From d04d7dc6f2352b8c8d25c0cad3a2642b12f03bf2 Mon Sep 17 00:00:00 2001 From: Lukas Kahwe Smith Date: Thu, 3 Nov 2011 21:11:40 +0100 Subject: added basic README files for all components heavily inspired by http://fabien.potencier.org/article/49/what-is-symfony2 and the official Symfony2 documentation --- README.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..4f2b425 --- /dev/null +++ b/README.md @@ -0,0 +1,18 @@ +Security Component +================== + +This component provides an infrastructure for sophisticated authorization systems, +which makes it possible to easily separate the actual authorization logic from so +called user providers that hold the users credentials. It is inspired by the +Apache Sling framework. + +Resources +--------- + +Unit tests: + +https://github.com/symfony/symfony/tree/master/tests/Symfony/Tests/Component/Security + +Documentation: + +http://symfony.com/doc/2.0/book/security.html -- cgit v1.1 From def8b7c09d57904bad508f550c46f550f44abc37 Mon Sep 17 00:00:00 2001 From: Lukas Kahwe Smith Date: Fri, 4 Nov 2011 09:15:42 +0100 Subject: typo fix --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4f2b425..e25f40e 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Security Component This component provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the -Apache Sling framework. +Java Spring framework. Resources --------- -- cgit v1.1 From c7a14cf650b68dc67a5bb6f5056ee7ce88b849c5 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 18 Dec 2011 14:18:13 +0100 Subject: tweaked the README files --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index e25f40e..7aea890 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ Security Component ================== -This component provides an infrastructure for sophisticated authorization systems, -which makes it possible to easily separate the actual authorization logic from so -called user providers that hold the users credentials. It is inspired by the -Java Spring framework. +Security provides an infrastructure for sophisticated authorization systems, +which makes it possible to easily separate the actual authorization logic from +so called user providers that hold the users credentials. It is inspired by +the Java Spring framework. Resources --------- -- cgit v1.1 From 1df44a7f54710ec4f270e7398bf1908af8f8ada8 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 18 Dec 2011 14:42:59 +0100 Subject: fixed CS --- Acl/Dbal/AclProvider.php | 2 +- Acl/Dbal/MutableAclProvider.php | 4 ++-- Acl/Domain/AuditLogger.php | 2 +- Acl/Domain/ObjectIdentity.php | 2 +- Acl/Domain/PermissionGrantingStrategy.php | 4 ++-- Acl/Domain/SecurityIdentityRetrievalStrategy.php | 4 ++-- Acl/Permission/MaskBuilder.php | 4 ++-- Acl/Voter/AclVoter.php | 6 +++--- Core/Authentication/Token/AbstractToken.php | 6 +++--- Http/Firewall/AbstractAuthenticationListener.php | 2 +- 10 files changed, 18 insertions(+), 18 deletions(-) diff --git a/Acl/Dbal/AclProvider.php b/Acl/Dbal/AclProvider.php index 4a8619d..75093d9 100644 --- a/Acl/Dbal/AclProvider.php +++ b/Acl/Dbal/AclProvider.php @@ -497,7 +497,7 @@ QUERY; $acl = $acls[$aclId]; // has the ACL been hydrated during any previous cycle, or was possibly loaded // from cache? - } else if (isset($loadedAcls[$classType][$objectIdentifier])) { + } elseif (isset($loadedAcls[$classType][$objectIdentifier])) { $acl = $loadedAcls[$classType][$objectIdentifier]; // keep reference in local array (saves us some hash calculations) diff --git a/Acl/Dbal/MutableAclProvider.php b/Acl/Dbal/MutableAclProvider.php index 9050cf8..c0a33da 100644 --- a/Acl/Dbal/MutableAclProvider.php +++ b/Acl/Dbal/MutableAclProvider.php @@ -512,7 +512,7 @@ QUERY; if ($sid instanceof UserSecurityIdentity) { $identifier = $sid->getClass().'-'.$sid->getUsername(); $username = true; - } else if ($sid instanceof RoleSecurityIdentity) { + } elseif ($sid instanceof RoleSecurityIdentity) { $identifier = $sid->getRole(); $username = false; } else { @@ -580,7 +580,7 @@ QUERY; if ($sid instanceof UserSecurityIdentity) { $identifier = $sid->getClass().'-'.$sid->getUsername(); $username = true; - } else if ($sid instanceof RoleSecurityIdentity) { + } elseif ($sid instanceof RoleSecurityIdentity) { $identifier = $sid->getRole(); $username = false; } else { diff --git a/Acl/Domain/AuditLogger.php b/Acl/Domain/AuditLogger.php index d6d7d9d..2a6461c 100644 --- a/Acl/Domain/AuditLogger.php +++ b/Acl/Domain/AuditLogger.php @@ -37,7 +37,7 @@ abstract class AuditLogger implements AuditLoggerInterface if ($granted && $ace->isAuditSuccess()) { $this->doLog($granted, $ace); - } else if (!$granted && $ace->isAuditFailure()) { + } elseif (!$granted && $ace->isAuditFailure()) { $this->doLog($granted, $ace); } } diff --git a/Acl/Domain/ObjectIdentity.php b/Acl/Domain/ObjectIdentity.php index 3bf1fe1..42fc67c 100644 --- a/Acl/Domain/ObjectIdentity.php +++ b/Acl/Domain/ObjectIdentity.php @@ -61,7 +61,7 @@ final class ObjectIdentity implements ObjectIdentityInterface try { if ($domainObject instanceof DomainObjectInterface) { return new self($domainObject->getObjectIdentifier(), get_class($domainObject)); - } else if (method_exists($domainObject, 'getId')) { + } elseif (method_exists($domainObject, 'getId')) { return new self($domainObject->getId(), get_class($domainObject)); } } catch (\InvalidArgumentException $invalid) { diff --git a/Acl/Domain/PermissionGrantingStrategy.php b/Acl/Domain/PermissionGrantingStrategy.php index c37ce29..5fb8460 100644 --- a/Acl/Domain/PermissionGrantingStrategy.php +++ b/Acl/Domain/PermissionGrantingStrategy.php @@ -197,9 +197,9 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface $strategy = $ace->getStrategy(); if (self::ALL === $strategy) { return $requiredMask === ($ace->getMask() & $requiredMask); - } else if (self::ANY === $strategy) { + } elseif (self::ANY === $strategy) { return 0 !== ($ace->getMask() & $requiredMask); - } else if (self::EQUAL === $strategy) { + } elseif (self::EQUAL === $strategy) { return $requiredMask === $ace->getMask(); } diff --git a/Acl/Domain/SecurityIdentityRetrievalStrategy.php b/Acl/Domain/SecurityIdentityRetrievalStrategy.php index 4c16a50..67312b2 100644 --- a/Acl/Domain/SecurityIdentityRetrievalStrategy.php +++ b/Acl/Domain/SecurityIdentityRetrievalStrategy.php @@ -69,10 +69,10 @@ class SecurityIdentityRetrievalStrategy implements SecurityIdentityRetrievalStra $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); - } else if ($this->authenticationTrustResolver->isRememberMe($token)) { + } elseif ($this->authenticationTrustResolver->isRememberMe($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); - } else if ($this->authenticationTrustResolver->isAnonymous($token)) { + } elseif ($this->authenticationTrustResolver->isAnonymous($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } diff --git a/Acl/Permission/MaskBuilder.php b/Acl/Permission/MaskBuilder.php index f7a6a3a..b17233f 100644 --- a/Acl/Permission/MaskBuilder.php +++ b/Acl/Permission/MaskBuilder.php @@ -94,7 +94,7 @@ class MaskBuilder { if (is_string($mask) && defined($name = 'static::MASK_'.strtoupper($mask))) { $mask = constant($name); - } else if (!is_int($mask)) { + } elseif (!is_int($mask)) { throw new \InvalidArgumentException('$mask must be an integer.'); } @@ -147,7 +147,7 @@ class MaskBuilder { if (is_string($mask) && defined($name = 'static::MASK_'.strtoupper($mask))) { $mask = constant($name); - } else if (!is_int($mask)) { + } elseif (!is_int($mask)) { throw new \InvalidArgumentException('$mask must be an integer.'); } diff --git a/Acl/Voter/AclVoter.php b/Acl/Voter/AclVoter.php index d9e8c03..456c434 100644 --- a/Acl/Voter/AclVoter.php +++ b/Acl/Voter/AclVoter.php @@ -64,7 +64,7 @@ class AclVoter implements VoterInterface } return $this->allowIfObjectIdentityUnavailable ? self::ACCESS_GRANTED : self::ACCESS_ABSTAIN; - } else if ($object instanceof FieldVote) { + } elseif ($object instanceof FieldVote) { $field = $object->getField(); $object = $object->getDomainObject(); } else { @@ -73,7 +73,7 @@ class AclVoter implements VoterInterface if ($object instanceof ObjectIdentityInterface) { $oid = $object; - } else if (null === $oid = $this->objectIdentityRetrievalStrategy->getObjectIdentity($object)) { + } elseif (null === $oid = $this->objectIdentityRetrievalStrategy->getObjectIdentity($object)) { if (null !== $this->logger) { $this->logger->debug(sprintf('Object identity unavailable. Voting to %s', $this->allowIfObjectIdentityUnavailable? 'grant access' : 'abstain')); } @@ -96,7 +96,7 @@ class AclVoter implements VoterInterface } return self::ACCESS_GRANTED; - } else if (null !== $field && $acl->isFieldGranted($field, $masks, $sids, false)) { + } elseif (null !== $field && $acl->isFieldGranted($field, $masks, $sids, false)) { if (null !== $this->logger) { $this->logger->debug('ACL found, permission granted. Voting to grant access'); } diff --git a/Core/Authentication/Token/AbstractToken.php b/Core/Authentication/Token/AbstractToken.php index ee6b207..dc21684 100644 --- a/Core/Authentication/Token/AbstractToken.php +++ b/Core/Authentication/Token/AbstractToken.php @@ -42,7 +42,7 @@ abstract class AbstractToken implements TokenInterface foreach ($roles as $role) { if (is_string($role)) { $role = new Role($role); - } else if (!$role instanceof RoleInterface) { + } elseif (!$role instanceof RoleInterface) { throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role))); } @@ -83,13 +83,13 @@ abstract class AbstractToken implements TokenInterface if (null === $this->user) { $changed = false; - } else if ($this->user instanceof UserInterface) { + } elseif ($this->user instanceof UserInterface) { if (!$user instanceof UserInterface) { $changed = true; } else { $changed = !$this->user->equals($user); } - } else if ($user instanceof UserInterface) { + } elseif ($user instanceof UserInterface) { $changed = true; } else { $changed = (string) $this->user !== (string) $user; diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php index 5270e8d..1765f7f 100644 --- a/Http/Firewall/AbstractAuthenticationListener.php +++ b/Http/Firewall/AbstractAuthenticationListener.php @@ -144,7 +144,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface $this->sessionStrategy->onAuthentication($request, $returnValue); $response = $this->onSuccess($event, $request, $returnValue); - } else if ($returnValue instanceof Response) { + } elseif ($returnValue instanceof Response) { $response = $returnValue; } else { throw new \RuntimeException('attemptAuthentication() must either return a Response, an implementation of TokenInterface, or null.'); -- cgit v1.1