bug #41139 [Security] [DataCollector] Remove allows anonymous information in datacollector (ismail1432)
This PR was submitted for the 5.x branch but it was squashed and merged into the 5.2 branch instead.
Discussion
----------
[Security] [DataCollector] Remove allows anonymous information in datacollector
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes/no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #40907
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
As mentioned In https://github.com/symfony/symfony/issues/40907 there is no longer anonymous users no longer in the new authentication system. This PR remove this information **if the new system is used** as it always a red cross
With `enable_authenticator_manager` at `false`
![image](https://user-images.githubusercontent.com/13260307/117574692-34c8d900-b0d6-11eb-9bef-a6c9abdfad2f.png)
With `enable_authenticator_manager` at `true`
![image](https://user-images.githubusercontent.com/13260307/117574619-f3382e00-b0d5-11eb-945a-3613425ccdbe.png)
Commits
-------
92cd096763
[Security] [DataCollector] Remove allows anonymous information in datacollector
This commit is contained in:
commit
e83c9927af
@ -44,8 +44,9 @@ class SecurityDataCollector extends DataCollector implements LateDataCollectorIn
|
|||||||
private $firewallMap;
|
private $firewallMap;
|
||||||
private $firewall;
|
private $firewall;
|
||||||
private $hasVarDumper;
|
private $hasVarDumper;
|
||||||
|
private $authenticatorManagerEnabled;
|
||||||
|
|
||||||
public function __construct(TokenStorageInterface $tokenStorage = null, RoleHierarchyInterface $roleHierarchy = null, LogoutUrlGenerator $logoutUrlGenerator = null, AccessDecisionManagerInterface $accessDecisionManager = null, FirewallMapInterface $firewallMap = null, TraceableFirewallListener $firewall = null)
|
public function __construct(TokenStorageInterface $tokenStorage = null, RoleHierarchyInterface $roleHierarchy = null, LogoutUrlGenerator $logoutUrlGenerator = null, AccessDecisionManagerInterface $accessDecisionManager = null, FirewallMapInterface $firewallMap = null, TraceableFirewallListener $firewall = null, $authenticatorManagerEnabled = false)
|
||||||
{
|
{
|
||||||
$this->tokenStorage = $tokenStorage;
|
$this->tokenStorage = $tokenStorage;
|
||||||
$this->roleHierarchy = $roleHierarchy;
|
$this->roleHierarchy = $roleHierarchy;
|
||||||
@ -54,6 +55,7 @@ class SecurityDataCollector extends DataCollector implements LateDataCollectorIn
|
|||||||
$this->firewallMap = $firewallMap;
|
$this->firewallMap = $firewallMap;
|
||||||
$this->firewall = $firewall;
|
$this->firewall = $firewall;
|
||||||
$this->hasVarDumper = class_exists(ClassStub::class);
|
$this->hasVarDumper = class_exists(ClassStub::class);
|
||||||
|
$this->authenticatorManagerEnabled = $authenticatorManagerEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -204,6 +206,8 @@ class SecurityDataCollector extends DataCollector implements LateDataCollectorIn
|
|||||||
if ($this->firewall) {
|
if ($this->firewall) {
|
||||||
$this->data['listeners'] = $this->firewall->getWrappedListeners();
|
$this->data['listeners'] = $this->firewall->getWrappedListeners();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$this->data['authenticator_manager_enabled'] = $this->authenticatorManagerEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -389,4 +393,9 @@ class SecurityDataCollector extends DataCollector implements LateDataCollectorIn
|
|||||||
{
|
{
|
||||||
return 'security';
|
return 'security';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function isAuthenticatorManagerEnabled(): bool
|
||||||
|
{
|
||||||
|
return $this->data['authenticator_manager_enabled'];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -132,6 +132,8 @@ class SecurityExtension extends Extension implements PrependExtensionInterface
|
|||||||
$loader->load('collectors.php');
|
$loader->load('collectors.php');
|
||||||
$loader->load('guard.php');
|
$loader->load('guard.php');
|
||||||
|
|
||||||
|
$container->getDefinition('data_collector.security')->addArgument($this->authenticatorManagerEnabled);
|
||||||
|
|
||||||
if ($container->hasParameter('kernel.debug') && $container->getParameter('kernel.debug')) {
|
if ($container->hasParameter('kernel.debug') && $container->getParameter('kernel.debug')) {
|
||||||
$loader->load('security_debug.php');
|
$loader->load('security_debug.php');
|
||||||
}
|
}
|
||||||
|
@ -159,10 +159,12 @@
|
|||||||
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.stateless ? 'yes' : 'no') ~ '.svg') }}</span>
|
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.stateless ? 'yes' : 'no') ~ '.svg') }}</span>
|
||||||
<span class="label">Stateless</span>
|
<span class="label">Stateless</span>
|
||||||
</div>
|
</div>
|
||||||
|
{% if collector.authenticatorManagerEnabled == false %}
|
||||||
<div class="metric">
|
<div class="metric">
|
||||||
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.allows_anonymous ? 'yes' : 'no') ~ '.svg') }}</span>
|
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.allows_anonymous ? 'yes' : 'no') ~ '.svg') }}</span>
|
||||||
<span class="label">Allows anonymous</span>
|
<span class="label">Allows anonymous</span>
|
||||||
</div>
|
</div>
|
||||||
|
{% endif %}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
{% if collector.firewall.security_enabled %}
|
{% if collector.firewall.security_enabled %}
|
||||||
|
@ -71,6 +71,7 @@ class SecurityDataCollectorTest extends TestCase
|
|||||||
$this->assertCount(0, $collector->getInheritedRoles());
|
$this->assertCount(0, $collector->getInheritedRoles());
|
||||||
$this->assertEmpty($collector->getUser());
|
$this->assertEmpty($collector->getUser());
|
||||||
$this->assertNull($collector->getFirewall());
|
$this->assertNull($collector->getFirewall());
|
||||||
|
$this->assertFalse($collector->isAuthenticatorManagerEnabled());
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @dataProvider provideRoles */
|
/** @dataProvider provideRoles */
|
||||||
@ -93,6 +94,7 @@ class SecurityDataCollectorTest extends TestCase
|
|||||||
$this->assertSame($normalizedRoles, $collector->getRoles()->getValue(true));
|
$this->assertSame($normalizedRoles, $collector->getRoles()->getValue(true));
|
||||||
$this->assertSame($inheritedRoles, $collector->getInheritedRoles()->getValue(true));
|
$this->assertSame($inheritedRoles, $collector->getInheritedRoles()->getValue(true));
|
||||||
$this->assertSame('hhamon', $collector->getUser());
|
$this->assertSame('hhamon', $collector->getUser());
|
||||||
|
$this->assertFalse($collector->isAuthenticatorManagerEnabled());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testCollectSwitchUserToken()
|
public function testCollectSwitchUserToken()
|
||||||
@ -132,7 +134,7 @@ class SecurityDataCollectorTest extends TestCase
|
|||||||
->with($request)
|
->with($request)
|
||||||
->willReturn($firewallConfig);
|
->willReturn($firewallConfig);
|
||||||
|
|
||||||
$collector = new SecurityDataCollector(null, null, null, null, $firewallMap, new TraceableFirewallListener($firewallMap, new EventDispatcher(), new LogoutUrlGenerator()));
|
$collector = new SecurityDataCollector(null, null, null, null, $firewallMap, new TraceableFirewallListener($firewallMap, new EventDispatcher(), new LogoutUrlGenerator()), true);
|
||||||
$collector->collect($request, new Response());
|
$collector->collect($request, new Response());
|
||||||
$collector->lateCollect();
|
$collector->lateCollect();
|
||||||
$collected = $collector->getFirewall();
|
$collected = $collector->getFirewall();
|
||||||
@ -149,6 +151,7 @@ class SecurityDataCollectorTest extends TestCase
|
|||||||
$this->assertSame($firewallConfig->getAccessDeniedUrl(), $collected['access_denied_url']);
|
$this->assertSame($firewallConfig->getAccessDeniedUrl(), $collected['access_denied_url']);
|
||||||
$this->assertSame($firewallConfig->getUserChecker(), $collected['user_checker']);
|
$this->assertSame($firewallConfig->getUserChecker(), $collected['user_checker']);
|
||||||
$this->assertSame($firewallConfig->getListeners(), $collected['listeners']->getValue());
|
$this->assertSame($firewallConfig->getListeners(), $collected['listeners']->getValue());
|
||||||
|
$this->assertTrue($collector->isAuthenticatorManagerEnabled());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testGetFirewallReturnsNull()
|
public function testGetFirewallReturnsNull()
|
||||||
|
Reference in New Issue
Block a user