Skip to content

Commit 729a3aa

Browse files
xabbuhxabbuh
committed
deprecate the Role and SwitchUserRole classes
1 parent abeb86b commit 729a3aa

File tree

5 files changed

+77
-76
lines changed

5 files changed

+77
-76
lines changed

src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,18 +20,20 @@ class UsernamePasswordToken extends AbstractToken
2020
{
2121
private $credentials;
2222
private $providerKey;
23+
private $previousToken;
2324

2425
/**
2526
* Constructor.
2627
*
27-
* @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
28-
* @param string $credentials This usually is the password of the user
29-
* @param string $providerKey The provider key
30-
* @param (RoleInterface|string)[] $roles An array of roles
28+
* @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
29+
* @param string $credentials This usually is the password of the user
30+
* @param string $providerKey The provider key
31+
* @param (RoleInterface|string)[] $roles An array of roles
32+
* @param TokenInterface|null $previousToken The token of the user that switched to the current user
3133
*
3234
* @throws \InvalidArgumentException
3335
*/
34-
public function __construct($user, $credentials, $providerKey, array $roles = array())
36+
public function __construct($user, $credentials, $providerKey, array $roles = array(), TokenInterface $previousToken = null)
3537
{
3638
parent::__construct($roles);
3739

@@ -42,6 +44,7 @@ public function __construct($user, $credentials, $providerKey, array $roles = ar
4244
$this->setUser($user);
4345
$this->credentials = $credentials;
4446
$this->providerKey = $providerKey;
47+
$this->previousToken = $previousToken;
4548

4649
parent::setAuthenticated(count($roles) > 0);
4750
}
@@ -76,6 +79,16 @@ public function getProviderKey()
7679
return $this->providerKey;
7780
}
7881

82+
public function isUserSwitched()
83+
{
84+
return null !== $this->previousToken;
85+
}
86+
87+
public function getPreviousToken()
88+
{
89+
return $this->previousToken;
90+
}
91+
7992
/**
8093
* {@inheritdoc}
8194
*/

src/Symfony/Component/Security/Core/Role/SwitchUserRole.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,12 @@
1818
* another one.
1919
*
2020
* @author Fabien Potencier <fabien@symfony.com>
21+
*
22+
* @deprecated since version 3.3 and will be removed in 4.0. Use strings as roles instead.
2123
*/
2224
class SwitchUserRole extends Role
2325
{
26+
private static $deprecationTriggered = false;
2427
private $source;
2528

2629
/**
@@ -31,6 +34,12 @@ class SwitchUserRole extends Role
3134
*/
3235
public function __construct($role, TokenInterface $source)
3336
{
37+
if (!self::$deprecationTriggered && (func_num_args() < 3 || func_get_arg(2))) {
38+
@trigger_error(sprintf('The "%s" class is deprecated since version 3.3 and will be removed in 4.0. Use strings as roles instead.', SwitchUserRole::class), E_USER_DEPRECATED);
39+
40+
self::$deprecationTriggered = true;
41+
}
42+
3443
parent::__construct($role);
3544

3645
$this->source = $source;
@@ -43,6 +52,12 @@ public function __construct($role, TokenInterface $source)
4352
*/
4453
public function getSource()
4554
{
55+
if (!self::$deprecationTriggered) {
56+
@trigger_error(sprintf('The "%s" class is deprecated since version 3.3 and will be removed in 4.0. Use strings as roles instead.', SwitchUserRole::class), E_USER_DEPRECATED);
57+
58+
self::$deprecationTriggered = true;
59+
}
60+
4661
return $this->source;
4762
}
4863
}

src/Symfony/Component/Security/Core/Tests/Role/SwitchUserRoleTest.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,9 @@
1414
use PHPUnit\Framework\TestCase;
1515
use Symfony\Component\Security\Core\Role\SwitchUserRole;
1616

17+
/**
18+
* @group legacy
19+
*/
1720
class SwitchUserRoleTest extends TestCase
1821
{
1922
public function testGetSource()

src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -138,9 +138,9 @@ private function attemptSwitchUser(Request $request)
138138
$this->userChecker->checkPostAuth($user);
139139

140140
$roles = $user->getRoles();
141-
$roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->tokenStorage->getToken());
141+
$roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->tokenStorage->getToken(), false);
142142

143-
$token = new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey, $roles);
143+
$token = new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey, $roles, $token);
144144

145145
if (null !== $this->dispatcher) {
146146
$switchEvent = new SwitchUserEvent($request, $token->getUser());
@@ -183,12 +183,14 @@ private function attemptExitUser(Request $request)
183183
*/
184184
private function getOriginalToken(TokenInterface $token)
185185
{
186-
foreach ($token->getRoles() as $role) {
187-
if ($role instanceof SwitchUserRole) {
188-
return $role->getSource();
189-
}
186+
if (!$token instanceof UsernamePasswordToken) {
187+
return false;
188+
}
189+
190+
if (!$token->isUserSwitched()) {
191+
return false;
190192
}
191193

192-
return false;
194+
return $token->getPreviousToken();
193195
}
194196
}

src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php

Lines changed: 32 additions & 64 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,12 @@
1212
namespace Symfony\Component\Security\Http\Tests\Firewall;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
16+
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
17+
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
1518
use Symfony\Component\Security\Core\Role\Role;
19+
use Symfony\Component\Security\Core\Role\SwitchUserRole;
20+
use Symfony\Component\Security\Core\User\UserInterface;
1621
use Symfony\Component\Security\Http\Event\SwitchUserEvent;
1722
use Symfony\Component\Security\Http\Firewall\SwitchUserListener;
1823
use Symfony\Component\Security\Http\SecurityEvents;
@@ -33,7 +38,7 @@ class SwitchUserListenerTest extends TestCase
3338

3439
protected function setUp()
3540
{
36-
$this->tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
41+
$this->tokenStorage = new TokenStorage();
3742
$this->userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
3843
$this->userChecker = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserCheckerInterface')->getMock();
3944
$this->accessDecisionManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface')->getMock();
@@ -57,20 +62,21 @@ public function testEventIsIgnoredIfUsernameIsNotPassedWithTheRequest()
5762
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue(null));
5863

5964
$this->event->expects($this->never())->method('setResponse');
60-
$this->tokenStorage->expects($this->never())->method('setToken');
6165

6266
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
6367
$listener->handle($this->event);
68+
69+
$this->assertNull($this->tokenStorage->getToken());
6470
}
6571

6672
/**
6773
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
6874
*/
6975
public function testExitUserThrowsAuthenticationExceptionIfOriginalTokenCannotBeFound()
7076
{
71-
$token = $this->getToken(array(new Role('the role')));
77+
$token = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array(new Role('the role')));
7278

73-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
79+
$this->tokenStorage->setToken($token);
7480
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit'));
7581

7682
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
@@ -79,29 +85,23 @@ public function testExitUserThrowsAuthenticationExceptionIfOriginalTokenCannotBe
7985

8086
public function testExitUserUpdatesToken()
8187
{
82-
$originalToken = $this->getToken();
83-
$role = $this->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
84-
->disableOriginalConstructor()
85-
->getMock();
86-
$role->expects($this->any())->method('getSource')->will($this->returnValue($originalToken));
88+
$originalToken = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock());
8789

88-
$this->tokenStorage->expects($this->any())
89-
->method('getToken')
90-
->will($this->returnValue($this->getToken(array($role))));
90+
$this->tokenStorage->setToken($this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array('ROLE_PREVIOUS_ADMIN'), $originalToken));
9191

9292
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit'));
9393
$this->request->expects($this->any())->method('getUri')->will($this->returnValue('/'));
9494
$this->request->query->expects($this->once())->method('remove', '_switch_user');
9595
$this->request->query->expects($this->any())->method('all')->will($this->returnValue(array()));
9696
$this->request->server->expects($this->once())->method('set')->with('QUERY_STRING', '');
9797

98-
$this->tokenStorage->expects($this->once())
99-
->method('setToken')->with($originalToken);
10098
$this->event->expects($this->once())
10199
->method('setResponse')->with($this->isInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse'));
102100

103101
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
104102
$listener->handle($this->event);
103+
104+
$this->assertSame($originalToken, $this->tokenStorage->getToken());
105105
}
106106

107107
public function testExitUserDispatchesEventWithRefreshedUser()
@@ -114,21 +114,9 @@ public function testExitUserDispatchesEventWithRefreshedUser()
114114
->method('refreshUser')
115115
->with($originalUser)
116116
->willReturn($refreshedUser);
117-
$originalToken = $this->getToken();
118-
$originalToken
119-
->expects($this->any())
120-
->method('getUser')
121-
->willReturn($originalUser);
122-
$role = $this
123-
->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
124-
->disableOriginalConstructor()
125-
->getMock();
126-
$role->expects($this->any())->method('getSource')->willReturn($originalToken);
127-
$this
128-
->tokenStorage
129-
->expects($this->any())
130-
->method('getToken')
131-
->willReturn($this->getToken(array($role)));
117+
$originalToken = $this->getToken($originalUser);
118+
$role = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $originalToken, false);
119+
$this->tokenStorage->setToken($this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array($role), $originalToken));
132120
$this
133121
->request
134122
->expects($this->any())
@@ -167,24 +155,8 @@ public function testExitUserDoesNotDispatchEventWithStringUser()
167155
->userProvider
168156
->expects($this->never())
169157
->method('refreshUser');
170-
$originalToken = $this->getToken();
171-
$originalToken
172-
->expects($this->any())
173-
->method('getUser')
174-
->willReturn($originalUser);
175-
$role = $this
176-
->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
177-
->disableOriginalConstructor()
178-
->getMock();
179-
$role
180-
->expects($this->any())
181-
->method('getSource')
182-
->willReturn($originalToken);
183-
$this
184-
->tokenStorage
185-
->expects($this->any())
186-
->method('getToken')
187-
->willReturn($this->getToken(array($role)));
158+
$originalToken = $this->getToken($originalUser);
159+
$this->tokenStorage->setToken($this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array('ROLE_PREVIOUS_ADMIN'), $originalToken));
188160
$this
189161
->request
190162
->expects($this->any())
@@ -218,9 +190,9 @@ public function testExitUserDoesNotDispatchEventWithStringUser()
218190
*/
219191
public function testSwitchUserIsDisallowed()
220192
{
221-
$token = $this->getToken(array(new Role('the role')));
193+
$token = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array(new Role('the role')));
222194

223-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
195+
$this->tokenStorage->setToken($token);
224196
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba'));
225197

226198
$this->accessDecisionManager->expects($this->once())
@@ -233,11 +205,11 @@ public function testSwitchUserIsDisallowed()
233205

234206
public function testSwitchUser()
235207
{
236-
$token = $this->getToken(array(new Role('the role')));
208+
$token = $this->getToken('username', array(new Role('the role')));
237209
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
238210
$user->expects($this->any())->method('getRoles')->will($this->returnValue(array()));
239211

240-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
212+
$this->tokenStorage->setToken($token);
241213
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba'));
242214
$this->request->query->expects($this->once())->method('remove', '_switch_user');
243215
$this->request->query->expects($this->any())->method('all')->will($this->returnValue(array()));
@@ -254,20 +226,21 @@ public function testSwitchUser()
254226
->will($this->returnValue($user));
255227
$this->userChecker->expects($this->once())
256228
->method('checkPostAuth')->with($user);
257-
$this->tokenStorage->expects($this->once())
258-
->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken'));
259229

260230
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
261231
$listener->handle($this->event);
232+
233+
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $this->tokenStorage->getToken());
234+
$this->assertSame($token, $this->tokenStorage->getToken()->getPreviousToken());
262235
}
263236

264237
public function testSwitchUserKeepsOtherQueryStringParameters()
265238
{
266-
$token = $this->getToken(array(new Role('the role')));
239+
$token = $this->getToken($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock(), array(new Role('the role')));
267240
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
268241
$user->expects($this->any())->method('getRoles')->will($this->returnValue(array()));
269242

270-
$this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token));
243+
$this->tokenStorage->setToken($token);
271244
$this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba'));
272245
$this->request->query->expects($this->once())->method('remove', '_switch_user');
273246
$this->request->query->expects($this->any())->method('all')->will($this->returnValue(array('page' => 3, 'section' => 2)));
@@ -283,11 +256,11 @@ public function testSwitchUserKeepsOtherQueryStringParameters()
283256
->will($this->returnValue($user));
284257
$this->userChecker->expects($this->once())
285258
->method('checkPostAuth')->with($user);
286-
$this->tokenStorage->expects($this->once())
287-
->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken'));
288259

289260
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
290261
$listener->handle($this->event);
262+
263+
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $this->tokenStorage->getToken());
291264
}
292265

293266
private function getEvent($request)
@@ -303,13 +276,8 @@ private function getEvent($request)
303276
return $event;
304277
}
305278

306-
private function getToken(array $roles = array())
279+
private function getToken($user, array $roles = array(), TokenInterface $previousToken = null)
307280
{
308-
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
309-
$token->expects($this->any())
310-
->method('getRoles')
311-
->will($this->returnValue($roles));
312-
313-
return $token;
281+
return new UsernamePasswordToken($user, 'password', 'provider', $roles, $previousToken);
314282
}
315283
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy