8000 deprecate the Role and SwitchUserRole classes · symfony/symfony@729a3aa · GitHub
[go: up one dir, main page]
Skip to content

Commit 729a3aa

Browse files
xabbuhxabbuh
committed
deprecate the Role and SwitchUserRole classes
1 parent abeb86b commit 729a3aa

File tree

5 files changed

+77
-76
lines changed

5 files changed

+77
-76
lines changed

src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,18 +20,20 @@ class UsernamePasswordToken extends AbstractToken
2020
{
2121
private $credentials;
2222
private $providerKey;
23+
private $previousToken;
2324

2425
/**
2526
* Constructor.
2627
*
27-
* @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
28-
* @param string $credentials This usually is the password of the user
29-
* @param string $providerKey The provider key
30-
* @param (RoleInterface|string)[] $roles An array of roles
28+
* @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
29+
* @param string $credentials This usually is the password of the user
30+
* @param string $providerKey The provider key
31+
* @param (RoleInterface|string)[] $roles An array of roles
32+
* @param TokenInterface|null $previousToken The token of the user that switched to the current user
3133
*
3234
* @throws \InvalidArgumentException
3335
*/
34-
public function __construct($user, $credentials, $providerKey, array $roles = array())
36+
public function __construct($user, $credentials, $providerKey, array $roles = array(), TokenInterface $previousToken = null)
3537
{
3638
parent::__construct($roles);
3739

@@ -42,6 +44,7 @@ public function __construct($user, $credentials, $providerKey, array $roles = ar
4244
$this->setUser($user);
4345
$this->credentials = $credentials;
4446
$this->providerKey = $providerKey;
47+
$this->previousToken = $previousToken;
4548

4649
parent::setAuthenticated(count($roles) > 0);
4750
}
@@ -76,6 +79,16 @@ public function getProviderKey()
7679
return $this->providerKey;
7780
}
7881

82+
public function isUserSwitched()
83+
{
84+
return null !== $this->previousToken;
85+
}
86+
87+
public function getPreviousToken()
88+
{
89+
return $this->previousToken;
90+
}
91+
7992
/**
8093
* {@inheritdoc}
8194
*/

src/Symfony/Component/Security/Core/Role/SwitchUserRole.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,12 @@
1818
* another one.
1919
*
2020
* @author Fabien Potencier <fabien@symfony.com>
21+
*
22+
* @deprecated since version 3.3 and will be removed in 4.0. Use strings as roles instead.
2123
*/
2224
class SwitchUserRole extends Role
2325
{
26+
private static $deprecationTriggered = false;
2427
private $source;
2528

2629
/**
@@ -31,6 +34,12 @@ class SwitchUserRole extends Role
3134
*/
3235
public function __construct($role, TokenInterface $source)
3336
{
37+
if (!self::$deprecationTriggered && (func_num_args() < 3 || func_get_arg(2))) {
38+
@trigger_error(sprintf('The "%s" class is deprecated since version 3.3 and will be removed in 4.0. Use strings as roles instead.', SwitchUserRole::class), E_USER_DEPRECATED);
39+
40+
self::$deprecationTriggered = true;
41+
}
42+
3443
parent::__construct($role);
3544

3645
$this->source = $source;
@@ -43,6 +52,12 @@ public function __construct($role, TokenInterface $source)
4352
*/
4453
public function getSource()
4554
{
55+
if (!self::$deprecationTriggered) {
56+
@trigger_error(sprintf('The "%s" class is deprecated since version 3.3 and will be removed in 4.0. Use strings as roles instead.', SwitchUserRole::class), E_USER_DEPRECATED);
57+
58+
self::$deprecationTriggered = true;
59+
}
60+
4661
return $this->source;
4762
}
4863
}

src/Symfony/Component/Security/Core/Tests/Role/SwitchUserRoleTest.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,9 @@
1414
use PHPUnit\Framework\TestCase;
1515
use Symfony\Component\Security\Core\Role\SwitchUserRole;
1616

17+
/**
18+
* @group legacy
19+
*/
1720
class SwitchUserRoleTest extends TestCase
1821
{
1922
public function testGetSource()

src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -138,9 +138,9 @@ private function attemptSwitchUser(Request $request)
138138
$this->userChecker->checkPostAuth($user);
139139

140140
$roles = $user->getRoles();
141-
$roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->tokenStorage->getToken());
141+
$roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->tokenStorage->getToken(), false);
142142

143-
$token = new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey, $roles);
143+
$token = new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey, $roles, $token);
144144

145145
if (null !== $this->dispatcher) {
146146
$switchEvent = new SwitchUserEvent($request, $token->getUser());
@@ -183,12 +183,14 @@ private function attemptExitUser(Request $request)
183183
*/
184184
private function getOriginalToken(TokenInterface $token)
185185
{
186-
foreach ($token->getRoles() as $role) {
187-
if ($role instanceof SwitchUserRole) {
188-
return $role->getSource();
189-
}
186+
if (!$token instanceof UsernamePasswordToken) {
187+
return false;
188+
}
189+
190+
if (!$token->isUserSwitched()) {
191+
return false;
190192
}
191193

192-
return false;
194+
return $token->getPreviousToken();
193195
}
194196
}

src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php

Lines changed: 32 additions & 64 deletions
10000
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,12 @@
1212
namespace Symfony\Component\Security\Http\Tests\Firewall;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Component\Security\Core\Authenti F438 cation\Token\Storage\TokenStorage;
16+
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
17+
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
1518
use Symfony\Component\Security\Core\Role\Role;
19+
use Symfony\Component\Security\Core\Role\SwitchUserRole;
20+
use Symfony\Component\Security\Core\User\UserInterface;
1621
use Symfony\Component\Security\Http\Event\SwitchUserEvent;
1722
use Symfony\Component\Security\Http\Firewall\SwitchUserListener;
1823
use Symfony\Component\Security\Http\SecurityEvents;
@@ -33,7 +38,7 @@ class SwitchUserListenerTest extends TestCase
3338

3439
protected function setUp()
3540
{
36-
$this->tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
41+
$this->tokenStorage = new TokenStorage();
3742
$this->userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
3843
$this->userChecker = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserCheckerInterface')->getMock();
3944
$this->accessDecisionManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface')->getMock();
@@ -57,20 +62,21 @@ public function testEventIsIgnoredIfUsernameIsNotPassedWithTheRequest()
5762
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue(null));
5863

5964
$this->event->expects($this->never())->method('setResponse');
60-
$this->tokenStorage->expects($this->never())->method('setToken');
6165

6266
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
6367
$listener->handle($this->event);
68+
69+
$this->assertNull($this->tokenStorage->getToken());
6470
}
6571

6672
/**
6773
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
6874
*/
6975
public function testExitUserThrowsAuthenticationExceptionIfOriginalTokenCannotBeFound()
7076
{
71-
$token = $this->getToken(array(new Role('the role')));
77+
$token = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array(new Role('the role')));
7278

73-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
79+
$this->tokenStorage->setToken($token);
7480
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit'));
7581

7682
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
@@ -79,29 +85,23 @@ public function testExitUserThrowsAuthenticationExceptionIfOriginalTokenCannotBe
7985

8086
public function testExitUserUpdatesToken()
8187
{
82-
$originalToken = $this->getToken();
83-
$role = $this->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
84-
->disableOriginalConstructor()
85-
->getMock();
86-
$role->expects($this->any())->method('getSource')->will($this->returnValue($originalToken));
88+
$originalToken = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock());
8789

88-
$this->tokenStorage->expects($this->any())
89-
->method('getToken')
90-
->will($this->returnValue($this->getToken(array($role))));
90+
$this->tokenStorage->setToken($this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array('ROLE_PREVIOUS_ADMIN'), $originalToken));
9191

9292
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit'));
9393
$this->request->expects($this->any())->method('getUri')->will($this->returnValue('/'));
9494
$this->request->query->expects($this->once())->method('remove', '_switch_user');
9595
$this->request->query->expects($this->any())->method('all')->will($this->returnValue(array()));
9696
$this->request->server->expects($this->once())->method('set')->with('QUERY_STRING', '');
9797

98-
$this->tokenStorage->expects($this->once())
99-
->method('setToken')->with($originalToken);
10098
$this->event->expects($this->once())
10199
->method('setResponse')->with($this->isInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse'));
102100

103101
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
104102
$listener->handle($this->event);
103+
104+
$this->assertSame($originalToken, $this->tokenStorage->getToken());
105105
}
106106

107107
public function testExitUserDispatchesEventWithRefreshedUser()
@@ -114,21 +114,9 @@ public function testExitUserDispatchesEventWithRefreshedUser()
114114
->method('refreshUser')
115115
->with($originalUser)
116116
->willReturn($refreshedUser);
117-
$originalToken = $this->getToken();
118-
$originalToken
119-
->expects($this->any())
120-
->method('getUser')
121-
->willReturn($originalUser);
122-
$role = $this
123-
->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
124-
->disableOriginalConstructor()
125-
->getMock();
126-
$role->expects($this->any())->method('getSource')->willReturn($originalToken);
127-
$this
128-
->tokenStorage
129-
->expects($this->any())
130-
->method('getToken')
131-
->willReturn($this->getToken(array($role)));
117+
$originalToken = $this->getToken($originalUser);
118+
$role = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $originalToken, false);
119+
$this->tokenStorage->setToken($this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array($role), $originalToken));
132120
$this
133121
->request
134122
->expects($this->any())
@@ -167,24 +155,8 @@ public function testExitUserDoesNotDispatchEventWithStringUser()
167155
->userProvider
168156
->expects($this->never())
169157
->method('refreshUser');
170-
$originalToken = $this->getToken();
171-
$originalToken
172-
->expects($this->any())
173-
->method('getUser')
174-
->willReturn($originalUser);
175-
$role = $this
176-
->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
177-
->disableOriginalConstructor()
178-
->getMock();
179-
$role
180-
->expects($this->any())
181-
->method('getSource')
182-
->willReturn($originalToken);
183-
$this
184-
->tokenStorage
185-
->expects($this->any())
186-
->method('getToken')
187-
->willReturn($this->getToken(array($role)));
158+
$originalToken = $this->getToken($originalUser);
159+
$this->tokenStorage->setToken($this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array('ROLE_PREVIOUS_ADMIN'), $originalToken));
188160
$this
189161
->request
190162
->expects($this->any())
@@ -218,9 +190,9 @@ public function testExitUserDoesNotDispatchEventWithStringUser()
218190
*/
219191
public function testSwitchUserIsDisallowed()
220192
{
221-
$token = $this->getToken(array(new Role('the role')));
193+
$token = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array(new Role('the role')));
222194

223-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
195+
$this->tokenStorage->setToken($token);
224196
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba'));
225197

226198
$this->accessDecisionManager->expects($this->once())
@@ -233,11 +205,11 @@ public function testSwitchUserIsDisallowed()
233205

234206
public function testSwitchUser()
235207
{
236-
$token = $this->getToken(array(new Role('the role')));
208+
$token = $this->getToken('username', array(new Role('the role')));
237209
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
238210
$user->expects($this->any())->method('getRoles')->will($this->returnValue(array()));
239211

240-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
212+
$this->tokenStorage->setToken($token);
241213
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba'));
242214
$this->request->query->expects($this->once())->method('remove', '_switch_user');
243215
$this->request->query->expects($this->any())->method('all')->will($this->returnValue(array()));
@@ -254,20 +226,21 @@ public function testSwitchUser()
254226
->will($this->returnValue($user));
255227
$this->userChecker->expects($this->once())
256228
->method('checkPostAuth')->with($user);
257-
$this->tokenStorage->expects($this->once())
258-
->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken'));
259229

260230
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
261231
$listener->handle($this->event);
232+
233+
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $this->tokenStorage->getToken());
234+
$this->assertSame($token, $this->tokenStorage->getToken()->getPreviousToken());
262235
}
263236

264237
public function testSwitchUserKeepsOtherQueryStringParameters()
265238
{
266-
$token = $this->getToken(array(new Role('the role')));
239+
$token = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array(new Role('the role')));
267240
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
268241
$user->expects($this->any())->method('getRoles')->will($this->returnValue(array()));
269242

270-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
243+
$this->tokenStorage->setToken($token);
271244
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba'));
272245
$this->request->query->expects($this->once())->method('remove', '_switch_user');
273246
$this->request->query->expects($this->any())->method('all')->will($this->returnValue(array('page' => 3, 'section' => 2)));
@@ -283,11 +256,11 @@ public function testSwitchUserKeepsOtherQueryStringParameters()
283256
->will($this->returnValue($user));
284257
$this->userChecker->expects($this->once())
285258
->method('checkPostAuth')->with($user);
286-
$this->tokenStorage->expects($this->once())
287-
->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken'));
288259

289260
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
290261
$listener->handle($this->event);
262+
263+
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $this->tokenStorage->getToken());
291264
}
292265

293266
private function getEvent($request)
@@ -303,13 +276,8 @@ private function getEvent($request)
303276
return $event;
304277
}
305278

306-
private function getToken(array $roles = array())
279+
private function getToken($user, array $roles = array(), TokenInterface $previousToken = null)
307280
{
308-
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
309-
$token->expects($this->any())
310-
->method('getRoles')
311-
->will($this->returnValue($roles));
312-
313-
return $token;
281+
return new UsernamePasswordToken($user, 'password', 'provider', $roles, $previousToken);
314282
}
315283
}

0 commit comments

Comments
 (0)
0