minor #31767 [Security] remove the deprecated AdvancedUserInterface (xabbuh)
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Security] remove the deprecated AdvancedUserInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
a47cf7e2c4
remove the deprecated AdvancedUserInterface
This commit is contained in:
commit
c5922d28fd
@ -11,6 +11,7 @@
|
||||
|
||||
namespace Symfony\Bridge\Doctrine\Tests\Security\User;
|
||||
|
||||
use Doctrine\ORM\EntityRepository;
|
||||
use Doctrine\ORM\Tools\SchemaTool;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Symfony\Bridge\Doctrine\Security\User\EntityUserProvider;
|
||||
@ -172,7 +173,7 @@ class EntityUserProviderTest extends TestCase
|
||||
*/
|
||||
public function testLoadUserByUserNameShouldDeclineInvalidInterface()
|
||||
{
|
||||
$repository = $this->getMockBuilder('\Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$repository = $this->getMockBuilder(EntityRepository::class)->disableOriginalConstructor()->getMock();
|
||||
|
||||
$provider = new EntityUserProvider(
|
||||
$this->getManager($this->getObjectManager($repository)),
|
||||
|
@ -4,6 +4,7 @@ CHANGELOG
|
||||
5.0.0
|
||||
-----
|
||||
|
||||
* Removed the `AdvancedUserInterface`, use a custom user checker instead.
|
||||
* Removed `Argon2iPasswordEncoder`, use `SodiumPasswordEncoder` instead
|
||||
* Removed `BcryptPasswordEncoder`, use `NativePasswordEncoder` instead
|
||||
* Removed the `has_role()` function from security expressions, use `is_granted()` instead.
|
||||
|
@ -12,7 +12,6 @@
|
||||
namespace Symfony\Component\Security\Core\Authentication\Token;
|
||||
|
||||
use Symfony\Component\Security\Core\Role\Role;
|
||||
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
|
||||
use Symfony\Component\Security\Core\User\EquatableInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
|
||||
@ -321,29 +320,6 @@ abstract class AbstractToken implements TokenInterface
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($this->user instanceof AdvancedUserInterface && $user instanceof AdvancedUserInterface) {
|
||||
@trigger_error(sprintf('Checking for the AdvancedUserInterface in "%s()" is deprecated since Symfony 4.1 and support for it will be removed in 5.0. Implement the %s to check if the user has been changed,', __METHOD__, EquatableInterface::class), E_USER_DEPRECATED);
|
||||
if ($this->user->isAccountNonExpired() !== $user->isAccountNonExpired()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($this->user->isAccountNonLocked() !== $user->isAccountNonLocked()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($this->user->isCredentialsNonExpired() !== $user->isCredentialsNonExpired()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($this->user->isEnabled() !== $user->isEnabled()) {
|
||||
return true;
|
||||
}
|
||||
} elseif ($this->user instanceof AdvancedUserInterface xor $user instanceof AdvancedUserInterface) {
|
||||
@trigger_error(sprintf('Checking for the AdvancedUserInterface in "%s()" is deprecated since Symfony 4.1 and support for it will be removed in 5.0. Implement the %s to check if the user has been changed,', __METHOD__, EquatableInterface::class), E_USER_DEPRECATED);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
@ -192,47 +192,6 @@ class AbstractTokenTest extends TestCase
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
*
|
||||
* @dataProvider getUserChangesAdvancedUser
|
||||
*/
|
||||
public function testSetUserSetsAuthenticatedToFalseWhenUserChangesAdvancedUser($firstUser, $secondUser)
|
||||
{
|
||||
$token = new ConcreteToken();
|
||||
$token->setAuthenticated(true);
|
||||
$this->assertTrue($token->isAuthenticated());
|
||||
|
||||
$token->setUser($firstUser);
|
||||
$this->assertTrue($token->isAuthenticated());
|
||||
|
||||
$token->setUser($secondUser);
|
||||
$this->assertFalse($token->isAuthenticated());
|
||||
}
|
||||
|
||||
public function getUserChangesAdvancedUser()
|
||||
{
|
||||
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
|
||||
$advancedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
|
||||
return [
|
||||
['foo', 'bar'],
|
||||
['foo', new TestUser('bar')],
|
||||
['foo', $user],
|
||||
['foo', $advancedUser],
|
||||
[$user, 'foo'],
|
||||
[$advancedUser, 'foo'],
|
||||
[$user, new TestUser('foo')],
|
||||
[$advancedUser, new TestUser('foo')],
|
||||
[new TestUser('foo'), new TestUser('bar')],
|
||||
[new TestUser('foo'), 'bar'],
|
||||
[new TestUser('foo'), $user],
|
||||
[new TestUser('foo'), $advancedUser],
|
||||
[$user, $advancedUser],
|
||||
[$advancedUser, $user],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider getUsers
|
||||
*/
|
||||
|
@ -30,20 +30,6 @@ class UserCheckerTest extends TestCase
|
||||
$this->assertNull($checker->checkPostAuth(new User('John', 'password')));
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
* @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPostAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.
|
||||
*/
|
||||
public function testCheckPostAuthPassAdvancedUser()
|
||||
{
|
||||
$checker = new UserChecker();
|
||||
|
||||
$account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$account->expects($this->once())->method('isCredentialsNonExpired')->willReturn(true);
|
||||
|
||||
$this->assertNull($checker->checkPostAuth($account));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException
|
||||
*/
|
||||
@ -53,37 +39,6 @@ class UserCheckerTest extends TestCase
|
||||
$checker->checkPostAuth(new User('John', 'password', [], true, true, false, true));
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
* @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPostAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException
|
||||
*/
|
||||
public function testCheckPostAuthCredentialsExpiredAdvancedUser()
|
||||
{
|
||||
$checker = new UserChecker();
|
||||
|
||||
$account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$account->expects($this->once())->method('isCredentialsNonExpired')->willReturn(false);
|
||||
|
||||
$checker->checkPostAuth($account);
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
* @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.
|
||||
*/
|
||||
public function testCheckPreAuthPassAdvancedUser()
|
||||
{
|
||||
$checker = new UserChecker();
|
||||
|
||||
$account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$account->expects($this->once())->method('isAccountNonLocked')->willReturn(true);
|
||||
$account->expects($this->once())->method('isEnabled')->willReturn(true);
|
||||
$account->expects($this->once())->method('isAccountNonExpired')->willReturn(true);
|
||||
|
||||
$this->assertNull($checker->checkPreAuth($account));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\LockedException
|
||||
*/
|
||||
@ -93,21 +48,6 @@ class UserCheckerTest extends TestCase
|
||||
$checker->checkPreAuth(new User('John', 'password', [], true, true, false, false));
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
* @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\LockedException
|
||||
*/
|
||||
public function testCheckPreAuthAccountLockedAdvancedUser()
|
||||
{
|
||||
$checker = new UserChecker();
|
||||
|
||||
$account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$account->expects($this->once())->method('isAccountNonLocked')->willReturn(false);
|
||||
|
||||
$checker->checkPreAuth($account);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\DisabledException
|
||||
*/
|
||||
@ -117,22 +57,6 @@ class UserCheckerTest extends TestCase
|
||||
$checker->checkPreAuth(new User('John', 'password', [], false, true, false, true));
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
* @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\DisabledException
|
||||
*/
|
||||
public function testCheckPreAuthDisabledAdvancedUser()
|
||||
{
|
||||
$checker = new UserChecker();
|
||||
|
||||
$account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$account->expects($this->once())->method('isAccountNonLocked')->willReturn(true);
|
||||
$account->expects($this->once())->method('isEnabled')->willReturn(false);
|
||||
|
||||
$checker->checkPreAuth($account);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException
|
||||
*/
|
||||
@ -141,21 +65,4 @@ class UserCheckerTest extends TestCase
|
||||
$checker = new UserChecker();
|
||||
$checker->checkPreAuth(new User('John', 'password', [], true, false, true, true));
|
||||
}
|
||||
|
||||
/**
|
||||
* @group legacy
|
||||
* @expectedDeprecation Calling "Symfony\Component\Security\Core\User\UserChecker::checkPreAuth()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException
|
||||
*/
|
||||
public function testCheckPreAuthAccountExpiredAdvancedUser()
|
||||
{
|
||||
$checker = new UserChecker();
|
||||
|
||||
$account = $this->getMockBuilder('Symfony\Component\Security\Core\User\AdvancedUserInterface')->getMock();
|
||||
$account->expects($this->once())->method('isAccountNonLocked')->willReturn(true);
|
||||
$account->expects($this->once())->method('isEnabled')->willReturn(true);
|
||||
$account->expects($this->once())->method('isAccountNonExpired')->willReturn(false);
|
||||
|
||||
$checker->checkPreAuth($account);
|
||||
}
|
||||
}
|
||||
|
@ -1,88 +0,0 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\User;
|
||||
|
||||
use Symfony\Component\Security\Core\Exception\AccountExpiredException;
|
||||
use Symfony\Component\Security\Core\Exception\AccountStatusException;
|
||||
use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;
|
||||
use Symfony\Component\Security\Core\Exception\DisabledException;
|
||||
use Symfony\Component\Security\Core\Exception\LockedException;
|
||||
|
||||
/**
|
||||
* Adds extra features to a user class related to account status flags.
|
||||
*
|
||||
* This interface can be implemented in place of UserInterface if you'd like
|
||||
* the authentication system to consider different account status flags
|
||||
* during authentication. If any of the methods in this interface return
|
||||
* false, authentication will fail.
|
||||
*
|
||||
* If you need to perform custom logic for any of these situations, then
|
||||
* you will need to register an exception listener and watch for the specific
|
||||
* exception instances thrown in each case. All exceptions are a subclass
|
||||
* of AccountStatusException
|
||||
*
|
||||
* @see UserInterface
|
||||
* @see AccountStatusException
|
||||
* @deprecated since Symfony 4.1
|
||||
*
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
*/
|
||||
interface AdvancedUserInterface extends UserInterface
|
||||
{
|
||||
/**
|
||||
* Checks whether the user's account has expired.
|
||||
*
|
||||
* Internally, if this method returns false, the authentication system
|
||||
* will throw an AccountExpiredException and prevent login.
|
||||
*
|
||||
* @return bool true if the user's account is non expired, false otherwise
|
||||
*
|
||||
* @see AccountExpiredException
|
||||
*/
|
||||
public function isAccountNonExpired();
|
||||
|
||||
/**
|
||||
* Checks whether the user is locked.
|
||||
*
|
||||
* Internally, if this method returns false, the authentication system
|
||||
* will throw a LockedException and prevent login.
|
||||
*
|
||||
* @return bool true if the user is not locked, false otherwise
|
||||
*
|
||||
* @see LockedException
|
||||
*/
|
||||
public function isAccountNonLocked();
|
||||
|
||||
/**
|
||||
* Checks whether the user's credentials (password) has expired.
|
||||
*
|
||||
* Internally, if this method returns false, the authentication system
|
||||
* will throw a CredentialsExpiredException and prevent login.
|
||||
*
|
||||
* @return bool true if the user's credentials are non expired, false otherwise
|
||||
*
|
||||
* @see CredentialsExpiredException
|
||||
*/
|
||||
public function isCredentialsNonExpired();
|
||||
|
||||
/**
|
||||
* Checks whether the user is enabled.
|
||||
*
|
||||
* Internally, if this method returns false, the authentication system
|
||||
* will throw a DisabledException and prevent login.
|
||||
*
|
||||
* @return bool true if the user is enabled, false otherwise
|
||||
*
|
||||
* @see DisabledException
|
||||
*/
|
||||
public function isEnabled();
|
||||
}
|
@ -18,7 +18,7 @@ namespace Symfony\Component\Security\Core\User;
|
||||
*
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
*/
|
||||
final class User implements UserInterface, EquatableInterface, AdvancedUserInterface
|
||||
final class User implements UserInterface, EquatableInterface
|
||||
{
|
||||
private $username;
|
||||
private $password;
|
||||
|
@ -28,14 +28,10 @@ class UserChecker implements UserCheckerInterface
|
||||
*/
|
||||
public function checkPreAuth(UserInterface $user)
|
||||
{
|
||||
if (!$user instanceof AdvancedUserInterface && !$user instanceof User) {
|
||||
if (!$user instanceof User) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ($user instanceof AdvancedUserInterface && !$user instanceof User) {
|
||||
@trigger_error(sprintf('Calling "%s()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.', __METHOD__), E_USER_DEPRECATED);
|
||||
}
|
||||
|
||||
if (!$user->isAccountNonLocked()) {
|
||||
$ex = new LockedException('User account is locked.');
|
||||
$ex->setUser($user);
|
||||
@ -60,14 +56,10 @@ class UserChecker implements UserCheckerInterface
|
||||
*/
|
||||
public function checkPostAuth(UserInterface $user)
|
||||
{
|
||||
if (!$user instanceof AdvancedUserInterface && !$user instanceof User) {
|
||||
if (!$user instanceof User) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ($user instanceof AdvancedUserInterface && !$user instanceof User) {
|
||||
@trigger_error(sprintf('Calling "%s()" with an AdvancedUserInterface is deprecated since Symfony 4.1. Create a custom user checker if you wish to keep this functionality.', __METHOD__), E_USER_DEPRECATED);
|
||||
}
|
||||
|
||||
if (!$user->isCredentialsNonExpired()) {
|
||||
$ex = new CredentialsExpiredException('User credentials have expired.');
|
||||
$ex->setUser($user);
|
||||
|
Reference in New Issue
Block a user