diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] fixed pre/post authentication checks

Browse Source
This commit is contained in:
Fabien Potencier 2013-12-30 22:49:15 +01:00
parent 63d226db12
commit ada82a297a
2 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/Symfony/Component/Security/Core/User/UserChecker.php
View File

@ -32,22 +32,6 @@ class UserChecker implements UserCheckerInterface
return; return;
} }
if (!$user->isCredentialsNonExpired()) {
$ex = new CredentialsExpiredException('User credentials have expired.');
$ex->setUser($user);
throw $ex;
}
}
/**
* {@inheritdoc}
*/
public function checkPostAuth(UserInterface $user)
{
if (!$user instanceof AdvancedUserInterface) {
return;
}
if (!$user->isAccountNonLocked()) { if (!$user->isAccountNonLocked()) {
$ex = new LockedException('User account is locked.'); $ex = new LockedException('User account is locked.');
$ex->setUser($user); $ex->setUser($user);
@ -66,4 +50,20 @@ class UserChecker implements UserCheckerInterface
throw $ex; throw $ex;
} }
} }
/**
* {@inheritdoc}
*/
public function checkPostAuth(UserInterface $user)
{
if (!$user instanceof AdvancedUserInterface) {
return;
}
if (!$user->isCredentialsNonExpired()) {
$ex = new CredentialsExpiredException('User credentials have expired.');
$ex->setUser($user);
throw $ex;
}
}
} }

78
src/Symfony/Component/Security/Tests/Core/User/UserCheckerTest.php
View File

@ -15,36 +15,6 @@ use Symfony\Component\Security\Core\User\UserChecker;
class UserCheckerTest extends \PHPUnit_Framework_TestCase class UserCheckerTest extends \PHPUnit_Framework_TestCase
{ {
public function testCheckPreAuthNotAdvancedUserInterface()
{
$checker = new UserChecker();
$this->assertNull($checker->checkPreAuth($this->getMock('Symfony\Component\Security\Core\User\UserInterface')));
}
public function testCheckPreAuthPass()
{
$checker = new UserChecker();
$account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface');
$account->expects($this->once())->method('isCredentialsNonExpired')->will($this->returnValue(true));
$this->assertNull($checker->checkPreAuth($account));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException
*/
public function testCheckPreAuthCredentialsExpired()
{
$checker = new UserChecker();
$account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface');
$account->expects($this->once())->method('isCredentialsNonExpired')->will($this->returnValue(false));
$checker->checkPreAuth($account);
}
public function testCheckPostAuthNotAdvancedUserInterface() public function testCheckPostAuthNotAdvancedUserInterface()
{ {
$checker = new UserChecker(); $checker = new UserChecker();
@ -57,30 +27,60 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase
$checker = new UserChecker(); $checker = new UserChecker();
$account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface'); $account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface');
$account->expects($this->once())->method('isAccountNonLocked')->will($this->returnValue(true)); $account->expects($this->once())->method('isCredentialsNonExpired')->will($this->returnValue(true));
$account->expects($this->once())->method('isEnabled')->will($this->returnValue(true));
$account->expects($this->once())->method('isAccountNonExpired')->will($this->returnValue(true));
$this->assertNull($checker->checkPostAuth($account)); $this->assertNull($checker->checkPostAuth($account));
} }
/**
* @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException
*/
public function testCheckPostAuthCredentialsExpired()
{
$checker = new UserChecker();
$account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface');
$account->expects($this->once())->method('isCredentialsNonExpired')->will($this->returnValue(false));
$checker->checkPostAuth($account);
}
public function testCheckPreAuthNotAdvancedUserInterface()
{
$checker = new UserChecker();
$this->assertNull($checker->checkPreAuth($this->getMock('Symfony\Component\Security\Core\User\UserInterface')));
}
public function testCheckPreAuthPass()
{
$checker = new UserChecker();
$account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface');
$account->expects($this->once())->method('isAccountNonLocked')->will($this->returnValue(true));
$account->expects($this->once())->method('isEnabled')->will($this->returnValue(true));
$account->expects($this->once())->method('isAccountNonExpired')->will($this->returnValue(true));
$this->assertNull($checker->checkPreAuth($account));
}
/** /**
* @expectedException \Symfony\Component\Security\Core\Exception\LockedException * @expectedException \Symfony\Component\Security\Core\Exception\LockedException
*/ */
public function testCheckPostAuthAccountLocked() public function testCheckPreAuthAccountLocked()
{ {
$checker = new UserChecker(); $checker = new UserChecker();
$account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface'); $account = $this->getMock('Symfony\Component\Security\Core\User\AdvancedUserInterface');
$account->expects($this->once())->method('isAccountNonLocked')->will($this->returnValue(false)); $account->expects($this->once())->method('isAccountNonLocked')->will($this->returnValue(false));
$checker->checkPostAuth($account); $checker->checkPreAuth($account);
} }
/** /**
* @expectedException \Symfony\Component\Security\Core\Exception\DisabledException * @expectedException \Symfony\Component\Security\Core\Exception\DisabledException
*/ */
public function testCheckPostAuthDisabled() public function testCheckPreAuthDisabled()
{ {
$checker = new UserChecker(); $checker = new UserChecker();
@ -88,13 +88,13 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase
$account->expects($this->once())->method('isAccountNonLocked')->will($this->returnValue(true)); $account->expects($this->once())->method('isAccountNonLocked')->will($this->returnValue(true));
$account->expects($this->once())->method('isEnabled')->will($this->returnValue(false)); $account->expects($this->once())->method('isEnabled')->will($this->returnValue(false));
$checker->checkPostAuth($account); $checker->checkPreAuth($account);
} }
/** /**
* @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException
*/ */
public function testCheckPostAuthAccountExpired() public function testCheckPreAuthAccountExpired()
{ {
$checker = new UserChecker(); $checker = new UserChecker();
@ -103,6 +103,6 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase
$account->expects($this->once())->method('isEnabled')->will($this->returnValue(true)); $account->expects($this->once())->method('isEnabled')->will($this->returnValue(true));
$account->expects($this->once())->method('isAccountNonExpired')->will($this->returnValue(false)); $account->expects($this->once())->method('isAccountNonExpired')->will($this->returnValue(false));
$checker->checkPostAuth($account); $checker->checkPreAuth($account);
} }
} }