10BC0 feature #50030 Add new twig bridge function to generate impersonation… · symfony/symfony@6ef8975 · GitHub
[go: up one dir, main page]
Skip to content

Commit 6ef8975

Browse files
fabpotfabpot
committed
feature #50030 Add new twig bridge function to generate impersonation path (PhilETaylor)
This PR was merged into the 6.4 branch. Discussion ---------- Add new twig bridge function to generate impersonation path | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | License | MIT | Doc PR | symfony/symfony-docs#... <!-- required for new features --> # Before this PR So we already have impersonation features in Symfony (https://symfony.com/doc/current/security/impersonating_user.html) and we have two twig helper functions `impersonation_exit_url` and `impersonation_exit_path ` which both work with the configuration parameter for the switch user. If the developer changes the switch parameter (`_switch_user`), then these helper functions will dynamically update the `_switch_user=_exit` type urls/paths. However, to switch TO a user, hand crafted urls with `?_switch_user=MYIDENTIFIER` like `http://example.com/somewhere?_switch_user=thomas` need to be hand crafted currently. # The problem if we now go and change `_switch_user` to be something else, like `_want_to_be_this_user ` in the Symfony configuration (Because the boss told us to do that), then all our exit path/urls will dynamically update, but our hard coded ?_switch_user=MYIDENTIFIER` will stop working. # The solution this PR provides The solution this PR provides is to provide a new Twig Helper function for the impersonation path only, taking into account the configured value in Symfony config of the parameter (default is still `_switch_user ` but can be anything like `_want_to_be_this_user` as per the docs) This new twig function can be used as such: ```twig <a href="{{ impersonation_path('mike') }}">Impersonate Mike</a> ``` This would output `?_want_to_be_this_user=mike` or if the default parameter still used would be `?_switch_user=mike` The PR repurposes the existing code to generate the paths and is backward compatible. Commits ------- 5eab5c9 Add impersonation_path twig function to generate impersonation path
2 parents 5673e7c + 5eab5c9 commit 6ef8975

File tree

2 files changed

+26
-7
lines changed

2 files changed

+26
-7
lines changed

src/Symfony/Bridge/Twig/Extension/SecurityExtension.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,12 +69,22 @@ public function getImpersonateExitPath(string $exitTo = null): string
6969
return $this->impersonateUrlGenerator->generateExitPath($exitTo);
7070
}
7171

72+
public function getImpersonatePath(string $identifier = null): string
73+
{
74+
if (null === $this->impersonateUrlGenerator) {
75+
return '';
76+
}
77+
78+
return $this->impersonateUrlGenerator->generateImpersonationPath($identifier);
79+
}
80+
7281
public function getFunctions(): array
7382
{
7483
return [
7584
new TwigFunction('is_granted', $this->isGranted(...)),
7685
new TwigFunction('impersonation_exit_url', $this->getImpersonateExitUrl(...)),
7786
new TwigFunction('impersonation_exit_path', $this->getImpersonateExitPath(...)),
87+
new TwigFunction('impersonation_path', $this->getImpersonatePath(...)),
7888
];
7989
}
8090
}

src/Symfony/Component/Security/Http/Impersonate/ImpersonateUrlGenerator.php

Lines changed: 16 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
use Symfony\Component\Security\Http\Firewall\SwitchUserListener;
1919

2020
/**
21-
* Provides generator functions for the impersonate url exit.
21+
* Provides generator functions for the impersonation urls.
2222
*
2323
* @author Amrouche Hamza <hamza.simperfit@gmail.com>
2424
* @author Damien Fayet <damienf1521@gmail.com>
@@ -36,9 +36,14 @@ public function __construct(RequestStack $requestStack, FirewallMap $firewallMap
3636
$this->firewallMap = $firewallMap;
3737
}
3838

39+
public function generateImpersonationPath(string $identifier = null): string
40+
{
41+
return $this->buildPath(null, $identifier);
42+
}
43+
3944
public function generateExitPath(string $targetUri = null): string
4045
{
41-
return $this->buildExitPath($targetUri);
46+
return $this->buildPath($targetUri);
4247
}
4348

4449
public function generateExitUrl(string $targetUri = null): string
@@ -47,27 +52,31 @@ public function generateExitUrl(string $targetUri = null): string
4752
return '';
4853
}
4954

50-
return $request->getUriForPath($this->buildExitPath($targetUri));
55+
return $request->getUriForPath($this->buildPath($targetUri));
5156
}
5257

5358
private function isImpersonatedUser(): bool
5459
{
5560
return $this->tokenStorage->getToken() instanceof SwitchUserToken;
5661
}
5762

58-
private function buildExitPath(string $targetUri = null): string
63+
private function buildPath(string $targetUri = null, string $identifier = SwitchUserListener::EXIT_VALUE): string
5964
{
60-
if (null === ($request = $this->requestStack->getCurrentRequest()) || !$this->isImpersonatedUser()) {
65+
if (null === ($request = $this->requestStack->getCurrentRequest())) {
66+
return '';
67+
}
68+
69+
if (!$this->isImpersonatedUser() && $identifier == SwitchUserListener::EXIT_VALUE){
6170
return '';
6271
}
6372

6473
if (null === $switchUserConfig = $this->firewallMap->getFirewallConfig($request)->getSwitchUser()) {
65-
throw new \LogicException('Unable to generate the impersonate exit URL without a firewall configured for the user switch.');
74+
throw new \LogicException('Unable to generate the impersonate URLs without a firewall configured for the user switch.');
6675
}
6776

6877
$targetUri ??= $request->getRequestUri();
6978

70-
$targetUri .= (parse_url($targetUri, \PHP_URL_QUERY) ? '&' : '?').http_build_query([$switchUserConfig['parameter'] => SwitchUserListener::EXIT_VALUE], '', '&');
79+
$targetUri .= (parse_url($targetUri, \PHP_URL_QUERY) ? '&' : '?').http_build_query([$switchUserConfig['parameter'] => $identifier], '', '&');
7180

7281
return $targetUri;
7382
}

0 commit comments

Comments
 (0)
0