Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit ba9fd2f

Browse filesBrowse files
xabbuhxabbuh
committed
add option to define the access decision manager
1 parent 36a8160 commit ba9fd2f
Copy full SHA for ba9fd2f

12 files changed

+196
-7
lines changed

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
+25-1Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,26 @@ public function getConfigTreeBuilder()
5959
$rootNode = $tb->root('security');
6060

6161
$rootNode
62+
->beforeNormalization()
63+
->ifTrue(function ($v) {
64+
if (!isset($v['access_decision_manager'])) {
65+
return true;
66+
}
67+
68+
if (!isset($v['access_decision_manager']['strategy']) && !isset($v['access_decision_manager']['service'])) {
69+
return true;
70+
}
71+
72+
return false;
73+
})
74+
->then(function ($v) {
75+
$v['access_decision_manager'] = array(
76+
'strategy' => AccessDecisionManager::STRATEGY_AFFIRMATIVE,
77+
);
78+
79+
return $v;
80+
})
81+
->end()
6282
->children()
6383
->scalarNode('access_denied_url')->defaultNull()->example('/foo/error403')->end()
6484
->enumNode('session_fixation_strategy')
@@ -73,11 +93,15 @@ public function getConfigTreeBuilder()
7393
->children()
7494
->enumNode('strategy')
7595
->values(array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, AccessDecisionManager::STRATEGY_CONSENSUS, AccessDecisionManager::STRATEGY_UNANIMOUS))
76-
->defaultValue(AccessDecisionManager::STRATEGY_AFFIRMATIVE)
7796
->end()
97+
->scalarNode('service')->end()
7898
->booleanNode('allow_if_all_abstain')->defaultFalse()->end()
7999
->booleanNode('allow_if_equal_granted_denied')->defaultTrue()->end()
80100
->end()
101+
->validate()
102+
->ifTrue(function ($v) { return isset($v['strategy']) && isset($v['service']); })
103+
->thenInvalid('"strategy" and "service" cannot be used together.')
104+
->end()
81105
->end()
82106
->end()
83107
;

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+11-6Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -83,12 +83,17 @@ public function load(array $configs, ContainerBuilder $container)
8383
$container->setParameter('security.access.denied_url', $config['access_denied_url']);
8484
$container->setParameter('security.authentication.manager.erase_credentials', $config['erase_credentials']);
8585
$container->setParameter('security.authentication.session_strategy.strategy', $config['session_fixation_strategy']);
86-
$container
87-
->getDefinition('security.access.decision_manager')
88-
->addArgument($config['access_decision_manager']['strategy'])
89-
->addArgument($config['access_decision_manager']['allow_if_all_abstain'])
90-
->addArgument($config['access_decision_manager']['allow_if_equal_granted_denied'])
91-
;
86+
87+
if (isset($config['access_decision_manager']['service'])) {
88+
$container->setAlias('security.access.decision_manager', $config['access_decision_manager']['service']);
89+
} else {
90+
$container
91+
->getDefinition('security.access.decision_manager')
92+
->addArgument($config['access_decision_manager']['strategy'])
93+
->addArgument($config['access_decision_manager']['allow_if_all_abstain'])
94+
->addArgument($config['access_decision_manager']['allow_if_equal_granted_denied']);
95+
}
96+
9297
$container->setParameter('security.access.always_authenticate_before_granting', $config['always_authenticate_before_granting']);
9398
$container->setParameter('security.authentication.hide_user_not_found', $config['hide_user_not_found']);
9499

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
+24Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
use Symfony\Bundle\SecurityBundle\SecurityBundle;
1717
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
1818
use Symfony\Component\DependencyInjection\ContainerBuilder;
19+
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
1920

2021
abstract class CompleteConfigurationTest extends TestCase
2122
{
@@ -350,6 +351,29 @@ public function testUserPasswordEncoderCommandIsRegistered()
350351
$this->assertTrue($this->getContainer('remember_me_options')->has('security.console.user_password_encoder_command'));
351352
}
352353

354+
public function testDefaultAccessDecisionManagerStrategyIsAffirmative()
355+
{
356+
$container = $this->getContainer('access_decision_manager_default_strategy');
357+
358+
$this->assertSame(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $container->getDefinition('security.access.decision_manager')->getArgument(1), 'Default vote strategy is affirmative');
359+
}
360+
361+
public function testCustomAccessDecisionManagerService()
362+
{
363+
$container = $this->getContainer('access_decision_manager_service');
364+
365+
$this->assertSame('app.access_decision_manager', (string) $container->getAlias('security.access.decision_manager'), 'The custom access decision manager service is aliased');
366+
}
367+
368+
/**
369+
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
370+
* @expectedExceptionMessage "strategy" and "service" cannot be used together.
371+
*/
372+
public function testAccessDecisionManagerServiceAndStrategyCannotBeUsedAtTheSameTime()
373+
{
374+
$container = $this->getContainer('access_decision_manager_service_and_strategy');
375+
}
376+
353377
protected function getContainer($file)
354378
{
355379
$file = $file.'.'.$this->getFileExtension();

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_default_strategy.php

Copy file name to clipboard
+16Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?php
2+
3+
$container->loadFromExtension('security', array(
4+
'providers' => array(
5+
'default' => array(
6+
'memory' => array(
7+
'users' => array(
8+
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
9+
),
10+
),
11+
),
12+
),
13+
'firewalls' => array(
14+
'simple' => array('pattern' => '/login', 'security' => false),
15+
),
16+
));

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_service.php

Copy file name to clipboard
+19Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
<?php
2+
3+
$container->loadFromExtension('security', array(
4+
'access_decision_manager' => array(
5+
'service' => 'app.access_decision_manager',
6+
),
7+
'providers' => array(
8+
'default' => array(
9+
'memory' => array(
10+
'users' => array(
11+
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
12+
),
13+
),
14+
),
15+
),
16+
'firewalls' => array(
17+
'simple' => array('pattern' => '/login', 'security' => false),
18+
),
19+
));

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_service_and_strategy.php

Copy file name to clipboard
+20Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
<?php
2+
3+
$container->loadFromExtension('security', array(
4+
'access_decision_manager' => array(
5+
'service' => 'app.access_decision_manager',
6+
'strategy' => 'affirmative',
7+
),
8+
'providers' => array(
9+
'default' => array(
10+
'memory' => array(
11+
'users' => array(
12+
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
13+
),
14+
),
15+
),
16+
),
17+
'firewalls' => array(
18+
'simple' => array('pattern' => '/login', 'security' => false),
19+
),
20+
));

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_default_strategy.xml

Copy file name to clipboard
+16Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<srv:container xmlns="http://symfony.com/schema/dic/security"
3+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xmlns:srv="http://symfony.com/schema/dic/services"
5+
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
6+
7+
<config>
8+
<provider name="default">
9+
<memory>
10+
<user name="foo" password="foo" roles="ROLE_USER" />
11+
</memory>
12+
</provider>
13+
14+
<firewall name="simple" pattern="/login" security="false" />
15+
</config>
16+
</srv:container>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_service.xml

Copy file name to clipboard
+18Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<srv:container xmlns="http://symfony.com/schema/dic/security"
3+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xmlns:srv="http://symfony.com/schema/dic/services"
5+
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
6+
7+
<config>
8+
<access-decision-manager service="app.access_decision_manager" />
9+
10+
<provider name="default">
11+
<memory>
12+
<user name="foo" password="foo" roles="ROLE_USER" />
13+
</memory>
14+
</provider>
15+
16+
<firewall name="simple" pattern="/login" security="false" />
17+
</config>
18+
</srv:container>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_service_and_strategy.xml

Copy file name to clipboard
+18Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<srv:container xmlns="http://symfony.com/schema/dic/security"
3+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xmlns:srv="http://symfony.com/schema/dic/services"
5+
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
6+
7+
<config>
8+
<access-decision-manager service="app.access_decision_manager" strategy="affirmative" />
9+
10+
<provider name="default">
11+
<memory>
12+
<user name="foo" password="foo" roles="ROLE_USER" />
13+
</memory>
14+
</provider>
15+
16+
<firewall name="simple" pattern="/login" security="false" />
17+
</config>
18+
</srv:container>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_default_strategy.yml

Copy file name to clipboard
+8Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
security:
2+
providers:
3+
default:
4+
memory:
5+
users:
6+
foo: { password: foo, roles: ROLE_USER }
7+
firewalls:
8+
simple: { pattern: /login, security: false }

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_service.yml

Copy file name to clipboard
+10Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
security:
2+
access_decision_manager:
3+
service: app.access_decision_manager
4+
providers:
5+
default:
6+
memory:
7+
users:
8+
foo: { password: foo, roles: ROLE_USER }
9+
firewalls:
10+
simple: { pattern: /login, security: false }

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_service_and_strategy.yml

Copy file name to clipboard
+11Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
security:
2+
access_decision_manager:
3+
service: app.access_decision_manager
4+
strategy: affirmative
5+
providers:
6+
default:
7+
memory:
8+
users:
9+
foo: { password: foo, roles: ROLE_USER }
10+
firewalls:
11+
simple: { pattern: /login, security: false }

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.