[SecurityBundle] Move format-dependent tests from SecurityExtensionTest
This commit is contained in:
parent
2165d5dffb
commit
d463e25a75
@ -13,6 +13,7 @@ namespace Symfony\Bundle\SecurityBundle\DependencyInjection;
|
||||
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface;
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\UserProvider\UserProviderFactoryInterface;
|
||||
use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException;
|
||||
use Symfony\Component\DependencyInjection\Definition;
|
||||
use Symfony\Component\DependencyInjection\DefinitionDecorator;
|
||||
use Symfony\Component\DependencyInjection\Alias;
|
||||
@ -413,7 +414,7 @@ class SecurityExtension extends Extension
|
||||
}
|
||||
|
||||
if (false === $hasListeners) {
|
||||
throw new \LogicException(sprintf('No authentication listener registered for firewall "%s".', $id));
|
||||
throw new InvalidConfigurationException(sprintf('No authentication listener registered for firewall "%s".', $id));
|
||||
}
|
||||
|
||||
return array($listeners, $defaultEntryPoint);
|
||||
|
@ -0,0 +1,203 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection;
|
||||
|
||||
use Symfony\Component\DependencyInjection\Reference;
|
||||
|
||||
use Symfony\Component\DependencyInjection\Parameter;
|
||||
use Symfony\Bundle\SecurityBundle\SecurityBundle;
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
|
||||
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
|
||||
abstract class CompleteConfigurationTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
abstract protected function loadFromFile(ContainerBuilder $container, $file);
|
||||
|
||||
public function testRolesHierarchy()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
$this->assertEquals(array(
|
||||
'ROLE_ADMIN' => array('ROLE_USER'),
|
||||
'ROLE_SUPER_ADMIN' => array('ROLE_USER', 'ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'),
|
||||
'ROLE_REMOTE' => array('ROLE_USER', 'ROLE_ADMIN'),
|
||||
), $container->getParameter('security.role_hierarchy.roles'));
|
||||
}
|
||||
|
||||
public function testUserProviders()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$providers = array_values(array_filter($container->getServiceIds(), function ($key) { return 0 === strpos($key, 'security.user.provider.concrete'); }));
|
||||
|
||||
$expectedProviders = array(
|
||||
'security.user.provider.concrete.default',
|
||||
'security.user.provider.concrete.default_foo',
|
||||
'security.user.provider.concrete.digest',
|
||||
'security.user.provider.concrete.digest_foo',
|
||||
'security.user.provider.concrete.basic',
|
||||
'security.user.provider.concrete.basic_foo',
|
||||
'security.user.provider.concrete.basic_bar',
|
||||
'security.user.provider.concrete.service',
|
||||
'security.user.provider.concrete.chain',
|
||||
);
|
||||
|
||||
$this->assertEquals(array(), array_diff($expectedProviders, $providers));
|
||||
$this->assertEquals(array(), array_diff($providers, $expectedProviders));
|
||||
|
||||
// chain provider
|
||||
$this->assertEquals(array(array(
|
||||
new Reference('security.user.provider.concrete.service'),
|
||||
new Reference('security.user.provider.concrete.basic'),
|
||||
)), $container->getDefinition('security.user.provider.concrete.chain')->getArguments());
|
||||
}
|
||||
|
||||
public function testFirewalls()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$arguments = $container->getDefinition('security.firewall.map')->getArguments();
|
||||
$listeners = array();
|
||||
foreach (array_keys($arguments[1]) as $contextId) {
|
||||
$contextDef = $container->getDefinition($contextId);
|
||||
$arguments = $contextDef->getArguments();
|
||||
$listeners[] = array_map(function ($ref) { return (string) $ref; }, $arguments['index_0']);
|
||||
}
|
||||
|
||||
$this->assertEquals(array(
|
||||
array(),
|
||||
array(
|
||||
'security.channel_listener',
|
||||
'security.logout_listener.secure',
|
||||
'security.authentication.listener.x509.secure',
|
||||
'security.authentication.listener.form.secure',
|
||||
'security.authentication.listener.basic.secure',
|
||||
'security.authentication.listener.digest.secure',
|
||||
'security.authentication.listener.anonymous.secure',
|
||||
'security.access_listener',
|
||||
'security.authentication.switchuser_listener.secure',
|
||||
),
|
||||
), $listeners);
|
||||
}
|
||||
|
||||
public function testAccess()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$rules = array();
|
||||
foreach ($container->getDefinition('security.access_map')->getMethodCalls() as $call) {
|
||||
if ($call[0] == 'add') {
|
||||
$rules[] = array((string) $call[1][0], $call[1][1], $call[1][2]);
|
||||
}
|
||||
}
|
||||
|
||||
$matcherIds = array();
|
||||
foreach ($rules as $rule) {
|
||||
list($matcherId, $roles, $channel) = $rule;
|
||||
$requestMatcher = $container->getDefinition($matcherId);
|
||||
|
||||
$this->assertFalse(isset($matcherIds[$matcherId]));
|
||||
$matcherIds[$matcherId] = true;
|
||||
|
||||
$i = count($matcherIds);
|
||||
if (1 === $i) {
|
||||
$this->assertEquals(array('ROLE_USER'), $roles);
|
||||
$this->assertEquals('https', $channel);
|
||||
$this->assertEquals(
|
||||
array('/blog/524', null, array('GET', 'POST')),
|
||||
$requestMatcher->getArguments()
|
||||
);
|
||||
} elseif (2 === $i) {
|
||||
$this->assertEquals(array('IS_AUTHENTICATED_ANONYMOUSLY'), $roles);
|
||||
$this->assertNull($channel);
|
||||
$this->assertEquals(
|
||||
array('/blog/.*'),
|
||||
$requestMatcher->getArguments()
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function testMerge()
|
||||
{
|
||||
$container = $this->getContainer('merge');
|
||||
|
||||
$this->assertEquals(array(
|
||||
'FOO' => array('MOO'),
|
||||
'ADMIN' => array('USER'),
|
||||
), $container->getParameter('security.role_hierarchy.roles'));
|
||||
}
|
||||
|
||||
public function testEncoders()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$this->assertEquals(array(array(
|
||||
'JMS\FooBundle\Entity\User1' => array(
|
||||
'class' => new Parameter('security.encoder.plain.class'),
|
||||
'arguments' => array(false),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User2' => array(
|
||||
'class' => new Parameter('security.encoder.digest.class'),
|
||||
'arguments' => array('sha1', false, 5),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User3' => array(
|
||||
'class' => new Parameter('security.encoder.digest.class'),
|
||||
'arguments' => array('md5', true, 5000),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
|
||||
'JMS\FooBundle\Entity\User5' => array(
|
||||
'class' => new Parameter('security.encoder.pbkdf2.class'),
|
||||
'arguments' => array('sha1', false, 5, 30),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User6' => array(
|
||||
'class' => new Parameter('security.encoder.bcrypt.class'),
|
||||
'arguments' => array(
|
||||
new Reference('security.secure_random'),
|
||||
15,
|
||||
)
|
||||
),
|
||||
)), $container->getDefinition('security.encoder_factory.generic')->getArguments());
|
||||
}
|
||||
|
||||
public function testAcl()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$this->assertTrue($container->hasDefinition('security.acl.dbal.provider'));
|
||||
$this->assertEquals('security.acl.dbal.provider', (string) $container->getAlias('security.acl.provider'));
|
||||
}
|
||||
|
||||
public function testCustomAclProvider()
|
||||
{
|
||||
$container = $this->getContainer('custom_acl_provider');
|
||||
|
||||
$this->assertFalse($container->hasDefinition('security.acl.dbal.provider'));
|
||||
$this->assertEquals('foo', (string) $container->getAlias('security.acl.provider'));
|
||||
}
|
||||
|
||||
protected function getContainer($file)
|
||||
{
|
||||
$container = new ContainerBuilder();
|
||||
$security = new SecurityExtension();
|
||||
$container->registerExtension($security);
|
||||
|
||||
$bundle = new SecurityBundle();
|
||||
$bundle->build($container); // Attach all default factories
|
||||
$this->loadFromFile($container, $file);
|
||||
|
||||
$container->getCompilerPassConfig()->setOptimizationPasses(array());
|
||||
$container->getCompilerPassConfig()->setRemovingPasses(array());
|
||||
$container->compile();
|
||||
|
||||
return $container;
|
||||
}
|
||||
}
|
@ -1,16 +0,0 @@
|
||||
<?php
|
||||
|
||||
$container->loadFromExtension('security', array(
|
||||
'providers' => array(
|
||||
'default' => array('id' => 'foo'),
|
||||
),
|
||||
|
||||
'firewalls' => array(
|
||||
'some_firewall' => array(
|
||||
'pattern' => '/secured_area/.*',
|
||||
'form_login' => array(
|
||||
'check_path' => '/some_area/login_check',
|
||||
)
|
||||
)
|
||||
)
|
||||
));
|
@ -1,16 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<srv:container xmlns="http://symfony.com/schema/dic/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:srv="http://symfony.com/schema/dic/services"
|
||||
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
|
||||
|
||||
<config>
|
||||
<provider name="default" id="foo" />
|
||||
|
||||
<firewall name="some_firewall" pattern="/secured_area/.*">
|
||||
<form-login check-path="/some_area/login_check" />
|
||||
</firewall>
|
||||
</config>
|
||||
|
||||
</srv:container>
|
@ -1,9 +0,0 @@
|
||||
security:
|
||||
providers:
|
||||
default: { id: foo }
|
||||
|
||||
firewalls:
|
||||
some_firewall:
|
||||
pattern: /secured_area/.*
|
||||
form_login:
|
||||
check_path: /some_area/login_check
|
@ -14,7 +14,7 @@ namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection;
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\MainConfiguration;
|
||||
use Symfony\Component\Config\Definition\Processor;
|
||||
|
||||
class ConfigurationTest extends \PHPUnit_Framework_TestCase
|
||||
class MainConfigurationTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
/**
|
||||
* The minimal, required config needed to not have any required validation
|
@ -15,7 +15,7 @@ use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;
|
||||
use Symfony\Component\Config\FileLocator;
|
||||
|
||||
class PhpSecurityExtensionTest extends SecurityExtensionTest
|
||||
class PhpCompleteConfigurationTest extends CompleteConfigurationTest
|
||||
{
|
||||
protected function loadFromFile(ContainerBuilder $container, $file)
|
||||
{
|
@ -11,202 +11,81 @@
|
||||
|
||||
namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection;
|
||||
|
||||
use Symfony\Component\DependencyInjection\Reference;
|
||||
|
||||
use Symfony\Component\DependencyInjection\Parameter;
|
||||
use Symfony\Bundle\SecurityBundle\SecurityBundle;
|
||||
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
|
||||
use Symfony\Bundle\SecurityBundle\SecurityBundle;
|
||||
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
|
||||
abstract class SecurityExtensionTest extends \PHPUnit_Framework_TestCase
|
||||
class SecurityExtensionTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
abstract protected function loadFromFile(ContainerBuilder $container, $file);
|
||||
|
||||
public function testRolesHierarchy()
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
|
||||
* @expectedExceptionMessage The check_path "/some_area/login_check" for login method "form_login" is not matched by the firewall pattern "/secured_area/.*".
|
||||
*/
|
||||
public function testInvalidCheckPath()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
$this->assertEquals(array(
|
||||
'ROLE_ADMIN' => array('ROLE_USER'),
|
||||
'ROLE_SUPER_ADMIN' => array('ROLE_USER', 'ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'),
|
||||
'ROLE_REMOTE' => array('ROLE_USER', 'ROLE_ADMIN'),
|
||||
), $container->getParameter('security.role_hierarchy.roles'));
|
||||
}
|
||||
$container = $this->getRawContainer();
|
||||
|
||||
public function testUserProviders()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$providers = array_values(array_filter($container->getServiceIds(), function ($key) { return 0 === strpos($key, 'security.user.provider.concrete'); }));
|
||||
|
||||
$expectedProviders = array(
|
||||
'security.user.provider.concrete.default',
|
||||
'security.user.provider.concrete.default_foo',
|
||||
'security.user.provider.concrete.digest',
|
||||
'security.user.provider.concrete.digest_foo',
|
||||
'security.user.provider.concrete.basic',
|
||||
'security.user.provider.concrete.basic_foo',
|
||||
'security.user.provider.concrete.basic_bar',
|
||||
'security.user.provider.concrete.service',
|
||||
'security.user.provider.concrete.chain',
|
||||
);
|
||||
|
||||
$this->assertEquals(array(), array_diff($expectedProviders, $providers));
|
||||
$this->assertEquals(array(), array_diff($providers, $expectedProviders));
|
||||
|
||||
// chain provider
|
||||
$this->assertEquals(array(array(
|
||||
new Reference('security.user.provider.concrete.service'),
|
||||
new Reference('security.user.provider.concrete.basic'),
|
||||
)), $container->getDefinition('security.user.provider.concrete.chain')->getArguments());
|
||||
}
|
||||
|
||||
public function testFirewalls()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$arguments = $container->getDefinition('security.firewall.map')->getArguments();
|
||||
$listeners = array();
|
||||
foreach (array_keys($arguments[1]) as $contextId) {
|
||||
$contextDef = $container->getDefinition($contextId);
|
||||
$arguments = $contextDef->getArguments();
|
||||
$listeners[] = array_map(function ($ref) { return (string) $ref; }, $arguments['index_0']);
|
||||
}
|
||||
|
||||
$this->assertEquals(array(
|
||||
array(),
|
||||
array(
|
||||
'security.channel_listener',
|
||||
'security.logout_listener.secure',
|
||||
'security.authentication.listener.x509.secure',
|
||||
'security.authentication.listener.form.secure',
|
||||
'security.authentication.listener.basic.secure',
|
||||
'security.authentication.listener.digest.secure',
|
||||
'security.authentication.listener.anonymous.secure',
|
||||
'security.access_listener',
|
||||
'security.authentication.switchuser_listener.secure',
|
||||
$container->loadFromExtension('security', array(
|
||||
'providers' => array(
|
||||
'default' => array('id' => 'foo'),
|
||||
),
|
||||
), $listeners);
|
||||
}
|
||||
|
||||
public function testAccess()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$rules = array();
|
||||
foreach ($container->getDefinition('security.access_map')->getMethodCalls() as $call) {
|
||||
if ($call[0] == 'add') {
|
||||
$rules[] = array((string) $call[1][0], $call[1][1], $call[1][2]);
|
||||
}
|
||||
}
|
||||
|
||||
$matcherIds = array();
|
||||
foreach ($rules as $rule) {
|
||||
list($matcherId, $roles, $channel) = $rule;
|
||||
$requestMatcher = $container->getDefinition($matcherId);
|
||||
|
||||
$this->assertFalse(isset($matcherIds[$matcherId]));
|
||||
$matcherIds[$matcherId] = true;
|
||||
|
||||
$i = count($matcherIds);
|
||||
if (1 === $i) {
|
||||
$this->assertEquals(array('ROLE_USER'), $roles);
|
||||
$this->assertEquals('https', $channel);
|
||||
$this->assertEquals(
|
||||
array('/blog/524', null, array('GET', 'POST')),
|
||||
$requestMatcher->getArguments()
|
||||
);
|
||||
} elseif (2 === $i) {
|
||||
$this->assertEquals(array('IS_AUTHENTICATED_ANONYMOUSLY'), $roles);
|
||||
$this->assertNull($channel);
|
||||
$this->assertEquals(
|
||||
array('/blog/.*'),
|
||||
$requestMatcher->getArguments()
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function testMerge()
|
||||
{
|
||||
$container = $this->getContainer('merge');
|
||||
|
||||
$this->assertEquals(array(
|
||||
'FOO' => array('MOO'),
|
||||
'ADMIN' => array('USER'),
|
||||
), $container->getParameter('security.role_hierarchy.roles'));
|
||||
}
|
||||
|
||||
public function testEncoders()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$this->assertEquals(array(array(
|
||||
'JMS\FooBundle\Entity\User1' => array(
|
||||
'class' => new Parameter('security.encoder.plain.class'),
|
||||
'arguments' => array(false),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User2' => array(
|
||||
'class' => new Parameter('security.encoder.digest.class'),
|
||||
'arguments' => array('sha1', false, 5),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User3' => array(
|
||||
'class' => new Parameter('security.encoder.digest.class'),
|
||||
'arguments' => array('md5', true, 5000),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
|
||||
'JMS\FooBundle\Entity\User5' => array(
|
||||
'class' => new Parameter('security.encoder.pbkdf2.class'),
|
||||
'arguments' => array('sha1', false, 5, 30),
|
||||
),
|
||||
'JMS\FooBundle\Entity\User6' => array(
|
||||
'class' => new Parameter('security.encoder.bcrypt.class'),
|
||||
'arguments' => array(
|
||||
new Reference('security.secure_random'),
|
||||
15,
|
||||
'firewalls' => array(
|
||||
'some_firewall' => array(
|
||||
'pattern' => '/secured_area/.*',
|
||||
'form_login' => array(
|
||||
'check_path' => '/some_area/login_check',
|
||||
)
|
||||
),
|
||||
)), $container->getDefinition('security.encoder_factory.generic')->getArguments());
|
||||
}
|
||||
)
|
||||
)
|
||||
));
|
||||
|
||||
public function testAcl()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
||||
$this->assertTrue($container->hasDefinition('security.acl.dbal.provider'));
|
||||
$this->assertEquals('security.acl.dbal.provider', (string) $container->getAlias('security.acl.provider'));
|
||||
}
|
||||
|
||||
public function testCustomAclProvider()
|
||||
{
|
||||
$container = $this->getContainer('custom_acl_provider');
|
||||
|
||||
$this->assertFalse($container->hasDefinition('security.acl.dbal.provider'));
|
||||
$this->assertEquals('foo', (string) $container->getAlias('security.acl.provider'));
|
||||
$container->compile();
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
|
||||
* @expectedExceptionMessage not matched by the firewall pattern
|
||||
* @expectedExceptionMessage No authentication listener registered for firewall "some_firewall"
|
||||
*/
|
||||
public function testInvalidCheckPath()
|
||||
public function testFirewallWithoutAuthenticationListener()
|
||||
{
|
||||
$container = $this->getContainer('invalid_check_path');
|
||||
$container = $this->getRawContainer();
|
||||
|
||||
$container->loadFromExtension('security', array(
|
||||
'providers' => array(
|
||||
'default' => array('id' => 'foo'),
|
||||
),
|
||||
|
||||
'firewalls' => array(
|
||||
'some_firewall' => array(
|
||||
'pattern' => '/.*',
|
||||
)
|
||||
)
|
||||
));
|
||||
|
||||
$container->compile();
|
||||
}
|
||||
|
||||
protected function getContainer($file)
|
||||
protected function getRawContainer()
|
||||
{
|
||||
$container = new ContainerBuilder();
|
||||
$security = new SecurityExtension();
|
||||
$container->registerExtension($security);
|
||||
|
||||
$bundle = new SecurityBundle();
|
||||
$bundle->build($container); // Attach all default factories
|
||||
$this->loadFromFile($container, $file);
|
||||
$bundle->build($container);
|
||||
|
||||
$container->getCompilerPassConfig()->setOptimizationPasses(array());
|
||||
$container->getCompilerPassConfig()->setRemovingPasses(array());
|
||||
$container->compile();
|
||||
|
||||
return $container;
|
||||
}
|
||||
|
||||
protected function getContainer()
|
||||
{
|
||||
$containter = $this->getRawContainer();
|
||||
$containter->compile();
|
||||
|
||||
return $containter;
|
||||
}
|
||||
}
|
||||
|
@ -15,7 +15,7 @@ use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
|
||||
use Symfony\Component\Config\FileLocator;
|
||||
|
||||
class XmlSecurityExtensionTest extends SecurityExtensionTest
|
||||
class XmlCompleteConfigurationTest extends CompleteConfigurationTest
|
||||
{
|
||||
protected function loadFromFile(ContainerBuilder $container, $file)
|
||||
{
|
@ -15,7 +15,7 @@ use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
use Symfony\Component\DependencyInjection\Loader\YamlFileLoader;
|
||||
use Symfony\Component\Config\FileLocator;
|
||||
|
||||
class YamlSecurityExtensionTest extends SecurityExtensionTest
|
||||
class YamlCompleteConfigurationTest extends CompleteConfigurationTest
|
||||
{
|
||||
protected function loadFromFile(ContainerBuilder $container, $file)
|
||||
{
|
Reference in New Issue
Block a user