[SecurityBundle] Refactored the configuration
The configuration is now cleaner by avoiding using prototyped nodes
as additional keys. This is a BC break for existing providers.
- MemoryProvider:
security:
providers:
my_provider:
memory: # this level has been added
users:
# ...
- ChainProvider:
security:
providers:
my_provider:
chain: # This level has been added
providers:
# ...
This commit is contained in:
Christophe Coevoet
parent
633f0e9d77
commit
b107a3fdf0
@ -40,11 +40,6 @@ class EntityFactory implements UserProviderFactoryInterface
|
|||||||
return 'entity';
|
return 'entity';
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getFixableKey()
|
|
||||||
{
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function addConfiguration(NodeDefinition $node)
|
public function addConfiguration(NodeDefinition $node)
|
||||||
{
|
{
|
||||||
$node
|
$node
|
||||||
|
|||||||
@ -301,29 +301,26 @@ class MainConfiguration implements ConfigurationInterface
|
|||||||
->prototype('array')
|
->prototype('array')
|
||||||
;
|
;
|
||||||
|
|
||||||
/** @var $providerNodeBuilder \Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition */
|
|
||||||
$providerNodeBuilder
|
$providerNodeBuilder
|
||||||
->children()
|
->children()
|
||||||
->scalarNode('id')->end()
|
->scalarNode('id')->end()
|
||||||
->end()
|
->arrayNode('chain')
|
||||||
->fixXmlConfig('provider')
|
->fixXmlConfig('provider')
|
||||||
->children()
|
->children()
|
||||||
->arrayNode('providers')
|
->arrayNode('providers')
|
||||||
->beforeNormalization()
|
->beforeNormalization()
|
||||||
->ifString()
|
->ifString()
|
||||||
->then(function($v) { return preg_split('/\s*,\s*/', $v); })
|
->then(function($v) { return preg_split('/\s*,\s*/', $v); })
|
||||||
|
->end()
|
||||||
|
->prototype('scalar')->end()
|
||||||
|
->end()
|
||||||
->end()
|
->end()
|
||||||
->prototype('scalar')->end()
|
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
;
|
;
|
||||||
|
|
||||||
/** @var $factory \Symfony\Bundle\SecurityBundle\DependencyInjection\Security\UserProvider\UserProviderFactoryInterface */
|
|
||||||
foreach ($this->userProviderFactories as $factory) {
|
foreach ($this->userProviderFactories as $factory) {
|
||||||
$name = str_replace('-', '_', $factory->getKey());
|
$name = str_replace('-', '_', $factory->getKey());
|
||||||
if (null !== $factory->getFixableKey()) {
|
|
||||||
$providerNodeBuilder->fixXmlConfig($factory->getFixableKey(), $name);
|
|
||||||
}
|
|
||||||
$factoryNode = $providerNodeBuilder->children()->arrayNode($name)->canBeUnset();
|
$factoryNode = $providerNodeBuilder->children()->arrayNode($name)->canBeUnset();
|
||||||
|
|
||||||
$factory->addConfiguration($factoryNode);
|
$factory->addConfiguration($factoryNode);
|
||||||
|
|||||||
@ -29,8 +29,7 @@ class InMemoryFactory implements UserProviderFactoryInterface
|
|||||||
{
|
{
|
||||||
$definition = $container->setDefinition($id, new DefinitionDecorator('security.user.provider.in_memory'));
|
$definition = $container->setDefinition($id, new DefinitionDecorator('security.user.provider.in_memory'));
|
||||||
|
|
||||||
|
foreach ($config['users'] as $username => $user) {
|
||||||
foreach ($config as $username => $user) {
|
|
||||||
$userId = $id.'_'.$username;
|
$userId = $id.'_'.$username;
|
||||||
|
|
||||||
$container
|
$container
|
||||||
@ -44,24 +43,24 @@ class InMemoryFactory implements UserProviderFactoryInterface
|
|||||||
|
|
||||||
public function getKey()
|
public function getKey()
|
||||||
{
|
{
|
||||||
return 'users';
|
return 'memory';
|
||||||
}
|
|
||||||
|
|
||||||
public function getFixableKey()
|
|
||||||
{
|
|
||||||
return 'user';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function addConfiguration(NodeDefinition $node)
|
public function addConfiguration(NodeDefinition $node)
|
||||||
{
|
{
|
||||||
$node
|
$node
|
||||||
->useAttributeAsKey('name')
|
->fixXmlConfig('user')
|
||||||
->prototype('array')
|
->children()
|
||||||
->children()
|
->arrayNode('users')
|
||||||
->scalarNode('password')->defaultValue(uniqid())->end()
|
->useAttributeAsKey('name')
|
||||||
->arrayNode('roles')
|
->prototype('array')
|
||||||
->beforeNormalization()->ifString()->then(function($v) { return preg_split('/\s*,\s*/', $v); })->end()
|
->children()
|
||||||
->prototype('scalar')->end()
|
->scalarNode('password')->defaultValue(uniqid())->end()
|
||||||
|
->arrayNode('roles')
|
||||||
|
->beforeNormalization()->ifString()->then(function($v) { return preg_split('/\s*,\s*/', $v); })->end()
|
||||||
|
->prototype('scalar')->end()
|
||||||
|
->end()
|
||||||
|
->end()
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
|
|||||||
@ -26,7 +26,5 @@ interface UserProviderFactoryInterface
|
|||||||
|
|
||||||
function getKey();
|
function getKey();
|
||||||
|
|
||||||
function getFixableKey();
|
|
||||||
|
|
||||||
function addConfiguration(NodeDefinition $builder);
|
function addConfiguration(NodeDefinition $builder);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -472,9 +472,9 @@ class SecurityExtension extends Extension
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Chain provider
|
// Chain provider
|
||||||
if ($provider['providers']) {
|
if (isset($provider['chain'])) {
|
||||||
$providers = array();
|
$providers = array();
|
||||||
foreach ($provider['providers'] as $providerName) {
|
foreach ($provider['chain']['providers'] as $providerName) {
|
||||||
$providers[] = new Reference($this->getUserProviderId(strtolower($providerName)));
|
$providers[] = new Reference($this->getUserProviderId(strtolower($providerName)));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -18,26 +18,34 @@ $container->loadFromExtension('security', array(
|
|||||||
),
|
),
|
||||||
'providers' => array(
|
'providers' => array(
|
||||||
'default' => array(
|
'default' => array(
|
||||||
'users' => array(
|
'memory' => array(
|
||||||
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
|
'users' => array(
|
||||||
|
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
'digest' => array(
|
'digest' => array(
|
||||||
'users' => array(
|
'memory' => array(
|
||||||
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER, ROLE_ADMIN'),
|
'users' => array(
|
||||||
|
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER, ROLE_ADMIN'),
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
'basic' => array(
|
'basic' => array(
|
||||||
'users' => array(
|
'memory' => array(
|
||||||
'foo' => array('password' => '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33', 'roles' => 'ROLE_SUPER_ADMIN'),
|
'users' => array(
|
||||||
'bar' => array('password' => '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33', 'roles' => array('ROLE_USER', 'ROLE_ADMIN')),
|
'foo' => array('password' => '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33', 'roles' => 'ROLE_SUPER_ADMIN'),
|
||||||
|
'bar' => array('password' => '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33', 'roles' => array('ROLE_USER', 'ROLE_ADMIN')),
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
'service' => array(
|
'service' => array(
|
||||||
'id' => 'user.manager',
|
'id' => 'user.manager',
|
||||||
),
|
),
|
||||||
'chain' => array(
|
'chain' => array(
|
||||||
'providers' => array('service', 'basic'),
|
'chain' => array(
|
||||||
|
'providers' => array('service', 'basic'),
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
|
||||||
|
|||||||
@ -17,21 +17,29 @@
|
|||||||
<encoder class="JMS\FooBundle\Entity\User4" id="security.encoder.foo" />
|
<encoder class="JMS\FooBundle\Entity\User4" id="security.encoder.foo" />
|
||||||
|
|
||||||
<provider name="default">
|
<provider name="default">
|
||||||
<user name="foo" password="foo" roles="ROLE_USER" />
|
<memory>
|
||||||
|
<user name="foo" password="foo" roles="ROLE_USER" />
|
||||||
|
</memory>
|
||||||
</provider>
|
</provider>
|
||||||
|
|
||||||
<provider name="digest">
|
<provider name="digest">
|
||||||
<user name="foo" password="foo" roles="ROLE_USER, ROLE_ADMIN" />
|
<memory>
|
||||||
|
<user name="foo" password="foo" roles="ROLE_USER, ROLE_ADMIN" />
|
||||||
|
</memory>
|
||||||
</provider>
|
</provider>
|
||||||
|
|
||||||
<provider name="basic">
|
<provider name="basic">
|
||||||
<user name="foo" password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33" roles="ROLE_SUPER_ADMIN" />
|
<memory>
|
||||||
<user name="bar" password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33" roles="ROLE_USER, ROLE_ADMIN" />
|
<user name="foo" password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33" roles="ROLE_SUPER_ADMIN" />
|
||||||
|
<user name="bar" password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33" roles="ROLE_USER, ROLE_ADMIN" />
|
||||||
|
</memory>
|
||||||
</provider>
|
</provider>
|
||||||
|
|
||||||
<provider name="service" id="user.manager" />
|
<provider name="service" id="user.manager" />
|
||||||
|
|
||||||
<provider name="chain" providers="service, basic" />
|
<provider name="chain">
|
||||||
|
<chain providers="service, basic" />
|
||||||
|
</provider>
|
||||||
|
|
||||||
<firewall name="simple" pattern="/login" security="false" />
|
<firewall name="simple" pattern="/login" security="false" />
|
||||||
|
|
||||||
|
|||||||
@ -13,19 +13,23 @@ security:
|
|||||||
|
|
||||||
providers:
|
providers:
|
||||||
default:
|
default:
|
||||||
users:
|
memory:
|
||||||
foo: { password: foo, roles: ROLE_USER }
|
users:
|
||||||
|
foo: { password: foo, roles: ROLE_USER }
|
||||||
digest:
|
digest:
|
||||||
users:
|
memory:
|
||||||
foo: { password: foo, roles: 'ROLE_USER, ROLE_ADMIN' }
|
users:
|
||||||
|
foo: { password: foo, roles: 'ROLE_USER, ROLE_ADMIN' }
|
||||||
basic:
|
basic:
|
||||||
users:
|
memory:
|
||||||
foo: { password: 0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33, roles: ROLE_SUPER_ADMIN }
|
users:
|
||||||
bar: { password: 0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33, roles: [ROLE_USER, ROLE_ADMIN] }
|
foo: { password: 0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33, roles: ROLE_SUPER_ADMIN }
|
||||||
|
bar: { password: 0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33, roles: [ROLE_USER, ROLE_ADMIN] }
|
||||||
service:
|
service:
|
||||||
id: user.manager
|
id: user.manager
|
||||||
chain:
|
chain:
|
||||||
providers: [service, basic]
|
chain:
|
||||||
|
providers: [service, basic]
|
||||||
|
|
||||||
|
|
||||||
firewalls:
|
firewalls:
|
||||||
|
|||||||
Reference in New Issue
Block a user