8d39213f4c
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Security][Acl] Add MutableAclProvider::updateUserSecurityIdentity
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5787
| License | MIT
| Doc PR | symfony/symfony-docs#3319
This provides a very simple function to enable the update of a User's username while keeping its associated ACEs (by updating its corresponding UserSecurityIdentity)
Developers can add a listener on the preUpdate of a user and remove all the related ACLs:
```php
if ($args->hasChangedField('username')) {
$aclProvider = $this->container->get('security.acl.provider');
$oldUsername = $args->getOldValue ('username');
$user = $args->getEntity();
$aclProvider->updateUserSecurityIdentity(UserSecurityIdentity::fromAccount($user) , $oldUsername);
}
```
Among the problems of not updating the UserSecurityIdentity:
- Inconsistent database, referring to a non-existent user.
- The user loses all its associated permissions
- If another user is created with the old username, it will inherit all the first user’s ACEs
This PR intends to fix Issue #5787 and is similar to and inspired from PR #8305.
This will also be heavily impacted by the outcome of #8848
Commits
-------
|
||
|---|---|---|
| src/Symfony | ||
| .editorconfig | ||
| .gitignore | ||
| .travis.yml | ||
| autoload.php.dist | ||
| CHANGELOG-2.2.md | ||
| CHANGELOG-2.3.md | ||
| CHANGELOG-2.4.md | ||
| composer.json | ||
| CONTRIBUTING.md | ||
| CONTRIBUTORS.md | ||
| LICENSE | ||
| phpunit.xml.dist | ||
| README.md | ||
| UPGRADE-2.1.md | ||
| UPGRADE-2.2.md | ||
| UPGRADE-2.3.md | ||
| UPGRADE-2.4.md | ||
| UPGRADE-3.0.md | ||
README
What is Symfony2?
Symfony2 is a PHP 5.3 full-stack web framework. It is written with speed and flexibility in mind. It allows developers to build better and easy to maintain websites with PHP.
Symfony can be used to develop all kind of websites, from your personal blog to high traffic ones like Dailymotion or Yahoo! Answers.
Requirements
Symfony2 is only supported on PHP 5.3.3 and up.
Be warned that PHP versions before 5.3.8 are known to be buggy and might not work for you:
-
before PHP 5.3.4, if you get "Notice: Trying to get property of non-object", you've hit a known PHP bug (see https://bugs.php.net/bug.php?id=52083 and https://bugs.php.net/bug.php?id=50027);
-
before PHP 5.3.8, if you get an error involving annotations, you've hit a known PHP bug (see https://bugs.php.net/bug.php?id=55156).
-
PHP 5.3.16 has a major bug in the Reflection subsystem and is not suitable to run Symfony2 (https://bugs.php.net/bug.php?id=62715)
Installation
The best way to install Symfony2 is to download the Symfony Standard Edition available at http://symfony.com/download.
Documentation
The "Quick Tour" tutorial gives you a first feeling of the framework. If, like us, you think that Symfony2 can help speed up your development and take the quality of your work to the next level, read the official Symfony2 documentation.
Contributing
Symfony2 is an open source, community-driven project. If you'd like to contribute, please read the Contributing Code part of the documentation. If you're submitting a pull request, please follow the guidelines in the Submitting a Patch section and use Pull Request Template.
Running Symfony2 Tests
Information on how to run the Symfony2 test suite can be found in the Running Symfony2 Tests section.