From d0547f1a9f1a1f70f4c6ffcf34f489eb7536276a Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Thu, 18 Jun 2015 15:42:09 +0200 Subject: Fix merge --- Http/Firewall/RememberMeListener.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 0f09144..12999a4 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -95,7 +95,7 @@ class RememberMeListener implements ListenerInterface $this->rememberMeServices->loginFail($request); if (!$this->catchExceptions) { - throw $failed; + throw $e; } } } -- cgit v1.1 From 5cabfecc4c4b5416e7c54ffe7a4fcde2d0db4d75 Mon Sep 17 00:00:00 2001 From: ogizanagi Date: Sun, 28 Jun 2015 12:13:08 +0200 Subject: Fix quoting style consistency. --- Http/Firewall/DigestAuthenticationListener.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php index 2737069..a88250b 100644 --- a/Http/Firewall/DigestAuthenticationListener.php +++ b/Http/Firewall/DigestAuthenticationListener.php @@ -101,7 +101,7 @@ class DigestAuthenticationListener implements ListenerInterface if ($serverDigestMd5 !== $digestAuth->getResponse()) { if (null !== $this->logger) { - $this->logger->debug(sprintf("Expected response: '%s' but received: '%s'; is AuthenticationDao returning clear text passwords?", $serverDigestMd5, $digestAuth->getResponse())); + $this->logger->debug(sprintf('Expected response: "%s" but received: "%s"; is AuthenticationDao returning clear text passwords?', $serverDigestMd5, $digestAuth->getResponse())); } $this->fail($event, $request, new BadCredentialsException('Incorrect response')); -- cgit v1.1 From a2d134b9a33886bc190c6eff600d5b937c96b6d0 Mon Sep 17 00:00:00 2001 From: Richard van Laak Date: Wed, 10 Jun 2015 09:49:02 +0200 Subject: [Security] Initialize SwitchUserEvent::targetUser on attemptExitUser The `SwitchUserEvent` is triggered in case an account is switched. This works okay while switching to the user, but on exit the `SwitchUserEvent` is triggered again with the original User. That User was not initialized by the provider yet. load user by UserInterface instead of username --- Http/Firewall/SwitchUserListener.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 7700096..c5ecf78 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -163,7 +163,8 @@ class SwitchUserListener implements ListenerInterface } if (null !== $this->dispatcher) { - $switchEvent = new SwitchUserEvent($request, $original->getUser()); + $user = $this->provider->refreshUser($original->getUser()); + $switchEvent = new SwitchUserEvent($request, $user); $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); } -- cgit v1.1 From 1738333e52f972aabad7764e53722c9682354beb Mon Sep 17 00:00:00 2001 From: Christian Flothmann Date: Sun, 28 Jun 2015 20:28:17 +0200 Subject: trigger event with right user (add test) --- Tests/Http/Firewall/SwitchUserListenerTest.php | 52 ++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/Tests/Http/Firewall/SwitchUserListenerTest.php b/Tests/Http/Firewall/SwitchUserListenerTest.php index e86ee83..7ba71d4 100644 --- a/Tests/Http/Firewall/SwitchUserListenerTest.php +++ b/Tests/Http/Firewall/SwitchUserListenerTest.php @@ -11,7 +11,9 @@ namespace Symfony\Component\Security\Tests\Http\Firewall; +use Symfony\Component\Security\Http\Event\SwitchUserEvent; use Symfony\Component\Security\Http\Firewall\SwitchUserListener; +use Symfony\Component\Security\Http\SecurityEvents; class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase { @@ -97,6 +99,56 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $listener->handle($this->event); } + public function testExitUserDispatchesEventWithRefreshedUser() + { + $originalUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); + $refreshedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); + $this + ->userProvider + ->expects($this->any()) + ->method('refreshUser') + ->with($originalUser) + ->willReturn($refreshedUser); + $originalToken = $this->getToken(); + $originalToken + ->expects($this->any()) + ->method('getUser') + ->willReturn($originalUser); + $role = $this + ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') + ->disableOriginalConstructor() + ->getMock(); + $role->expects($this->any())->method('getSource')->willReturn($originalToken); + $this + ->securityContext + ->expects($this->any()) + ->method('getToken') + ->willReturn($this->getToken(array($role))); + $this + ->request + ->expects($this->any()) + ->method('get') + ->with('_switch_user') + ->willReturn('_exit'); + $this + ->request + ->expects($this->any()) + ->method('getUri') + ->willReturn('/'); + + $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + $dispatcher + ->expects($this->once()) + ->method('dispatch') + ->with(SecurityEvents::SWITCH_USER, $this->callback(function (SwitchUserEvent $event) use ($refreshedUser) { + return $event->getTargetUser() === $refreshedUser; + })) + ; + + $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); + $listener->handle($this->event); + } + /** * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException */ -- cgit v1.1 From 6a96b68515bba1ae9e275ff0498e88659d3f5354 Mon Sep 17 00:00:00 2001 From: Christian Flothmann Date: Mon, 29 Jun 2015 20:12:36 +0200 Subject: unify default AccessDeniedExeption message --- Core/Exception/AccessDeniedException.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Core/Exception/AccessDeniedException.php b/Core/Exception/AccessDeniedException.php index 7c16afb..736a36b 100644 --- a/Core/Exception/AccessDeniedException.php +++ b/Core/Exception/AccessDeniedException.php @@ -18,7 +18,7 @@ namespace Symfony\Component\Security\Core\Exception; */ class AccessDeniedException extends \RuntimeException { - public function __construct($message = 'Access Denied', \Exception $previous = null) + public function __construct($message = 'Access Denied.', \Exception $previous = null) { parent::__construct($message, 403, $previous); } -- cgit v1.1 From 5e1c369074daca0707bc1845ed9b8f907ffd6ef9 Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Tue, 30 Jun 2015 18:51:15 +0200 Subject: [Security/Http] Fix test --- Http/Tests/Firewall/SwitchUserListenerTest.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php index 2be0325..a3c96f2 100644 --- a/Http/Tests/Firewall/SwitchUserListenerTest.php +++ b/Http/Tests/Firewall/SwitchUserListenerTest.php @@ -138,6 +138,12 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase ->expects($this->any()) ->method('getUri') ->willReturn('/'); + $this + ->request + ->query + ->expects($this->any()) + ->method('all') + ->will($this->returnValue(array())); $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); $dispatcher -- cgit v1.1