diff options
| author | Iltar van der Berg <ivanderberg@hostnet.nl> | 2014-09-24 09:31:12 +0200 |
|---|---|---|
| committer | Iltar van der Berg <ivanderberg@hostnet.nl> | 2014-09-24 09:31:49 +0200 |
| commit | d52740c8c0f0a5b98e31b4f759b6681ec364d576 (patch) | |
| tree | 9f9c97cb3229b6e5d9ab164c05c21355a7008e9a /Core | |
| parent | ddbd3ca7801b2e1c5028ab8d36b315ed4fb896f1 (diff) | |
| download | symfony-security-d52740c8c0f0a5b98e31b4f759b6681ec364d576.zip symfony-security-d52740c8c0f0a5b98e31b4f759b6681ec364d576.tar.gz symfony-security-d52740c8c0f0a5b98e31b4f759b6681ec364d576.tar.bz2 | |
Split of the SecurityContext to AuthorizationChecker and TokenStorage
Diffstat (limited to 'Core')
| -rw-r--r-- | Core/Authentication/Token/Storage/TokenStorage.php | 43 | ||||
| -rw-r--r-- | Core/Authentication/Token/Storage/TokenStorageInterface.php | 36 | ||||
| -rw-r--r-- | Core/Authorization/AuthorizationChecker.php | 70 | ||||
| -rw-r--r-- | Core/Authorization/AuthorizationCheckerInterface.php | 30 | ||||
| -rw-r--r-- | Core/SecurityContext.php | 76 | ||||
| -rw-r--r-- | Core/SecurityContextInterface.php | 33 | ||||
| -rw-r--r-- | Core/SecuritySessionStorageInterface.php | 24 | ||||
| -rw-r--r-- | Core/Tests/Authentication/Token/Storage/TokenStorageTest.php | 26 | ||||
| -rw-r--r-- | Core/Tests/Authorization/AuthorizationCheckerTest.php | 99 | ||||
| -rw-r--r-- | Core/Tests/SecurityContextTest.php | 131 |
10 files changed, 457 insertions, 111 deletions
diff --git a/Core/Authentication/Token/Storage/TokenStorage.php b/Core/Authentication/Token/Storage/TokenStorage.php new file mode 100644 index 0000000..4b6c11f --- /dev/null +++ b/Core/Authentication/Token/Storage/TokenStorage.php @@ -0,0 +1,43 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Authentication\Token\Storage; + +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; + +/** + * TokenStorage contains a TokenInterface + * + * It gives access to the token representing the current user authentication. + * + * @author Fabien Potencier <fabien@symfony.com> + * @author Johannes M. Schmitt <schmittjoh@gmail.com> + */ +class TokenStorage implements TokenStorageInterface +{ + private $token; + + /** + * {@inheritdoc} + */ + public function getToken() + { + return $this->token; + } + + /** + * {@inheritdoc} + */ + public function setToken(TokenInterface $token = null) + { + $this->token = $token; + } +} diff --git a/Core/Authentication/Token/Storage/TokenStorageInterface.php b/Core/Authentication/Token/Storage/TokenStorageInterface.php new file mode 100644 index 0000000..218d750 --- /dev/null +++ b/Core/Authentication/Token/Storage/TokenStorageInterface.php @@ -0,0 +1,36 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Authentication\Token\Storage; + +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; + +/** + * The TokenStorageInterface. + * + * @author Johannes M. Schmitt <schmittjoh@gmail.com> + */ +interface TokenStorageInterface +{ + /** + * Returns the current security token. + * + * @return TokenInterface|null A TokenInterface instance or null if no authentication information is available + */ + public function getToken(); + + /** + * Sets the authentication token. + * + * @param TokenInterface $token A TokenInterface token, or null if no further authentication information should be stored + */ + public function setToken(TokenInterface $token = null); +} diff --git a/Core/Authorization/AuthorizationChecker.php b/Core/Authorization/AuthorizationChecker.php new file mode 100644 index 0000000..23c190c --- /dev/null +++ b/Core/Authorization/AuthorizationChecker.php @@ -0,0 +1,70 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Authorization; + +use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; + +/** + * AuthorizationChecker is the main authorization point of the Security component. + * + * It gives access to the token representing the current user authentication. + * + * @author Fabien Potencier <fabien@symfony.com> + * @author Johannes M. Schmitt <schmittjoh@gmail.com> + */ +class AuthorizationChecker implements AuthorizationCheckerInterface +{ + private $tokenStorage; + private $accessDecisionManager; + private $authenticationManager; + private $alwaysAuthenticate; + + /** + * Constructor. + * + * @param TokenStorageInterface $tokenStorage + * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManager instance + * @param AccessDecisionManagerInterface $accessDecisionManager An AccessDecisionManager instance + * @param bool $alwaysAuthenticate + */ + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, AccessDecisionManagerInterface $accessDecisionManager, $alwaysAuthenticate = false) + { + $this->tokenStorage = $tokenStorage; + $this->authenticationManager = $authenticationManager; + $this->accessDecisionManager = $accessDecisionManager; + $this->alwaysAuthenticate = $alwaysAuthenticate; + } + + /** + * {@inheritdoc} + * + * @throws AuthenticationCredentialsNotFoundException when the token storage has no authentication token. + */ + final public function isGranted($attributes, $object = null) + { + if (null === ($token = $this->tokenStorage->getToken())) { + throw new AuthenticationCredentialsNotFoundException('The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.'); + } + + if ($this->alwaysAuthenticate || !$token->isAuthenticated()) { + $this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token)); + } + + if (!is_array($attributes)) { + $attributes = array($attributes); + } + + return $this->accessDecisionManager->decide($token, $attributes, $object); + } +} diff --git a/Core/Authorization/AuthorizationCheckerInterface.php b/Core/Authorization/AuthorizationCheckerInterface.php new file mode 100644 index 0000000..bd24d6f --- /dev/null +++ b/Core/Authorization/AuthorizationCheckerInterface.php @@ -0,0 +1,30 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Authorization; + +/** + * The AuthorizationCheckerInterface. + * + * @author Johannes M. Schmitt <schmittjoh@gmail.com> + */ +interface AuthorizationCheckerInterface +{ + /** + * Checks if the attributes are granted against the current authentication token and optionally supplied object. + * + * @param mixed $attributes + * @param mixed $object + * + * @return bool + */ + public function isGranted($attributes, $object = null); +} diff --git a/Core/SecurityContext.php b/Core/SecurityContext.php index 0326f1d..1f46cd6 100644 --- a/Core/SecurityContext.php +++ b/Core/SecurityContext.php @@ -11,10 +11,13 @@ namespace Symfony\Component\Security\Core; -use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; -use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; +use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; +use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; /** * SecurityContext is the main entry point of the Security component. @@ -23,63 +26,76 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; * * @author Fabien Potencier <fabien@symfony.com> * @author Johannes M. Schmitt <schmittjoh@gmail.com> + * @deprecated Deprecated since version 2.6, to be removed in 3.0. */ class SecurityContext implements SecurityContextInterface { - private $token; - private $accessDecisionManager; - private $authenticationManager; - private $alwaysAuthenticate; + /** + * @var TokenStorageInterface + */ + private $tokenStorage; /** - * Constructor. - * - * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManager instance - * @param AccessDecisionManagerInterface|null $accessDecisionManager An AccessDecisionManager instance - * @param bool $alwaysAuthenticate + * @var AuthorizationCheckerInterface */ - public function __construct(AuthenticationManagerInterface $authenticationManager, AccessDecisionManagerInterface $accessDecisionManager, $alwaysAuthenticate = false) - { - $this->authenticationManager = $authenticationManager; - $this->accessDecisionManager = $accessDecisionManager; - $this->alwaysAuthenticate = $alwaysAuthenticate; - } + private $authorizationChecker; /** - * {@inheritdoc} + * For backwords compatibility, the signature of sf <2.6 still works * - * @throws AuthenticationCredentialsNotFoundException when the security context has no authentication token. + * @param TokenStorageInterface|AuthenticationManagerInterface $tokenStorage + * @param AuthorizationCheckerInterface|AccessDecisionManagerInterface $authorizationChecker + * @param bool $alwaysAuthenticate only applicable with old signature */ - final public function isGranted($attributes, $object = null) + public function __construct($tokenStorage, $authorizationChecker, $alwaysAuthenticate = false) { - if (null === $this->token) { - throw new AuthenticationCredentialsNotFoundException('The security context contains no authentication token. One possible reason may be that there is no firewall configured for this URL.'); - } + $oldSignature = $tokenStorage instanceof AuthenticationManagerInterface && $authorizationChecker instanceof AccessDecisionManagerInterface; + $newSignature = $tokenStorage instanceof TokenStorageInterface && $authorizationChecker instanceof AuthorizationCheckerInterface; - if ($this->alwaysAuthenticate || !$this->token->isAuthenticated()) { - $this->token = $this->authenticationManager->authenticate($this->token); + // confirm possible signatures + if (!$oldSignature && !$newSignature) { + throw new \BadMethodCallException('Unable to construct SecurityContext, please provide the correct arguments'); } - if (!is_array($attributes)) { - $attributes = array($attributes); + if ($oldSignature) { + // renamed for clearity + $authenticationManager = $tokenStorage; + $accessDecisionManager = $authorizationChecker; + $tokenStorage = new TokenStorage(); + $authorizationChecker = new AuthorizationChecker($tokenStorage, $authenticationManager, $accessDecisionManager, $alwaysAuthenticate); } - return $this->accessDecisionManager->decide($this->token, $attributes, $object); + $this->tokenStorage = $tokenStorage; + $this->authorizationChecker = $authorizationChecker; } /** + * @deprecated Deprecated since version 2.6, to be removed in 3.0. Use TokenStorageInterface::getToken() instead. + * * {@inheritdoc} */ public function getToken() { - return $this->token; + return $this->tokenStorage->getToken(); } /** + * @deprecated Deprecated since version 2.6, to be removed in 3.0. Use TokenStorageInterface::setToken() instead. + * * {@inheritdoc} */ public function setToken(TokenInterface $token = null) { - $this->token = $token; + return $this->tokenStorage->setToken($token); + } + + /** + * @deprecated Deprecated since version 2.6, to be removed in 3.0. Use AuthorizationCheckerInterface::isGranted() instead. + * + * {@inheritdoc} + */ + public function isGranted($attributes, $object = null) + { + return $this->authorizationChecker->isGranted($attributes, $object); } } diff --git a/Core/SecurityContextInterface.php b/Core/SecurityContextInterface.php index ca816a8..844482b 100644 --- a/Core/SecurityContextInterface.php +++ b/Core/SecurityContextInterface.php @@ -11,40 +11,15 @@ namespace Symfony\Component\Security\Core; -use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; /** * The SecurityContextInterface. * * @author Johannes M. Schmitt <schmittjoh@gmail.com> + * @deprecated Deprecated since version 2.6, to be removed in 3.0. */ -interface SecurityContextInterface +interface SecurityContextInterface extends TokenStorageInterface, AuthorizationCheckerInterface, SecuritySessionStorageInterface { - const ACCESS_DENIED_ERROR = '_security.403_error'; - const AUTHENTICATION_ERROR = '_security.last_error'; - const LAST_USERNAME = '_security.last_username'; - - /** - * Returns the current security token. - * - * @return TokenInterface|null A TokenInterface instance or null if no authentication information is available - */ - public function getToken(); - - /** - * Sets the authentication token. - * - * @param TokenInterface $token A TokenInterface token, or null if no further authentication information should be stored - */ - public function setToken(TokenInterface $token = null); - - /** - * Checks if the attributes are granted against the current authentication token and optionally supplied object. - * - * @param mixed $attributes - * @param mixed $object - * - * @return bool - */ - public function isGranted($attributes, $object = null); } diff --git a/Core/SecuritySessionStorageInterface.php b/Core/SecuritySessionStorageInterface.php new file mode 100644 index 0000000..47c0bbe --- /dev/null +++ b/Core/SecuritySessionStorageInterface.php @@ -0,0 +1,24 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core; + +/** + * The SecuritySessionStorageInterface. + * + * @author Johannes M. Schmitt <schmittjoh@gmail.com> + */ +interface SecuritySessionStorageInterface +{ + const ACCESS_DENIED_ERROR = '_security.403_error'; + const AUTHENTICATION_ERROR = '_security.last_error'; + const LAST_USERNAME = '_security.last_username'; +} diff --git a/Core/Tests/Authentication/Token/Storage/TokenStorageTest.php b/Core/Tests/Authentication/Token/Storage/TokenStorageTest.php new file mode 100644 index 0000000..d06e3f0 --- /dev/null +++ b/Core/Tests/Authentication/Token/Storage/TokenStorageTest.php @@ -0,0 +1,26 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Tests\Authentication\Token\Storage; + +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; + +class TokenStorageTest extends \PHPUnit_Framework_TestCase +{ + public function testGetSetToken() + { + $tokenStorage = new TokenStorage(); + $this->assertNull($tokenStorage->getToken()); + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + $tokenStorage->setToken($token); + $this->assertSame($token, $tokenStorage->getToken()); + } +} diff --git a/Core/Tests/Authorization/AuthorizationCheckerTest.php b/Core/Tests/Authorization/AuthorizationCheckerTest.php new file mode 100644 index 0000000..64de6ef --- /dev/null +++ b/Core/Tests/Authorization/AuthorizationCheckerTest.php @@ -0,0 +1,99 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Tests\Authorization; + +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; +use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; + +class AuthorizationCheckerTest extends \PHPUnit_Framework_TestCase +{ + private $authenticationManager; + private $accessDecisionManager; + private $authorizationChecker; + private $tokenStorage; + + public function setUp() + { + $this->authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); + $this->accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); + $this->tokenStorage = new TokenStorage(); + + $this->authorizationChecker = new AuthorizationChecker( + $this->tokenStorage, + $this->authenticationManager, + $this->accessDecisionManager + ); + } + + public function testVoteAuthenticatesTokenIfNecessary() + { + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + $this->tokenStorage->setToken($token); + + $newToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + + $this->authenticationManager + ->expects($this->once()) + ->method('authenticate') + ->with($this->equalTo($token)) + ->will($this->returnValue($newToken)); + + // default with() isn't a strict check + $tokenComparison = function ($value) use ($newToken) { + // make sure that the new token is used in "decide()" and not the old one + return $value === $newToken; + }; + + $this->accessDecisionManager + ->expects($this->once()) + ->method('decide') + ->with($this->callback($tokenComparison)) + ->will($this->returnValue(true)); + + // first run the token has not been re-authenticated yet, after isGranted is called, it should be equal + $this->assertFalse($newToken === $this->tokenStorage->getToken()); + $this->assertTrue($this->authorizationChecker->isGranted('foo')); + $this->assertTrue($newToken === $this->tokenStorage->getToken()); + } + + /** + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException + */ + public function testVoteWithoutAuthenticationToken() + { + $this->authorizationChecker->isGranted('ROLE_FOO'); + } + + /** + * @dataProvider isGrantedProvider + */ + public function testIsGranted($decide) + { + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + $token + ->expects($this->once()) + ->method('isAuthenticated') + ->will($this->returnValue(true)); + + $this->accessDecisionManager + ->expects($this->once()) + ->method('decide') + ->will($this->returnValue($decide)); + $this->tokenStorage->setToken($token); + $this->assertTrue($decide === $this->authorizationChecker->isGranted('ROLE_FOO')); + } + + public function isGrantedProvider() + { + return array(array(true), array(false)); + } +} diff --git a/Core/Tests/SecurityContextTest.php b/Core/Tests/SecurityContextTest.php index dd0e2e3..886c596 100644 --- a/Core/Tests/SecurityContextTest.php +++ b/Core/Tests/SecurityContextTest.php @@ -11,82 +11,109 @@ namespace Symfony\Component\Security\Core\Tests; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; +use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; use Symfony\Component\Security\Core\SecurityContext; class SecurityContextTest extends \PHPUnit_Framework_TestCase { - public function testVoteAuthenticatesTokenIfNecessary() + private $tokenStorage; + private $authorizationChecker; + private $securityContext; + + public function setUp() { - $authManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $decisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); + $this->tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $this->authorizationChecker = $this->getMock('Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface'); + $this->securityContext = new SecurityContext($this->tokenStorage, $this->authorizationChecker); + } - $context = new SecurityContext($authManager, $decisionManager); - $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); + public function testGetTokenDelegation() + { + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $authManager + $this->tokenStorage ->expects($this->once()) - ->method('authenticate') - ->with($this->equalTo($token)) - ->will($this->returnValue($newToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))) - ; + ->method('getToken') + ->will($this->returnValue($token)); - $decisionManager + $this->assertTrue($token === $this->securityContext->getToken()); + } + + public function testSetTokenDelegation() + { + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + + $this->tokenStorage ->expects($this->once()) - ->method('decide') - ->will($this->returnValue(true)) - ; + ->method('setToken') + ->with($token); - $this->assertTrue($context->isGranted('foo')); - $this->assertSame($newToken, $context->getToken()); + $this->securityContext->setToken($token); } /** - * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException + * @dataProvider isGrantedDelegationProvider */ - public function testVoteWithoutAuthenticationToken() + public function testIsGrantedDelegation($attributes, $object, $return) + { + $this->authorizationChecker + ->expects($this->once()) + ->method('isGranted') + ->with($attributes, $object) + ->will($this->returnValue($return)); + + $this->assertEquals($return, $this->securityContext->isGranted($attributes, $object)); + } + + public function isGrantedDelegationProvider() { - $context = new SecurityContext( - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), - $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface') + return array( + array(array(), new \stdClass(), true), + array(array('henk'), new \stdClass(), false), + array(null, new \stdClass(), false), + array('henk', null, true), + array(array(1), 'henk', true), ); + } - $context->isGranted('ROLE_FOO'); + /** + * Test dedicated to check if the backwards compatibility is still working + */ + public function testOldConstructorSignature() + { + $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); + $accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); + new SecurityContext($authenticationManager, $accessDecisionManager); } - public function testIsGranted() + /** + * @dataProvider oldConstructorSignatureFailuresProvider + * @expectedException \BadMethodCallException + */ + public function testOldConstructorSignatureFailures($first, $second) { - $manager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); - $manager->expects($this->once())->method('decide')->will($this->returnValue(false)); - $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), $manager); - $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); - $token - ->expects($this->once()) - ->method('isAuthenticated') - ->will($this->returnValue(true)) - ; - $this->assertFalse($context->isGranted('ROLE_FOO')); - - $manager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); - $manager->expects($this->once())->method('decide')->will($this->returnValue(true)); - $context = new SecurityContext($this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), $manager); - $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); - $token - ->expects($this->once()) - ->method('isAuthenticated') - ->will($this->returnValue(true)) - ; - $this->assertTrue($context->isGranted('ROLE_FOO')); + new SecurityContext($first, $second); } - public function testGetSetToken() + public function oldConstructorSignatureFailuresProvider() { - $context = new SecurityContext( - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), - $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface') - ); - $this->assertNull($context->getToken()); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $authorizationChecker = $this->getMock('Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface'); + $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); + $accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); - $context->setToken($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); - $this->assertSame($token, $context->getToken()); + return array( + array(new \stdClass(), new \stdClass()), + array($tokenStorage, $accessDecisionManager), + array($accessDecisionManager, $tokenStorage), + array($authorizationChecker, $accessDecisionManager), + array($accessDecisionManager, $authorizationChecker), + array($tokenStorage, $accessDecisionManager), + array($authenticationManager, $authorizationChecker), + array('henk', 'hans'), + array(null, false), + array(true, null), + ); } } |