8000 Fix review findings · symfony/symfony@5222ad3 · GitHub
[go: up one dir, main page]
Skip to content

Commit 5222ad3

Browse files
core23core23
committed
Fix review findings
1 parent e44b412 commit 5222ad3

File tree

7 files changed

+29
-14
lines changed

7 files changed

+29
-14
lines changed

src/Symfony/Bundle/SecurityBundle/CHANGELOG.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,16 @@
11
CHANGELOG
22
=========
33

4+
7.3
5+
---
6+
7+
* Add `expose_security_errors` config option to display `AccountStatusException`
8+
49
7.2
510
---
611

712
* Allow configuring the secret used to sign login links
813
* Allow passing optional passport attributes to `Security::login()`
9-
* Add `expose_security_errors` config option to display `AccountStatusException`
1014

1115
7.1
1216
---

src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -60,8 +60,6 @@ public function getConfigTreeBuilder(): TreeBuilder
6060
->then(function ($v) {
6161
if (isset($v['hide_user_not_found']) && !isset($v['expose_security_errors'])) {
6262
$v['expose_security_errors'] = $v['hide_user_not_found'] ? ExposeSecurityLevel::None : ExposeSecurityLevel::All;
63-
} elseif (!isset($v['expose_security_errors'])) {
64-
$v['expose_security_errors'] = ExposeSecurityLevel::None;
6563
}
6664

6765
return $v;
@@ -74,12 +72,12 @@ public function getConfigTreeBuilder(): TreeBuilder
7472
->defaultValue(SessionAuthenticationStrategy::MIGRATE)
7573
->end()
7674
->booleanNode('hide_user_not_found')
77-
->defaultNull()
7875
->setDeprecated('symfony/security-bundle', '7.3', 'The "%node%" option is deprecated and will be removed in 8.0. Use the "expose_security_errors" option instead.')
7976
->end()
8077
->enumNode('expose_security_errors')
78+
->beforeNormalization()->ifString()->then(fn ($v) => ['value' => ExposeSecurityLevel::tryFrom($v)])->end()
8179
->values(ExposeSecurityLevel::cases())
82-
->defaultNull()
80+
->defaultValue(ExposeSecurityLevel::None)
8381
->end()
8482
->booleanNode('erase_credentials')->defaultTrue()->end()
8583
->arrayNode('access_decision_manager')

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,7 @@ public function load(array $configs, ContainerBuilder $container): void
155155
));
156156
}
157157

158-
$container->setParameter('security.authentication.hide_user_not_found', ExposeSecurityLevel::None !== $config['expose_security_errors']);
158+
$container->setParameter('security.authentication.hide_user_not_found', ExposeSecurityLevel::All !== $config['expose_security_errors']);
159159
$container->setParameter('.security.authentication.expose_security_errors', $config['expose_security_errors']);
160160

161161
if (class_exists(Application::class)) {

src/Symfony/Bundle/SecurityBundle/Resources/config/schema/security-1.0.xsd

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@
5555
<xsd:attribute name="strategy" type="access_decision_manager_strategy" />
5656
<xsd:attribute name="service" type="xsd:string" />
5757
<xsd:attribute name="strategy-service" type="xsd:string" />
58+
<xsd:attribute name="expose-security-errors" type="access_decision_manager_expose_security_level" />
5859
<xsd:attribute name="allow-if-all-abstain" type="xsd:boolean" />
5960
<xsd:attribute name="allow-if-equal-granted-denied" type="xsd:boolean" />
6061
</xsd:complexType>
@@ -68,6 +69,14 @@
6869
</xsd:restriction>
6970
</xsd:simpleType>
7071

72+
<xsd:simpleType name="access_decision_manager_expose_security_level">
73+
<xsd:restriction base="xsd:string">
74+
<xsd:enumeration value="none" />
75+
<xsd:enumeration value="account_status" />
76+
<xsd:enumeration value="all" />
77+
</xsd:restriction>
78+
</xsd:simpleType>
79+
7180
<xsd:complexType name="password_hasher">
7281
<xsd:sequence>
7382
<xsd:element name="migrate-from" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/MainConfigurationTest.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -236,7 +236,7 @@ public function testFirewalls()
236236
/**
237237
* @dataProvider provideHideUserNotFoundData
238238
*/
239-
public function testExposeSecurityErrors(array $config, ExposeSecurityLevel $expectedExposeSecurityErrors, ?bool $expectedHideUserNotFound)
239+
public function testExposeSecurityErrors(array $config, ExposeSecurityLevel $expectedExposeSecurityErrors)
240240
{
241241
$config = array_merge(static::$minimalConfig, $config);
242242

@@ -245,15 +245,15 @@ public function testExposeSecurityErrors(array $config, ExposeSecurityLevel $exp
245245
$processedConfig = $processor->processConfiguration($configuration, [$config]);
246246

247247
$this->assertEquals($expectedExposeSecurityErrors, $processedConfig['expose_security_errors']);
248-
$this->assertEquals($expectedHideUserNotFound, $processedConfig['hide_user_not_found']);
248+
$this->assertArrayNotHasKey('hide_user_not_found', $processedConfig);
249249
}
250250

251251
public static function provideHideUserNotFoundData(): iterable
252252
{
253-
yield [[], ExposeSecurityLevel::None, null];
254-
yield [['expose_security_errors' => ExposeSecurityLevel::None], ExposeSecurityLevel::None, null];
255-
yield [['expose_security_errors' => ExposeSecurityLevel::AccountStatus], ExposeSecurityLevel::AccountStatus, null];
256-
yield [['expose_security_errors' => ExposeSecurityLevel::All], ExposeSecurityLevel::All, null];
253+
yield [[], ExposeSecurityLevel::None];
254+
yield [['expose_security_errors' => ExposeSecurityLevel::None], ExposeSecurityLevel::None];
255+
yield [['expose_security_errors' => ExposeSecurityLevel::AccountStatus], ExposeSecurityLevel::AccountStatus];
256+
yield [['expose_security_errors' => ExposeSecurityLevel::All], ExposeSecurityLevel::All];
257257
}
258258

259259
/**

src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ public function __construct(
6464
if (\is_bool($exposeSecurityErrors)) {
6565
trigger_deprecation('symfony/security-http', '7.3', 'Passing a boolean as "exposeSecurityErrors" parameter is deprecated, use %s value instead.', ExposeSecurityLevel::class);
6666

67-
// The old parameter had an inverted meaning ($hideUserNotFoundExceptions), for that reeason the current name does not reflect the behavior
67+
// The old parameter had an inverted meaning ($hideUserNotFoundExceptions), for that reason the current name does not reflect the behavior
6868
$exposeSecurityErrors = $exposeSecurityErrors ? ExposeSecurityLevel::None : ExposeSecurityLevel::All;
6969
}
7070

src/Symfony/Component/Security/Http/CHANGELOG.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
CHANGELOG
22
=========
33

4+
7.3
5+
---
6+
7+
* Replace `$hideAccountStatusExceptions` argument with `$exposeSecurityErrors` in `AuthenticatorManager` constructor
8+
49
7.2
510
---
611

712
* Pass the current token to the `checkPostAuth()` method of user checkers
813
* Deprecate argument `$secret` of `RememberMeAuthenticator`
914
* Deprecate passing an empty string as `$userIdentifier` argument to `UserBadge` constructor
1015
* Allow passing passport attributes to the `UserAuthenticatorInterface::authenticateUser()` method
11-
* Replace `$hideAccountStatusExceptions` argument with `$exposeSecurityErrors` in `AuthenticatorManager` constructor
1216

1317
7.1
1418
---

0 commit comments

Comments
 (0)
0