Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 9a8779f

Browse filesBrowse files
xabbuhxabbuh
committed
add option to define the access decision manager
1 parent 10c9d19 commit 9a8779f
Copy full SHA for 9a8779f

12 files changed

+196
-7
lines changed

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
+25-1Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,26 @@ public function getConfigTreeBuilder()
5959
$rootNode = $tb->root('security');
6060

6161
$rootNode
62+
->beforeNormalization()
63+
->ifTrue(function ($v) {
64+
if (!isset($v['access_decision_manager'])) {
65+
return true;
66+
}
67+
68+
if (!isset($v['access_decision_manager']['strategy']) && !isset($v['access_decision_manager']['service'])) {
69+
return true;
70+
}
71+
72+
return false;
73+
})
74+
->then(function ($v) {
75+
$v['access_decision_manager'] = array(
76+
'strategy' => AccessDecisionManager::STRATEGY_AFFIRMATIVE,
77+
);
78+
79+
return $v;
80+
})
81+
->end()
6282
->children()
6383
->scalarNode('access_denied_url')->defaultNull()->example('/foo/error403')->end()
6484
->enumNode('session_fixation_strategy')
@@ -73,11 +93,15 @@ public function getConfigTreeBuilder()
7393
->children()
7494
->enumNode('strategy')
7595
->values(array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, AccessDecisionManager::STRATEGY_CONSENSUS, AccessDecisionManager::STRATEGY_UNANIMOUS))
76-
->defaultValue(AccessDecisionManager::STRATEGY_AFFIRMATIVE)
7796
->end()
97+
->scalarNode('service')->end()
7898
->booleanNode('allow_if_all_abstain')->defaultFalse()->end()
7999
->booleanNode('allow_if_equal_granted_denied')->defaultTrue()->end()
80100
->end()
101+
->validate()
102+
->ifTrue(function ($v) { return isset($v['strategy']) && isset($v['service']); })
103+
->thenInvalid('"strategy" and "service" cannot be used together.')
104+
->end()
81105
->end()
82106
->end()
83107
;

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+11-6Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -79,12 +79,17 @@ public function load(array $configs, ContainerBuilder $container)
7979
$container->setParameter('security.access.denied_url', $config['access_denied_url']);
8080
$container->setParameter('security.authentication.manager.erase_credentials', $config['erase_credentials']);
8181
$container->setParameter('security.authentication.session_strategy.strategy', $config['session_fixation_strategy']);
82-
$container
83-
->getDefinition('security.access.decision_manager')
84-
->addArgument($config['access_decision_manager']['strategy'])
85-
->addArgument($config['access_decision_manager']['allow_if_all_abstain'])
86-
->addArgument($config['access_decision_manager']['allow_if_equal_granted_denied'])
87-
;
82+
83+
if (isset($config['access_decision_manager']['service'])) {
84+
$container->setAlias('security.access.decision_manager', $config['access_decision_manager']['service']);
85+
} else {
86+
$container
87+
->getDefinition('security.access.decision_manager')
88+
->addArgument($config['access_decision_manager']['strategy'])
89+
->addArgument($config['access_decision_manager']['allow_if_all_abstain'])
90+
->addArgument($config['access_decision_manager']['allow_if_equal_granted_denied']);
91+
}
92+
8893
$container->setParameter('security.access.always_authenticate_before_granting', $config['always_authenticate_before_granting']);
8994
$container->setParameter('security.authentication.hide_user_not_found', $config['hide_user_not_found']);
9095

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
+24Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
use Symfony\Bundle\SecurityBundle\SecurityBundle;
1616
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
1717
use Symfony\Component\DependencyInjection\ContainerBuilder;
18+
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
1819

1920
abstract class CompleteConfigurationTest extends \PHPUnit_Framework_TestCase
2021
{
@@ -334,6 +335,29 @@ public function testUserCheckerConfigWithNoCheckers()
334335
$this->assertEquals('security.user_checker', $this->getContainer('container1')->getAlias('security.user_checker.secure'));
335336
}
336337

338+
public function testDefaultAccessDecisionManagerStrategyIsAffirmative()
339+
{
340+
$container = $this->getContainer('access_decision_manager_default_strategy');
341+
342+
$this->assertSame(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $container->getDefinition('security.access.decision_manager')->getArgument(1), 'Default vote strategy is affirmative');
343+
}
344+
345+
public function testCustomAccessDecisionManagerService()
346+
{
347+
$container = $this->getContainer('access_decision_manager_service');
348+
349+
$this->assertSame('app.access_decision_manager', (string) $container->getAlias('security.access.decision_manager'), 'The custom access decision manager service is aliased');
350+
}
351+
352+
/**
353+
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
354+
* @expectedExceptionMessage "strategy" and "service" cannot be used together.
355+
*/
356+
public function testAccessDecisionManagerServiceAndStrategyCannotBeUsedAtTheSameTime()
357+
{
358+
$container = $this->getContainer('access_decision_manager_service_and_strategy');
359+
}
360+
337361
protected function getContainer($file)
338362
{
339363
$file = $file.'.'.$this->getFileExtension();

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_default_strategy.php

Copy file name to clipboard
+16Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?php
2+
3+
$container->loadFromExtension('security', array(
4+
'providers' => array(
5+
'default' => array(
6+
'memory' => array(
7+
'users' => array(
8+
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
9+
),
10+
),
11+
),
12+
),
13+
'firewalls' => array(
14+
'simple' => array('pattern' => '/login', 'security' => false),
15+
),
16+
));

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_service.php

Copy file name to clipboard
+19Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
<?php
2+
3+
$container->loadFromExtension('security', array(
4+
'access_decision_manager' => array(
5+
'service' => 'app.access_decision_manager',
6+
),
7+
'providers' => array(
8+
'default' => array(
9+
'memory' => array(
10+
'users' => array(
11+
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
12+
),
13+
),
14+
),
15+
),
16+
'firewalls' => array(
17+
'simple' => array('pattern' => '/login', 'security' => false),
18+
),
19+
));

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_service_and_strategy.php

Copy file name to clipboard
+20Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
<?php
2+
3+
$container->loadFromExtension('security', array(
4+
'access_decision_manager' => array(
5+
'service' => 'app.access_decision_manager',
6+
'strategy' => 'affirmative',
7+
),
8+
'providers' => array(
9+
'default' => array(
10+
'memory' => array(
11+
'users' => array(
12+
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
13+
),
14+
),
15+
),
16+
),
17+
'firewalls' => array(
18+
'simple' => array('pattern' => '/login', 'security' => false),
19+
),
20+
));

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_default_strategy.xml

Copy file name to clipboard
+16Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<srv:container xmlns="http://symfony.com/schema/dic/security"
3+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xmlns:srv="http://symfony.com/schema/dic/services"
5+
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
6+
7+
<config>
8+
<provider name="default">
9+
<memory>
10+
<user name="foo" password="foo" roles="ROLE_USER" />
11+
</memory>
12+
</provider>
13+
14+
<firewall name="simple" pattern="/login" security="false" />
15+
</config>
16+
</srv:container>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_service.xml

Copy file name to clipboard
+18Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<srv:container xmlns="http://symfony.com/schema/dic/security"
3+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xmlns:srv="http://symfony.com/schema/dic/services"
5+
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
6+
7+
<config>
8+
<access-decision-manager service="app.access_decision_manager" />
9+
10+
<provider name="default">
11+
<memory>
12+
<user name="foo" password="foo" roles="ROLE_USER" />
13+
</memory>
14+
</provider>
15+
16+
<firewall name="simple" pattern="/login" security="false" />
17+
</config>
18+
</srv:container>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_service_and_strategy.xml

Copy file name to clipboard
+18Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<srv:container xmlns="http://symfony.com/schema/dic/security"
3+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xmlns:srv="http://symfony.com/schema/dic/services"
5+
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
6+
7+
<config>
8+
<access-decision-manager service="app.access_decision_manager" strategy="affirmative" />
9+
10+
<provider name="default">
11+
<memory>
12+
<user name="foo" password="foo" roles="ROLE_USER" />
13+
</memory>
14+
</provider>
15+
16+
<firewall name="simple" pattern="/login" security="false" />
17+
</config>
18+
</srv:container>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_default_strategy.yml

Copy file name to clipboard
+8Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
security:
2+
providers:
3+
default:
4+
memory:
5+
users:
6+
foo: { password: foo, roles: ROLE_USER }
7+
firewalls:
8+
simple: { pattern: /login, security: false }

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_service.yml

Copy file name to clipboard
+10Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
security:
2+
access_decision_manager:
3+
service: app.access_decision_manager
4+
providers:
5+
default:
6+
memory:
7+
users:
8+
foo: { password: foo, roles: ROLE_USER }
9+
firewalls:
10+
simple: { pattern: /login, security: false }

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_service_and_strategy.yml

Copy file name to clipboard
+11Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
security:
2+
access_decision_manager:
3+
service: app.access_decision_manager
4+
strategy: affirmative
5+
providers:
6+
default:
7+
memory:
8+
users:
9+
foo: { password: foo, roles: ROLE_USER }
10+
firewalls:
11+
simple: { pattern: /login, security: false }

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.