diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing

This commit is contained in:
Issei.M 2015-02-07 21:55:43 +09:00
parent 620a3d4c69
commit 729902a33f
2 changed files with 53 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php
View File

@ -67,17 +67,9 @@ class InMemoryUserProvider implements UserProviderInterface
*/ */
public function loadUserByUsername($username) public function loadUserByUsername($username)
{ {
if (!isset($this->users[strtolower($username)])) { $user = $this->getUser($username);
$ex = new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
$ex->setUsername($username);
throw $ex; return new User($user->getUsername(), $user->getPassword(), $user->getRoles(), $user->isEnabled(), $user->isAccountNonExpired(), $user->isCredentialsNonExpired(), $user->isAccountNonLocked());
}
$user = $this->users[strtolower($username)];
return new User($user->getUsername(), $user->getPassword(), $user->getRoles(), $user->isEnabled(), $user->isAccountNonExpired(),
$user->isCredentialsNonExpired(), $user->isAccountNonLocked());
} }
/** /**
@ -89,7 +81,9 @@ class InMemoryUserProvider implements UserProviderInterface
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
} }
return $this->loadUserByUsername($user->getUsername()); $storedUser = $this->getUser($user->getUsername());
return new User($storedUser->getUsername(), $storedUser->getPassword(), $storedUser->getRoles(), $storedUser->isEnabled(), $storedUser->isAccountNonExpired(), $storedUser->isCredentialsNonExpired() && $storedUser->getPassword() === $user->getPassword(), $storedUser->isAccountNonLocked());
} }
/** /**
@ -99,4 +93,25 @@ class InMemoryUserProvider implements UserProviderInterface
{ {
return $class === 'Symfony\Component\Security\Core\User\User'; return $class === 'Symfony\Component\Security\Core\User\User';
} }
/**
* Returns the user by given username.
*
* @param string $username The username.
*
* @return User
*
* @throws UsernameNotFoundException If user whose given username does not exist.
*/
private function getUser($username)
{
if (!isset($this->users[strtolower($username)])) {
$ex = new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
$ex->setUsername($username);
throw $ex;
}
return $this->users[strtolower($username)];
}
} }

33
src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php
View File

@ -18,18 +18,39 @@ class InMemoryUserProviderTest extends \PHPUnit_Framework_TestCase
{ {
public function testConstructor() public function testConstructor()
{ {
$provider = new InMemoryUserProvider(array( $provider = $this->createProvider();
$user = $provider->loadUserByUsername('fabien');
$this->assertEquals('foo', $user->getPassword());
$this->assertEquals(array('ROLE_USER'), $user->getRoles());
$this->assertFalse($user->isEnabled());
}
public function testRefresh()
{
$user = new User('fabien', 'bar');
$provider = $this->createProvider();
$refreshedUser = $provider->refreshUser($user);
$this->assertEquals('foo', $refreshedUser->getPassword());
$this->assertEquals(array('ROLE_USER'), $refreshedUser->getRoles());
$this->assertFalse($refreshedUser->isEnabled());
$this->assertFalse($refreshedUser->isCredentialsNonExpired());
}
/**
* @return InMemoryUserProvider
*/
protected function createProvider()
{
return new InMemoryUserProvider(array(
'fabien' => array( 'fabien' => array(
'password' => 'foo', 'password' => 'foo',
'enabled' => false, 'enabled' => false,
'roles' => array('ROLE_USER'), 'roles' => array('ROLE_USER'),
), ),
)); ));
$user = $provider->loadUserByUsername('fabien');
$this->assertEquals('foo', $user->getPassword());
$this->assertEquals(array('ROLE_USER'), $user->getRoles());
$this->assertFalse($user->isEnabled());
} }
public function testCreateUser() public function testCreateUser()