Merge remote branch 'schmittjoh/security'
* schmittjoh/security: [Security/Core] force implementations to accept null values [Security/Acl] some misc fixes [Security/Acl] removed Doctrine dependency from interfaces and moved them to the actual implementation [SecurityBundle] changed expected value for token_provider key in the rememberme section
This commit is contained in:
Fabien Potencier
commit
ace5e26406
@ -21,6 +21,9 @@ PR12 to PR13
|
||||
|
||||
$container->removeDefinition('my_definition');
|
||||
$definition->replaceArgument(0, 'foo');
|
||||
|
||||
* In the rememberme configuration, the token_provider key now expects a real
|
||||
service id instead of only a suffix.
|
||||
|
||||
PR11 to PR12
|
||||
------------
|
||||
|
||||
@ -35,9 +35,6 @@ class RememberMeFactory implements SecurityFactoryInterface
|
||||
|
||||
// remember me services
|
||||
if (isset($config['token_provider'])) {
|
||||
$config['token-provider'] = $config['token_provider'];
|
||||
}
|
||||
if (isset($config['token-provider'])) {
|
||||
$templateId = 'security.authentication.rememberme.services.persistent';
|
||||
$rememberMeServicesId = $templateId.'.'.$id;
|
||||
} else {
|
||||
@ -56,10 +53,9 @@ class RememberMeFactory implements SecurityFactoryInterface
|
||||
$rememberMeServices->replaceArgument(1, $config['key']);
|
||||
$rememberMeServices->replaceArgument(2, $id);
|
||||
|
||||
if (isset($config['token-provider'])) {
|
||||
// FIXME: make the naming assumption more flexible
|
||||
if (isset($config['token_provider'])) {
|
||||
$rememberMeServices->addMethodCall('setTokenProvider', array(
|
||||
new Reference('security.rememberme.token.provider.'.$config['token-provider'])
|
||||
new Reference($config['token_provider'])
|
||||
));
|
||||
}
|
||||
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
|
||||
namespace Symfony\Component\Security\Acl\Domain;
|
||||
|
||||
use Doctrine\Common\NotifyPropertyChanged;
|
||||
use Doctrine\Common\PropertyChangedListener;
|
||||
use Symfony\Component\Security\Acl\Model\AclInterface;
|
||||
use Symfony\Component\Security\Acl\Model\AuditableAclInterface;
|
||||
@ -33,7 +34,7 @@ use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
class Acl implements AuditableAclInterface
|
||||
class Acl implements AuditableAclInterface, NotifyPropertyChanged
|
||||
{
|
||||
private $parentAcl;
|
||||
private $permissionGrantingStrategy;
|
||||
|
||||
@ -12,7 +12,7 @@
|
||||
namespace Symfony\Component\Security\Acl\Domain;
|
||||
|
||||
use Symfony\Component\Security\Acl\Model\AclInterface;
|
||||
use Symfony\Component\Security\Acl\Model\FieldAwareEntryInterface;
|
||||
use Symfony\Component\Security\Acl\Model\FieldEntryInterface;
|
||||
use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
|
||||
|
||||
/**
|
||||
@ -20,7 +20,7 @@ use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
class FieldEntry extends Entry implements FieldAwareEntryInterface
|
||||
class FieldEntry extends Entry implements FieldEntryInterface
|
||||
{
|
||||
private $field;
|
||||
|
||||
|
||||
@ -30,16 +30,8 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
const ALL = 'all';
|
||||
const ANY = 'any';
|
||||
|
||||
private static $noAceException;
|
||||
private $auditLogger;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
if (null === static::$noAceException) {
|
||||
static::$noAceException = new NoAceFoundException('No ACE.');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the audit logger
|
||||
*
|
||||
@ -61,7 +53,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
$aces = $acl->getObjectAces();
|
||||
|
||||
if (!$aces) {
|
||||
throw static::$noAceException;
|
||||
throw new NoAceFoundException();
|
||||
}
|
||||
|
||||
return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
|
||||
@ -69,7 +61,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
$aces = $acl->getClassAces();
|
||||
|
||||
if (!$aces) {
|
||||
throw static::$noAceException;
|
||||
throw $noObjectAce;
|
||||
}
|
||||
|
||||
return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
|
||||
@ -79,7 +71,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
return $parentAcl->isGranted($masks, $sids, $administrativeMode);
|
||||
}
|
||||
|
||||
throw new NoAceFoundException('No applicable ACE was found.');
|
||||
throw $noClassAce;
|
||||
}
|
||||
}
|
||||
|
||||
@ -92,14 +84,14 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
try {
|
||||
$aces = $acl->getObjectFieldAces($field);
|
||||
if (!$aces) {
|
||||
throw static::$noAceException;
|
||||
throw new NoAceFoundException();
|
||||
}
|
||||
|
||||
return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
|
||||
} catch (NoAceFoundException $noObjectAces) {
|
||||
$aces = $acl->getClassFieldAces($field);
|
||||
if (!$aces) {
|
||||
throw static::$noAceException;
|
||||
throw $noObjectAces;
|
||||
}
|
||||
|
||||
return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
|
||||
@ -109,7 +101,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
return $parentAcl->isFieldGranted($field, $masks, $sids, $administrativeMode);
|
||||
}
|
||||
|
||||
throw new NoAceFoundException('No applicable ACE was found.');
|
||||
throw $noClassAces;
|
||||
}
|
||||
}
|
||||
|
||||
@ -177,7 +169,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface
|
||||
return false;
|
||||
}
|
||||
|
||||
throw static::$noAceException;
|
||||
throw new NoAceFoundException();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -19,4 +19,8 @@ namespace Symfony\Component\Security\Acl\Exception;
|
||||
*/
|
||||
class NoAceFoundException extends Exception
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
parent::__construct('No applicable ACE was found.');
|
||||
}
|
||||
}
|
||||
@ -16,7 +16,7 @@ namespace Symfony\Component\Security\Acl\Model;
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
interface FieldAwareEntryInterface
|
||||
interface FieldEntryInterface extends EntryInterface
|
||||
{
|
||||
/**
|
||||
* Returns the field used for this entry.
|
||||
@ -11,8 +11,6 @@
|
||||
|
||||
namespace Symfony\Component\Security\Acl\Model;
|
||||
|
||||
use Doctrine\Common\NotifyPropertyChanged;
|
||||
|
||||
/**
|
||||
* This interface adds mutators for the AclInterface.
|
||||
*
|
||||
@ -21,7 +19,7 @@ use Doctrine\Common\NotifyPropertyChanged;
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
interface MutableAclInterface extends AclInterface, NotifyPropertyChanged
|
||||
interface MutableAclInterface extends AclInterface
|
||||
{
|
||||
/**
|
||||
* Deletes a class-based ACE
|
||||
|
||||
@ -28,7 +28,7 @@ interface SecurityContextInterface
|
||||
* @param TokenInterface $token
|
||||
* @return void
|
||||
*/
|
||||
function setToken(TokenInterface $token);
|
||||
function setToken(TokenInterface $token = null);
|
||||
|
||||
/**
|
||||
* Checks if the attributes are granted against the current authentication token and optionally supplied object.
|
||||
|
||||
Reference in New Issue
Block a user