
if (!is_object($user)) {
return;
}
return $user;
} }
public function getRequest() public function getRequest()

4
src/Symfony/Component/Security/Core/Authentication/Token/Token.php
View File

@ -85,9 +85,7 @@ abstract class Token implements TokenInterface
*/ */
public function __toString() public function __toString()
{ {
if (is_string($this->user)) { if ($this->user instanceof AccountInterface) {
return $this->user;
} else if ($this->user instanceof AccountInterface) {
return $this->user->getUsername(); return $this->user->getUsername();
} }

30
src/Symfony/Component/Security/Core/SecurityContext.php
View File

@ -11,6 +11,8 @@
namespace Symfony\Component\Security\Core; namespace Symfony\Component\Security\Core;
use Symfony\Component\Security\Core\User\AccountInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@ -22,13 +24,10 @@ use Symfony\Component\Security\Acl\Voter\FieldVote;
* It gives access to the token representing the current user authentication. * It gives access to the token representing the current user authentication.
* *
* @author Fabien Potencier <fabien.potencier@symfony-project.com> * @author Fabien Potencier <fabien.potencier@symfony-project.com>
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
*/ */
class SecurityContext class SecurityContext implements SecurityContextInterface
{ {
const ACCESS_DENIED_ERROR = '_security.403_error';
const AUTHENTICATION_ERROR = '_security.last_error';
const LAST_USERNAME = '_security.last_username';
protected $token; protected $token;
protected $accessDecisionManager; protected $accessDecisionManager;
protected $authenticationManager; protected $authenticationManager;
@ -39,30 +38,17 @@ class SecurityContext
* *
* @param AccessDecisionManagerInterface|null $accessDecisionManager An AccessDecisionManager instance * @param AccessDecisionManagerInterface|null $accessDecisionManager An AccessDecisionManager instance
*/ */
public function __construct(AuthenticationManagerInterface $authenticationManager, AccessDecisionManagerInterface $accessDecisionManager = null, $alwaysAuthenticate = false) public function __construct(AuthenticationManagerInterface $authenticationManager, AccessDecisionManagerInterface $accessDecisionManager, $alwaysAuthenticate = false)
{ {
$this->authenticationManager = $authenticationManager; $this->authenticationManager = $authenticationManager;
$this->accessDecisionManager = $accessDecisionManager; $this->accessDecisionManager = $accessDecisionManager;
$this->alwaysAuthenticate = $alwaysAuthenticate; $this->alwaysAuthenticate = $alwaysAuthenticate;
} }
public function getUser() public final function vote($attributes, $object = null)
{ {
return null === $this->token ? null : $this->token->getUser(); if (null === $this->token) {
} throw new AuthenticationCredentialsNotFoundException('The security context contains no authentication token.');
public function vote($attributes, $object = null, $field = null)
{
if (null === $this->token || null === $this->accessDecisionManager) {
return false;
}
if ($field !== null) {
if (null === $object) {
throw new \InvalidArgumentException('$object cannot be null when field is not null.');
}
$object = new FieldVote($object, $field);
} }
if ($this->alwaysAuthenticate || !$this->token->isAuthenticated()) { if ($this->alwaysAuthenticate || !$this->token->isAuthenticated()) {

21
src/Symfony/Component/Security/Core/SecurityContextInterface.php Normal file
View File

@ -0,0 +1,21 @@
<?php
namespace Symfony\Component\Security\Core;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* The SecurityContextInterface.
*
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
*/
interface SecurityContextInterface
{
const ACCESS_DENIED_ERROR = '_security.403_error';
const AUTHENTICATION_ERROR = '_security.last_error';
const LAST_USERNAME = '_security.last_username';
function getToken();
function setToken(TokenInterface $account);
function vote($attributes, $object = null);
}

1
src/Symfony/Component/Security/Http/EntryPoint/FormAuthenticationEntryPoint.php
View File

@ -16,7 +16,6 @@ use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
use Symfony\Component\Security\Core\SecurityContext;
use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\HttpKernelInterface;
/** /**

6
src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
View File

@ -17,7 +17,7 @@ use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterfa
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@ -61,12 +61,12 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
/** /**
* Constructor. * Constructor.
* *
* @param SecurityContext $securityContext A SecurityContext instance * @param SecurityContextInterface $securityContext A SecurityContext instance
* @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance
* @param array $options An array of options for the processing of a successful, or failed authentication attempt * @param array $options An array of options for the processing of a successful, or failed authentication attempt
* @param LoggerInterface $logger A LoggerInterface instance * @param LoggerInterface $logger A LoggerInterface instance
*/ */
public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null) public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null)
{ {
if (empty($providerKey)) { if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.'); throw new \InvalidArgumentException('$providerKey must not be empty.');

4
src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php
View File

@ -12,7 +12,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\EventDispatcher\Event; use Symfony\Component\EventDispatcher\Event;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@ -36,7 +36,7 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface
protected $logger; protected $logger;
protected $eventDispatcher; protected $eventDispatcher;
public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null) public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null)
{ {
$this->securityContext = $securityContext; $this->securityContext = $securityContext;
$this->authenticationManager = $authenticationManager; $this->authenticationManager = $authenticationManager;

6
src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php
View File

@ -11,7 +11,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\EventDispatcher\EventInterface;
@ -29,7 +29,7 @@ class AnonymousAuthenticationListener implements ListenerInterface
protected $key; protected $key;
protected $logger; protected $logger;
public function __construct(SecurityContext $context, $key, LoggerInterface $logger = null) public function __construct(SecurityContextInterface $context, $key, LoggerInterface $logger = null)
{ {
$this->context = $context; $this->context = $context;
$this->key = $key; $this->key = $key;
@ -47,7 +47,7 @@ class AnonymousAuthenticationListener implements ListenerInterface
{ {
$dispatcher->connect('core.security', array($this, 'handle'), 0); $dispatcher->connect('core.security', array($this, 'handle'), 0);
} }
/** /**
* {@inheritDoc} * {@inheritDoc}
*/ */

4
src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php
View File

@ -11,7 +11,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
@ -34,7 +34,7 @@ class BasicAuthenticationListener implements ListenerInterface
protected $logger; protected $logger;
protected $ignoreFailure; protected $ignoreFailure;
public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null) public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null)
{ {
if (empty($providerKey)) { if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.'); throw new \InvalidArgumentException('$providerKey must not be empty.');

4
src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php
View File

@ -11,7 +11,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
@ -38,7 +38,7 @@ class DigestAuthenticationListener implements ListenerInterface
protected $authenticationEntryPoint; protected $authenticationEntryPoint;
protected $logger; protected $logger;
public function __construct(SecurityContext $securityContext, UserProviderInterface $provider, $providerKey, DigestAuthenticationEntryPoint $authenticationEntryPoint, LoggerInterface $logger = null) public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, $providerKey, DigestAuthenticationEntryPoint $authenticationEntryPoint, LoggerInterface $logger = null)
{ {
if (empty($providerKey)) { if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.'); throw new \InvalidArgumentException('$providerKey must not be empty.');

4
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View File

@ -13,7 +13,7 @@ namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
@ -41,7 +41,7 @@ class ExceptionListener implements ListenerInterface
protected $errorPage; protected $errorPage;
protected $logger; protected $logger;
public function __construct(SecurityContext $context, AuthenticationTrustResolverInterface $trustResolver, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null) public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null)
{ {
$this->context = $context; $this->context = $context;
$this->accessDeniedHandler = $accessDeniedHandler; $this->accessDeniedHandler = $accessDeniedHandler;

6
src/Symfony/Component/Security/Http/Firewall/LogoutListener.php
View File

@ -12,7 +12,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface; use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\EventDispatcher\EventInterface;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
@ -32,11 +32,11 @@ class LogoutListener implements ListenerInterface
/** /**
* Constructor * Constructor
* *
* @param SecurityContext $securityContext * @param SecurityContextInterface $securityContext
* @param string $logoutPath The path that starts the logout process * @param string $logoutPath The path that starts the logout process
* @param string $targetUrl The URL to redirect to after logout * @param string $targetUrl The URL to redirect to after logout
*/ */
public function __construct(SecurityContext $securityContext, $logoutPath, $targetUrl = '/') public function __construct(SecurityContextInterface $securityContext, $logoutPath, $targetUrl = '/')
{ {
$this->securityContext = $securityContext; $this->securityContext = $securityContext;
$this->logoutPath = $logoutPath; $this->logoutPath = $logoutPath;

4
src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
View File

@ -12,7 +12,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\EventDispatcher\Event; use Symfony\Component\EventDispatcher\Event;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\AccountCheckerInterface; use Symfony\Component\Security\Core\User\AccountCheckerInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
@ -48,7 +48,7 @@ class SwitchUserListener implements ListenerInterface
/** /**
* Constructor. * Constructor.
*/ */
public function __construct(SecurityContext $securityContext, UserProviderInterface $provider, AccountCheckerInterface $accountChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH') public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, AccountCheckerInterface $accountChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH')
{ {
if (empty($providerKey)) { if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.'); throw new \InvalidArgumentException('$providerKey must not be empty.');

4
src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php
View File

@ -11,7 +11,7 @@
namespace Symfony\Component\Security\Http\Firewall; namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
@ -27,7 +27,7 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener
protected $userKey; protected $userKey;
protected $credentialKey; protected $credentialKey;
public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null) public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null)
{ {
parent::__construct($securityContext, $authenticationManager, $providerKey, $logger); parent::__construct($securityContext, $authenticationManager, $providerKey, $logger);

35
tests/Symfony/Tests/Component/Security/Core/SecurityContextTest.php
View File

@ -16,18 +16,6 @@ use Symfony\Component\Security\Core\SecurityContext;
class SecurityContextTest extends \PHPUnit_Framework_TestCase class SecurityContextTest extends \PHPUnit_Framework_TestCase
{ {
public function testGetUser()
{
$context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'));
$this->assertNull($context->getUser());
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
$token->expects($this->once())->method('getUser')->will($this->returnValue('foo'));
$context->setToken($token);
$this->assertEquals('foo', $context->getUser());
}
public function testVoteAuthenticatesTokenIfNecessary() public function testVoteAuthenticatesTokenIfNecessary()
{ {
$authManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); $authManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
@ -53,13 +41,21 @@ class SecurityContextTest extends \PHPUnit_Framework_TestCase
$this->assertSame($newToken, $context->getToken()); $this->assertSame($newToken, $context->getToken());
} }
/**
* @expectedException Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
*/
public function testVoteWithoutAuthenticationToken()
{
$context = new SecurityContext(
$this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'),
$this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface')
);
$context->vote('ROLE_FOO');
}
public function testVote() public function testVote()
{ {
$context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'));
$this->assertFalse($context->vote('ROLE_FOO'));
$context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'));
$this->assertFalse($context->vote('ROLE_FOO'));
$manager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); $manager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface');
$manager->expects($this->once())->method('decide')->will($this->returnValue(false)); $manager->expects($this->once())->method('decide')->will($this->returnValue(false));
$context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), $manager); $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), $manager);
@ -85,7 +81,10 @@ class SecurityContextTest extends \PHPUnit_Framework_TestCase
public function testGetSetToken() public function testGetSetToken()
{ {
$context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')); $context = new SecurityContext(
$this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'),
$this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface')
);
$this->assertNull($context->getToken()); $this->assertNull($context->getToken());
$context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'));