feature #25588 Move SecurityUserValueResolver to security-http (chalasr)
This PR was merged into the 4.1-dev branch.
Discussion
----------
Move SecurityUserValueResolver to security-http
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
30a07e7753 Move SecurityUserValueResolver to security-http
This commit is contained in:
Fabien Potencier
commit
8c33cd45cb
@ -18,6 +18,8 @@ SecurityBundle
|
||||
--------------
|
||||
|
||||
* The `logout_on_user_change` firewall option is deprecated and will be removed in 5.0.
|
||||
* The `SecurityUserValueResolver` class is deprecated and will be removed in 5.0, use
|
||||
`Symfony\Component\Security\Http\Controller\UserValueResolver` instead.
|
||||
|
||||
Translation
|
||||
-----------
|
||||
|
||||
@ -17,6 +17,7 @@ SecurityBundle
|
||||
--------------
|
||||
|
||||
* The `logout_on_user_change` firewall option has been removed.
|
||||
* The `SecurityUserValueResolver` class has been removed.
|
||||
|
||||
Translation
|
||||
-----------
|
||||
|
||||
@ -5,6 +5,8 @@ CHANGELOG
|
||||
-----
|
||||
|
||||
* The `logout_on_user_change` firewall option is deprecated and will be removed in 5.0.
|
||||
* deprecated `SecurityUserValueResolver`, use
|
||||
`Symfony\Component\Security\Http\Controller\UserValueResolver` instead.
|
||||
|
||||
4.0.0
|
||||
-----
|
||||
|
||||
@ -13,6 +13,7 @@ namespace Symfony\Bundle\SecurityBundle\DependencyInjection;
|
||||
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface;
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\UserProvider\UserProviderFactoryInterface;
|
||||
use Symfony\Bundle\SecurityBundle\SecurityUserValueResolver;
|
||||
use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException;
|
||||
use Symfony\Component\Console\Application;
|
||||
use Symfony\Component\DependencyInjection\Alias;
|
||||
@ -27,6 +28,7 @@ use Symfony\Component\Config\FileLocator;
|
||||
use Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
|
||||
use Symfony\Component\Security\Core\Encoder\Argon2iPasswordEncoder;
|
||||
use Symfony\Component\Security\Http\Controller\UserValueResolver;
|
||||
|
||||
/**
|
||||
* SecurityExtension.
|
||||
@ -111,6 +113,10 @@ class SecurityExtension extends Extension
|
||||
$container->getDefinition('security.command.user_password_encoder')->replaceArgument(1, array_keys($config['encoders']));
|
||||
}
|
||||
|
||||
if (!class_exists(UserValueResolver::class)) {
|
||||
$container->getDefinition('security.user_value_resolver')->setClass(SecurityUserValueResolver::class);
|
||||
}
|
||||
|
||||
$container->registerForAutoconfiguration(VoterInterface::class)
|
||||
->addTag('security.voter');
|
||||
}
|
||||
|
||||
@ -39,7 +39,7 @@
|
||||
</service>
|
||||
<service id="Symfony\Component\Security\Core\Security" alias="security.helper" />
|
||||
|
||||
<service id="security.user_value_resolver" class="Symfony\Bundle\SecurityBundle\SecurityUserValueResolver">
|
||||
<service id="security.user_value_resolver" class="Symfony\Component\Security\Http\Controller\UserValueResolver">
|
||||
<argument type="service" id="security.token_storage" />
|
||||
<tag name="controller.argument_value_resolver" priority="40" />
|
||||
</service>
|
||||
|
||||
@ -17,11 +17,16 @@ use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Http\Controller\UserValueResolver;
|
||||
|
||||
@trigger_error(sprintf('The "%s" class is deprecated since version 4.1 and will be removed in 5.0, use "%s" instead.', SecurityUserValueResolver::class, UserValueResolver::class), E_USER_DEPRECATED);
|
||||
|
||||
/**
|
||||
* Supports the argument type of {@see UserInterface}.
|
||||
*
|
||||
* @author Iltar van der Berg <kjarli@gmail.com>
|
||||
*
|
||||
* @deprecated since version 4.1, to be removed in 5.0. Use {@link UserValueResolver} instead
|
||||
*/
|
||||
final class SecurityUserValueResolver implements ArgumentValueResolverInterface
|
||||
{
|
||||
|
||||
@ -21,6 +21,9 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
*/
|
||||
class SecurityUserValueResolverTest extends TestCase
|
||||
{
|
||||
public function testResolveNoToken()
|
||||
|
||||
@ -5,6 +5,7 @@ CHANGELOG
|
||||
-----
|
||||
|
||||
* The `ContextListener::setLogoutOnUserChange()` method is deprecated and will be removed in 5.0.
|
||||
* added `UserValueResolver`.
|
||||
|
||||
4.0.0
|
||||
-----
|
||||
|
||||
@ -0,0 +1,57 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Controller;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;
|
||||
use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
|
||||
/**
|
||||
* Supports the argument type of {@see UserInterface}.
|
||||
*
|
||||
* @author Iltar van der Berg <kjarli@gmail.com>
|
||||
*/
|
||||
final class UserValueResolver implements ArgumentValueResolverInterface
|
||||
{
|
||||
private $tokenStorage;
|
||||
|
||||
public function __construct(TokenStorageInterface $tokenStorage)
|
||||
{
|
||||
$this->tokenStorage = $tokenStorage;
|
||||
}
|
||||
|
||||
public function supports(Request $request, ArgumentMetadata $argument)
|
||||
{
|
||||
// only security user implementations are supported
|
||||
if (UserInterface::class !== $argument->getType()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$token = $this->tokenStorage->getToken();
|
||||
if (!$token instanceof TokenInterface) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$user = $token->getUser();
|
||||
|
||||
// in case it's not an object we cannot do anything with it; E.g. "anon."
|
||||
return $user instanceof UserInterface;
|
||||
}
|
||||
|
||||
public function resolve(Request $request, ArgumentMetadata $argument)
|
||||
{
|
||||
yield $this->tokenStorage->getToken()->getUser();
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,101 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Tests\Controller;
|
||||
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpKernel\Controller\ArgumentResolver;
|
||||
use Symfony\Component\HttpKernel\Controller\ArgumentResolver\DefaultValueResolver;
|
||||
use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Http\Controller\UserValueResolver;
|
||||
|
||||
class UserValueResolverTest extends TestCase
|
||||
{
|
||||
public function testResolveNoToken()
|
||||
{
|
||||
$tokenStorage = new TokenStorage();
|
||||
$resolver = new UserValueResolver($tokenStorage);
|
||||
$metadata = new ArgumentMetadata('foo', UserInterface::class, false, false, null);
|
||||
|
||||
$this->assertFalse($resolver->supports(Request::create('/'), $metadata));
|
||||
}
|
||||
|
||||
public function testResolveNoUser()
|
||||
{
|
||||
$mock = $this->getMockBuilder(UserInterface::class)->getMock();
|
||||
$token = $this->getMockBuilder(TokenInterface::class)->getMock();
|
||||
$tokenStorage = new TokenStorage();
|
||||
$tokenStorage->setToken($token);
|
||||
|
||||
$resolver = new UserValueResolver($tokenStorage);
|
||||
$metadata = new ArgumentMetadata('foo', get_class($mock), false, false, null);
|
||||
|
||||
$this->assertFalse($resolver->supports(Request::create('/'), $metadata));
|
||||
}
|
||||
|
||||
public function testResolveWrongType()
|
||||
{
|
||||
$tokenStorage = new TokenStorage();
|
||||
$resolver = new UserValueResolver($tokenStorage);
|
||||
$metadata = new ArgumentMetadata('foo', null, false, false, null);
|
||||
|
||||
$this->assertFalse($resolver->supports(Request::create('/'), $metadata));
|
||||
}
|
||||
|
||||
public function testResolve()
|
||||
{
|
||||
$user = $this->getMockBuilder(UserInterface::class)->getMock();
|
||||
$token = $this->getMockBuilder(TokenInterface::class)->getMock();
|
||||
$token->expects($this->any())->method('getUser')->willReturn($user);
|
||||
$tokenStorage = new TokenStorage();
|
||||
$tokenStorage->setToken($token);
|
||||
|
||||
$resolver = new UserValueResolver($tokenStorage);
|
||||
$metadata = new ArgumentMetadata('foo', UserInterface::class, false, false, null);
|
||||
|
||||
$this->assertTrue($resolver->supports(Request::create('/'), $metadata));
|
||||
$this->assertSame(array($user), iterator_to_array($resolver->resolve(Request::create('/'), $metadata)));
|
||||
}
|
||||
|
||||
public function testIntegration()
|
||||
{
|
||||
$user = $this->getMockBuilder(UserInterface::class)->getMock();
|
||||
$token = $this->getMockBuilder(TokenInterface::class)->getMock();
|
||||
$token->expects($this->any())->method('getUser')->willReturn($user);
|
||||
$tokenStorage = new TokenStorage();
|
||||
$tokenStorage->setToken($token);
|
||||
|
||||
$argumentResolver = new ArgumentResolver(null, array(new UserValueResolver($tokenStorage)));
|
||||
$this->assertSame(array($user), $argumentResolver->getArguments(Request::create('/'), function (UserInterface $user) {}));
|
||||
}
|
||||
|
||||
public function testIntegrationNoUser()
|
||||
{
|
||||
$token = $this->getMockBuilder(TokenInterface::class)->getMock();
|
||||
$tokenStorage = new TokenStorage();
|
||||
$tokenStorage->setToken($token);
|
||||
|
||||
$argumentResolver = new ArgumentResolver(null, array(new UserValueResolver($tokenStorage), new DefaultValueResolver()));
|
||||
$this->assertSame(array(null), $argumentResolver->getArguments(Request::create('/'), function (UserInterface $user = null) {}));
|
||||
}
|
||||
}
|
||||
|
||||
abstract class DummyUser implements UserInterface
|
||||
{
|
||||
}
|
||||
|
||||
abstract class DummySubUser extends DummyUser
|
||||
{
|
||||
}
|
||||
Reference in New Issue
Block a user