forked from KnpLabs/KnpUserBundle
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Migrated SF AdvancedUserInterface to FOS UserInterface (#2815)
* Migrated SF AdvancedUserInterface to FOS UserInterface AdvancedUserInterface is deprecated since Symfony 4.1 - symfony/symfony#23508 Issue: - #2803 Deprecation with Symfony 4.1 - AdvancedUserInterface * Code style fixed and using `getMockBuilder` instead of `createMock` * Code style fixed and using attributes instead of `$this->expectException` * Change to restart travis * EquatableInterface added to `UserInterface` and implementation added to `User` * Tests after merge of master fixed * Tests after merge of master fixed * Update README.md * Added compatibility for apps that check against AdvancedUserInterface * Code style fixed to pass all travis tests * fos_user.user_checker Service marked as non-public
- Loading branch information
Showing
8 changed files
with
290 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -11,13 +11,13 @@ | |
|
|
||
| namespace FOS\UserBundle\Model; | ||
|
|
||
| use Symfony\Component\Security\Core\User\AdvancedUserInterface; | ||
| use Symfony\Component\Security\Core\User\EquatableInterface; | ||
| use Symfony\Component\Security\Core\User\UserInterface as BaseUserInterface; | ||
|
|
||
| /** | ||
| * @author Thibault Duplessis <[email protected]> | ||
| * @author Johannes M. Schmitt <[email protected]> | ||
| * @internal Only for back compatibility. Remove / merge when dropping support for Symfony 4 | ||
| */ | ||
| interface UserInterface extends AdvancedUserInterface, \Serializable | ||
| interface FosUserInterface extends \Serializable | ||
| { | ||
| const ROLE_DEFAULT = 'ROLE_USER'; | ||
|
|
||
|
|
@@ -227,4 +227,74 @@ public function addRole($role); | |
| * @return static | ||
| */ | ||
| public function removeRole($role); | ||
|
|
||
| /** | ||
| * Checks whether the user's account has expired. | ||
| * | ||
| * Internally, if this method returns false, the authentication system | ||
| * will throw an AccountExpiredException and prevent login. | ||
| * | ||
| * @return bool true if the user's account is non expired, false otherwise | ||
| * | ||
| * @see AccountExpiredException | ||
| */ | ||
| public function isAccountNonExpired(); | ||
|
|
||
| /** | ||
| * Checks whether the user is locked. | ||
| * | ||
| * Internally, if this method returns false, the authentication system | ||
| * will throw a LockedException and prevent login. | ||
| * | ||
| * @return bool true if the user is not locked, false otherwise | ||
| * | ||
| * @see LockedException | ||
| */ | ||
| public function isAccountNonLocked(); | ||
|
|
||
| /** | ||
| * Checks whether the user's credentials (password) has expired. | ||
| * | ||
| * Internally, if this method returns false, the authentication system | ||
| * will throw a CredentialsExpiredException and prevent login. | ||
| * | ||
| * @return bool true if the user's credentials are non expired, false otherwise | ||
| * | ||
| * @see CredentialsExpiredException | ||
| */ | ||
| public function isCredentialsNonExpired(); | ||
|
|
||
| /** | ||
| * Checks whether the user is enabled. | ||
| * | ||
| * Internally, if this method returns false, the authentication system | ||
| * will throw a DisabledException and prevent login. | ||
| * | ||
| * @return bool true if the user is enabled, false otherwise | ||
| * | ||
| * @see DisabledException | ||
| */ | ||
| public function isEnabled(); | ||
| } | ||
|
|
||
| // This is required to support apps that explicitly check if a user is an instance of AdvancedUserInterface | ||
| if (interface_exists('\Symfony\Component\Security\Core\User\AdvancedUserInterface')) { | ||
| /** | ||
| * @author Thibault Duplessis <[email protected]> | ||
| * @author Johannes M. Schmitt <[email protected]> | ||
| * | ||
| * @deprecated since Symfony 4.1. Remove in Nov 2023 (End of support for security fixes SF 4.4) | ||
| */ | ||
| interface UserInterface extends FosUserInterface, \Symfony\Component\Security\Core\User\AdvancedUserInterface | ||
| { | ||
| } | ||
| } else { | ||
| /** | ||
| * @author Thibault Duplessis <[email protected]> | ||
| * @author Johannes M. Schmitt <[email protected]> | ||
| * @author Julian Finkler <[email protected]> | ||
| */ | ||
| interface UserInterface extends FosUserInterface, BaseUserInterface, EquatableInterface | ||
| { | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| <?php | ||
|
|
||
| /* | ||
| * This file is part of the FOSUserBundle package. | ||
| * | ||
| * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/> | ||
| * | ||
| * For the full copyright and license information, please view the LICENSE | ||
| * file that was distributed with this source code. | ||
| */ | ||
|
|
||
| namespace FOS\UserBundle\Security; | ||
|
|
||
| use Symfony\Component\Security\Core\Exception\AccountExpiredException; | ||
| use Symfony\Component\Security\Core\Exception\CredentialsExpiredException; | ||
| use Symfony\Component\Security\Core\Exception\DisabledException; | ||
| use Symfony\Component\Security\Core\Exception\LockedException; | ||
| use Symfony\Component\Security\Core\User\UserChecker as BaseUserChecker; | ||
| use Symfony\Component\Security\Core\User\UserInterface as BaseUserInterface; | ||
|
|
||
| /** | ||
| * UserChecker checks the user account flags. | ||
| * | ||
| * @author Julian Finkler (Devtronic) <[email protected]> | ||
| */ | ||
| class UserChecker extends BaseUserChecker | ||
| { | ||
| /** | ||
| * {@inheritdoc} | ||
| */ | ||
| public function checkPreAuth(BaseUserInterface $user) | ||
| { | ||
| if (!$user->isAccountNonLocked()) { | ||
| $ex = new LockedException('User account is locked.'); | ||
| $ex->setUser($user); | ||
| throw $ex; | ||
| } | ||
|
|
||
| if (!$user->isEnabled()) { | ||
| $ex = new DisabledException('User account is disabled.'); | ||
| $ex->setUser($user); | ||
| throw $ex; | ||
| } | ||
|
|
||
| if (!$user->isAccountNonExpired()) { | ||
| $ex = new AccountExpiredException('User account has expired.'); | ||
| $ex->setUser($user); | ||
| throw $ex; | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * {@inheritdoc} | ||
| */ | ||
| public function checkPostAuth(BaseUserInterface $user) | ||
| { | ||
| if (!$user->isCredentialsNonExpired()) { | ||
| $ex = new CredentialsExpiredException('User credentials have expired.'); | ||
| $ex->setUser($user); | ||
| throw $ex; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,105 @@ | ||
| <?php | ||
|
|
||
| /* | ||
| * This file is part of the FOSUserBundle package. | ||
| * | ||
| * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/> | ||
| * | ||
| * For the full copyright and license information, please view the LICENSE | ||
| * file that was distributed with this source code. | ||
| */ | ||
|
|
||
| namespace FOS\UserBundle\Tests\Security; | ||
|
|
||
| use FOS\UserBundle\Security\UserChecker; | ||
| use PHPUnit\Framework\TestCase; | ||
|
|
||
| class UserCheckerTest extends TestCase | ||
| { | ||
| /** | ||
| * @expectedException \Symfony\Component\Security\Core\Exception\LockedException | ||
| * @expectedExceptionMessage User account is locked. | ||
| */ | ||
| public function testCheckPreAuthFailsLockedOut() | ||
| { | ||
| $userMock = $this->getUser(false, false, false, false); | ||
| $checker = new UserChecker(); | ||
| $checker->checkPreAuth($userMock); | ||
| } | ||
|
|
||
| /** | ||
| * @expectedException \Symfony\Component\Security\Core\Exception\DisabledException | ||
| * @expectedExceptionMessage User account is disabled. | ||
| */ | ||
| public function testCheckPreAuthFailsIsEnabled() | ||
| { | ||
| $userMock = $this->getUser(true, false, false, false); | ||
| $checker = new UserChecker(); | ||
| $checker->checkPreAuth($userMock); | ||
| } | ||
|
|
||
| /** | ||
| * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException | ||
| * @expectedExceptionMessage User account has expired. | ||
| */ | ||
| public function testCheckPreAuthFailsIsAccountNonExpired() | ||
| { | ||
| $userMock = $this->getUser(true, true, false, false); | ||
| $checker = new UserChecker(); | ||
| $checker->checkPreAuth($userMock); | ||
| } | ||
|
|
||
| public function testCheckPreAuthSuccess() | ||
| { | ||
| $userMock = $this->getUser(true, true, true, false); | ||
| $checker = new UserChecker(); | ||
|
|
||
| try { | ||
| $this->assertNull($checker->checkPreAuth($userMock)); | ||
| } catch (\Exception $ex) { | ||
| $this->fail(); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException | ||
| * @expectedExceptionMessage User credentials have expired. | ||
| */ | ||
| public function testCheckPostAuthFailsIsCredentialsNonExpired() | ||
| { | ||
| $userMock = $this->getUser(true, true, true, false); | ||
| $checker = new UserChecker(); | ||
| $checker->checkPostAuth($userMock); | ||
| } | ||
|
|
||
| public function testCheckPostAuthSuccess() | ||
| { | ||
| $userMock = $this->getUser(true, true, true, true); | ||
| $checker = new UserChecker(); | ||
|
|
||
| try { | ||
| $this->assertNull($checker->checkPostAuth($userMock)); | ||
| } catch (\Exception $ex) { | ||
| $this->fail(); | ||
| } | ||
| } | ||
|
|
||
| private function getUser($isAccountNonLocked, $isEnabled, $isAccountNonExpired, $isCredentialsNonExpired) | ||
| { | ||
| $userMock = $this->getMockBuilder('FOS\UserBundle\Model\User')->getMock(); | ||
| $userMock | ||
| ->method('isAccountNonLocked') | ||
| ->willReturn($isAccountNonLocked); | ||
| $userMock | ||
| ->method('isEnabled') | ||
| ->willReturn($isEnabled); | ||
| $userMock | ||
| ->method('isAccountNonExpired') | ||
| ->willReturn($isAccountNonExpired); | ||
| $userMock | ||
| ->method('isCredentialsNonExpired') | ||
| ->willReturn($isCredentialsNonExpired); | ||
|
|
||
| return $userMock; | ||
| } | ||
| } |