bug #22470 [SecurityBundle] conditionally register user checker FQCN alias (xabbuh)
This PR was merged into the 3.3-dev branch.
Discussion
----------
[SecurityBundle] conditionally register user checker FQCN alias
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22466
| License | MIT
| Doc PR |
Commits
-------
eede70a8a2
conditionally register user checker FQCN alias
This commit is contained in:
commit
df155dd5b4
|
@ -245,10 +245,16 @@ class SecurityExtension extends Extension
|
|||
$arguments[1] = $userProviders;
|
||||
$definition->setArguments($arguments);
|
||||
|
||||
$customUserChecker = false;
|
||||
|
||||
// load firewall map
|
||||
$mapDef = $container->getDefinition('security.firewall.map');
|
||||
$map = $authenticationProviders = $contextRefs = array();
|
||||
foreach ($firewalls as $name => $firewall) {
|
||||
if (isset($firewall['user_checker']) && 'security.user_checker' !== $firewall['user_checker']) {
|
||||
$customUserChecker = true;
|
||||
}
|
||||
|
||||
$configId = 'security.firewall.map.config.'.$name;
|
||||
|
||||
list($matcher, $listeners, $exceptionListener) = $this->createFirewall($container, $name, $firewall, $authenticationProviders, $providerIds, $configId);
|
||||
|
@ -275,6 +281,11 @@ class SecurityExtension extends Extension
|
|||
->getDefinition('security.authentication.manager')
|
||||
->replaceArgument(0, new IteratorArgument($authenticationProviders))
|
||||
;
|
||||
|
||||
// register an autowire alias for the UserCheckerInterface if no custom user checker service is configured
|
||||
if (!$customUserChecker) {
|
||||
$container->setAlias('Symfony\Component\Security\Core\User\UserCheckerInterface', new Alias('security.user_checker', false));
|
||||
}
|
||||
}
|
||||
|
||||
private function createFirewall(ContainerBuilder $container, $id, $firewall, &$authenticationProviders, $providerIds, $configId)
|
||||
|
|
|
@ -172,6 +172,8 @@ abstract class CompleteConfigurationTest extends TestCase
|
|||
'security.access_listener',
|
||||
),
|
||||
), $listeners);
|
||||
|
||||
$this->assertFalse($container->hasAlias('Symfony\Component\Security\Core\User\UserCheckerInterface', 'No user checker alias is registered when custom user checker services are registered'));
|
||||
}
|
||||
|
||||
public function testFirewallRequestMatchers()
|
||||
|
@ -200,6 +202,14 @@ abstract class CompleteConfigurationTest extends TestCase
|
|||
), $matchers);
|
||||
}
|
||||
|
||||
public function testUserCheckerAliasIsRegistered()
|
||||
{
|
||||
$container = $this->getContainer('no_custom_user_checker');
|
||||
|
||||
$this->assertTrue($container->hasAlias('Symfony\Component\Security\Core\User\UserCheckerInterface', 'Alias for user checker is registered when no custom user checker service is registered'));
|
||||
$this->assertFalse($container->getAlias('Symfony\Component\Security\Core\User\UserCheckerInterface')->isPublic());
|
||||
}
|
||||
|
||||
public function testAccess()
|
||||
{
|
||||
$container = $this->getContainer('container1');
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
$container->loadFromExtension('security', array(
|
||||
'providers' => array(
|
||||
'default' => array(
|
||||
'memory' => array(
|
||||
'users' => array(
|
||||
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
|
||||
),
|
||||
),
|
||||
),
|
||||
),
|
||||
'firewalls' => array(
|
||||
'simple' => array('pattern' => '/login', 'security' => false),
|
||||
'secure' => array('stateless' => true,
|
||||
'http_basic' => true,
|
||||
'http_digest' => array('secret' => 'TheSecret'),
|
||||
'form_login' => true,
|
||||
'anonymous' => true,
|
||||
'switch_user' => true,
|
||||
'x509' => true,
|
||||
'remote_user' => true,
|
||||
'logout' => true,
|
||||
'remember_me' => array('secret' => 'TheSecret'),
|
||||
'user_checker' => null,
|
||||
),
|
||||
),
|
||||
));
|
|
@ -0,0 +1,29 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<srv:container xmlns="http://symfony.com/schema/dic/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:srv="http://symfony.com/schema/dic/services"
|
||||
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
|
||||
|
||||
<config>
|
||||
<provider name="default">
|
||||
<memory>
|
||||
<user name="foo" password="foo" roles="ROLE_USER" />
|
||||
</memory>
|
||||
</provider>
|
||||
|
||||
<firewall name="simple" pattern="/login" security="false" />
|
||||
|
||||
<firewall name="secure" stateless="true">
|
||||
<http-basic />
|
||||
<http-digest secret="TheSecret" />
|
||||
<form-login />
|
||||
<anonymous />
|
||||
<switch-user />
|
||||
<x509 />
|
||||
<remote-user />
|
||||
<user-checker />
|
||||
<logout />
|
||||
<remember-me secret="TheSecret"/>
|
||||
</firewall>
|
||||
</config>
|
||||
</srv:container>
|
|
@ -0,0 +1,23 @@
|
|||
security:
|
||||
providers:
|
||||
default:
|
||||
memory:
|
||||
users:
|
||||
foo: { password: foo, roles: ROLE_USER }
|
||||
|
||||
firewalls:
|
||||
simple: { pattern: /login, security: false }
|
||||
secure:
|
||||
stateless: true
|
||||
http_basic: true
|
||||
http_digest:
|
||||
secret: TheSecret
|
||||
form_login: true
|
||||
anonymous: true
|
||||
switch_user: true
|
||||
x509: true
|
||||
remote_user: true
|
||||
logout: true
|
||||
remember_me:
|
||||
secret: TheSecret
|
||||
user_checker: ~
|
Reference in New Issue