fix security context deprecation

Sylius · Dec 23, 2015 · 3910cdd · 3910cdd
1 parent 74beeee
commit 3910cdd
Show file tree

Hide file tree

Showing 19 changed files with 215 additions and 182 deletions.
diff --git a/src/Sylius/Bundle/RbacBundle/Provider/SecurityIdentityProvider.php b/src/Sylius/Bundle/RbacBundle/Provider/SecurityIdentityProvider.php
@@ -14,32 +14,32 @@
 use Sylius\Component\Rbac\Model\IdentityInterface;
 use Sylius\Component\Rbac\Provider\CurrentIdentityProviderInterface;
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
-use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 
 /**
  * @author Paweł Jędrzejewski <pawel@sylius.org>
  */
 class SecurityIdentityProvider implements CurrentIdentityProviderInterface
 {
     /**
-     * @var SecurityContextInterface
+     * @var TokenStorageInterface
      */
-    private $securityContext;
+    private $tokenStorage;
 
     /**
-     * @param SecurityContextInterface $securityContext
+     * @param TokenStorageInterface $tokenStorage
      */
-    public function __construct(SecurityContextInterface $securityContext)
+    public function __construct(TokenStorageInterface $tokenStorage)
     {
-        $this->securityContext = $securityContext;
+        $this->tokenStorage = $tokenStorage;
     }
 
     /**
      * {@inheritdoc}
      */
     public function getIdentity()
     {
-        if (null === $token = $this->securityContext->getToken()) {
+        if (null === $token = $this->tokenStorage->getToken()) {
             return;
         }
 

diff --git a/src/Sylius/Bundle/RbacBundle/Resources/config/services.xml b/src/Sylius/Bundle/RbacBundle/Resources/config/services.xml
@@ -30,7 +30,7 @@
 
     <services>
         <service id="sylius.authorization_identity_provider.security" class="%sylius.authorization_identity_provider.security.class%">
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
         </service>
         <service id="sylius.authorization_checker.default" class="%sylius.authorization_checker.default.class%">
             <argument type="service" id="sylius.authorization_identity_provider" />

diff --git a/src/Sylius/Bundle/RbacBundle/spec/Provider/SecurityIdentityProviderSpec.php b/src/Sylius/Bundle/RbacBundle/spec/Provider/SecurityIdentityProviderSpec.php
@@ -15,18 +15,18 @@
 use Sylius\Component\Rbac\Model\IdentityInterface;
 use Sylius\Component\Rbac\Provider\CurrentIdentityProviderInterface;
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
-use Symfony\Component\Security\Core\SecurityContextInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * @author Paweł Jędrzejewski <pjedrzejewski@diweb.pl>
  */
 class SecurityIdentityProviderSpec extends ObjectBehavior
 {
-    function let(SecurityContextInterface $securityContext)
+    function let(TokenStorageInterface $tokenStorage)
     {
-        $this->beConstructedWith($securityContext);
+        $this->beConstructedWith($tokenStorage);
     }
 
     function it_is_initializable()
@@ -39,39 +39,39 @@ function it_is_a_rbac_identity_provider()
         $this->shouldHaveType(CurrentIdentityProviderInterface::class);
     }
 
-    function it_returns_null_if_user_is_not_logged_in($securityContext)
+    function it_returns_null_if_user_is_not_logged_in($tokenStorage)
     {
-        $securityContext->getToken()->shouldBeCalled()->willReturn(null);
+        $tokenStorage->getToken()->shouldBeCalled()->willReturn(null);
 
         $this->getIdentity()->shouldReturn(null);
     }
 
-    function it_returns_null_if_token_exists_but_still_no_authenticated_user($securityContext, TokenInterface $token)
+    function it_returns_null_if_token_exists_but_still_no_authenticated_user($tokenStorage, TokenInterface $token)
     {
-        $securityContext->getToken()->shouldBeCalled()->willReturn($token);
+        $tokenStorage->getToken()->shouldBeCalled()->willReturn($token);
         $token->getUser()->shouldBeCalled()->willReturn(null);
 
         $this->getIdentity()->shouldReturn(null);
     }
 
-    function it_returns_null_if_token_exists_but_its_an_anonymous_user($securityContext, AnonymousToken $token)
+    function it_returns_null_if_token_exists_but_its_an_anonymous_user($tokenStorage, AnonymousToken $token)
     {
-        $securityContext->getToken()->shouldBeCalled()->willReturn($token);
+        $tokenStorage->getToken()->shouldBeCalled()->willReturn($token);
 
         $this->getIdentity()->shouldReturn(null);
     }
 
-    function it_returns_the_authenticated_user($securityContext, TokenInterface $token, IdentityInterface $user)
+    function it_returns_the_authenticated_user($tokenStorage, TokenInterface $token, IdentityInterface $user)
     {
-        $securityContext->getToken()->shouldBeCalled()->willReturn($token);
+        $tokenStorage->getToken()->shouldBeCalled()->willReturn($token);
         $token->getUser()->shouldBeCalled()->willReturn($user);
 
         $this->getIdentity()->shouldReturn($user);
     }
 
-    function it_throws_exception_if_user_does_not_implement_identity_interface($securityContext, TokenInterface $token, UserInterface $user)
+    function it_throws_exception_if_user_does_not_implement_identity_interface($tokenStorage, TokenInterface $token, UserInterface $user)
     {
-        $securityContext->getToken()->shouldBeCalled()->willReturn($token);
+        $tokenStorage->getToken()->shouldBeCalled()->willReturn($token);
         $token->getUser()->shouldBeCalled()->willReturn($user);
 
         $this

diff --git a/src/Sylius/Bundle/ResourceBundle/Behat/DefaultContext.php b/src/Sylius/Bundle/ResourceBundle/Behat/DefaultContext.php
@@ -26,7 +26,8 @@
 use Symfony\Component\HttpKernel\KernelInterface;
 use Symfony\Component\Intl\Intl;
 use Symfony\Component\Routing\RouterInterface;
-use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 abstract class DefaultContext extends RawMinkContext implements Context, KernelAwareContext
@@ -252,7 +253,7 @@ protected function generatePageUrl($page, array $parameters = array())
      */
     protected function getUser()
     {
-        $token = $this->getSecurityContext()->getToken();
+        $token = $this->getTokenStorage()->getToken();
 
         if (null === $token) {
             throw new \Exception('No token found in security context.');
@@ -262,11 +263,19 @@ protected function getUser()
     }
 
     /**
-     * @return SecurityContextInterface
+     * @return TokenStorageInterface
      */
-    protected function getSecurityContext()
+    protected function getTokenStorage()
     {
-        return $this->getContainer()->get('security.context');
+        return $this->getContainer()->get('security.token_storage');
+    }
+
+    /**
+     * @return AuthorizationCheckerInterface
+     */
+    protected function getAuthorizationChecker()
+    {
+        return $this->getContainer()->get('security.authorization_checker');
     }
 
     /**

diff --git a/src/Sylius/Bundle/ResourceBundle/Behat/WebContext.php b/src/Sylius/Bundle/ResourceBundle/Behat/WebContext.php
@@ -334,7 +334,7 @@ public function iShouldSeeThatMuchResourcesInTheList($amount, $type)
      */
     public function iShouldBeLoggedIn()
     {
-        if (!$this->getSecurityContext()->isGranted('ROLE_USER')) {
+        if (!$this->getAuthorizationChecker()->isGranted('ROLE_USER')) {
             throw new AuthenticationException('User is not authenticated.');
         }
     }
@@ -344,7 +344,7 @@ public function iShouldBeLoggedIn()
      */
     public function iShouldNotBeLoggedIn()
     {
-        if ($this->getSecurityContext()->isGranted('ROLE_USER')) {
+        if ($this->getAuthorizationChecker()->isGranted('ROLE_USER')) {
             throw new AuthenticationException('User was not expected to be logged in, but he is.');
         }
     }

diff --git a/src/Sylius/Bundle/UserBundle/Context/CustomerContext.php b/src/Sylius/Bundle/UserBundle/Context/CustomerContext.php
@@ -14,24 +14,32 @@
 use Sylius\Component\User\Context\CustomerContextInterface;
 use Sylius\Component\User\Model\CustomerInterface;
 use Sylius\Component\User\Model\UserInterface;
-use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 
 /**
  * @author Michał Marcinkowski <michal.marcinkowski@lakion.com>
  */
 class CustomerContext implements CustomerContextInterface
 {
     /**
-     * @var SecurityContextInterface
+     * @var TokenStorageInterface
      */
-    private $securityContext;
+    private $tokenStorage;
 
     /**
-     * @param SecurityContextInterface $securityContext
+     * @var AuthorizationCheckerInterface
      */
-    public function __construct(SecurityContextInterface $securityContext)
+    private $authorizationChecker;
+
+    /**
+     * @param TokenStorageInterface $tokenStorage
+     * @param AuthorizationCheckerInterface $authorizationChecker
+     */
+    public function __construct(TokenStorageInterface $tokenStorage, AuthorizationCheckerInterface $authorizationChecker)
     {
-        $this->securityContext = $securityContext;
+        $this->tokenStorage = $tokenStorage;
+        $this->authorizationChecker = $authorizationChecker;
     }
 
     /**
@@ -41,10 +49,12 @@ public function __construct(SecurityContextInterface $securityContext)
      */
     public function getCustomer()
     {
-        if ($this->securityContext->getToken() && $this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')
-            && $this->securityContext->getToken()->getUser() instanceof UserInterface
-        ) {
-            return $this->securityContext->getToken()->getUser()->getCustomer();
+        if (null === $token = $this->tokenStorage->getToken()) {
+            return null;
+        }
+
+        if ($this->authorizationChecker->isGranted('IS_AUTHENTICATED_REMEMBERED') && $token->getUser() instanceof UserInterface) {
+            return $token->getUser()->getCustomer();
         }
 
         return null;

diff --git a/src/Sylius/Bundle/UserBundle/EventListener/UserDeleteListener.php b/src/Sylius/Bundle/UserBundle/EventListener/UserDeleteListener.php
@@ -15,7 +15,7 @@
 use Sylius\Component\Resource\Exception\UnexpectedTypeException;
 use Sylius\Component\User\Model\UserInterface;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
-use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 
 /**
  * User delete listener.
@@ -27,22 +27,22 @@
 class UserDeleteListener
 {
     /**
-     * @var SecurityContextInterface
+     * @var TokenStorageInterface
      */
-    protected $securityContext;
+    protected $tokenStorage;
 
     /**
      * @var SessionInterface
      */
     protected $session;
 
     /**
-     * @param SecurityContextInterface $securityContext
+     * @param TokenStorageInterface $tokenStorage
      * @param SessionInterface         $session
      */
-    public function __construct(SecurityContextInterface $securityContext, SessionInterface $session)
+    public function __construct(TokenStorageInterface $tokenStorage, SessionInterface $session)
     {
-        $this->securityContext = $securityContext;
+        $this->tokenStorage = $tokenStorage;
         $this->session = $session;
     }
 
@@ -60,7 +60,7 @@ public function deleteUser(ResourceEvent $event)
             );
         }
 
-        if (($token = $this->securityContext->getToken()) && ($loggedUser = $token->getUser()) && ($loggedUser->getId() === $user->getId())) {
+        if (($token = $this->tokenStorage->getToken()) && ($loggedUser = $token->getUser()) && ($loggedUser->getId() === $user->getId())) {
             $event->stopPropagation();
             $this->session->getBag('flashes')->add('error', 'Cannot remove currently logged in user.');
         }

diff --git a/src/Sylius/Bundle/UserBundle/Resources/config/services.xml b/src/Sylius/Bundle/UserBundle/Resources/config/services.xml
@@ -60,7 +60,8 @@
     <services>
         <!-- Customer context -->
         <service id="sylius.context.customer" class="%sylius.context.customer.class%">
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
+            <argument type="service" id="security.authorization_checker" />
         </service>
 
         <!-- Controllers -->
@@ -98,7 +99,7 @@
             <argument type="service" id="service_container" />
         </service>
         <service id="sylius.security.user_login" class="%sylius.security.user_login.class%">
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.user_checker" />
             <argument type="service" id="event_dispatcher" />
         </service>
@@ -143,7 +144,7 @@
             <tag name="kernel.event_listener" event="sylius.user.password_reset.request.token" method="sendResetPasswordTokenEmail" />
         </service>
         <service id="sylius.listener.user_delete" class="%sylius.listener.user_delete.class%">
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="session" />
             <tag name="kernel.event_listener" event="sylius.user.pre_delete" method="deleteUser" />
         </service>

diff --git a/src/Sylius/Bundle/UserBundle/Security/Authentication/AuthenticationUtils.php b/src/Sylius/Bundle/UserBundle/Security/Authentication/AuthenticationUtils.php
@@ -14,7 +14,7 @@
 use Symfony\Component\DependencyInjection\ContainerInterface as Container;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Security;
 
 /**
  * Extracts Security Errors from Request
@@ -48,13 +48,13 @@ public function getLastAuthenticationError($clearSession = true)
         $session = $request->getSession();
         $authenticationException = null;
 
-        if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
-            $authenticationException = $request->attributes->get(SecurityContextInterface::AUTHENTICATION_ERROR);
-        } elseif ($session !== null && $session->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
-            $authenticationException = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
+        if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
+            $authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR);
+        } elseif ($session !== null && $session->has(Security::AUTHENTICATION_ERROR)) {
+            $authenticationException = $session->get(Security::AUTHENTICATION_ERROR);
 
             if ($clearSession) {
-                $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);
+                $session->remove(Security::AUTHENTICATION_ERROR);
             }
         }
 
@@ -68,7 +68,7 @@ public function getLastUsername()
     {
         $session = $this->getRequest()->getSession();
 
-        return null === $session ? '' : $session->get(SecurityContextInterface::LAST_USERNAME);
+        return null === $session ? '' : $session->get(Security::LAST_USERNAME);
     }
 
     /**

diff --git a/src/Sylius/Bundle/UserBundle/Security/UserLogin.php b/src/Sylius/Bundle/UserBundle/Security/UserLogin.php
@@ -15,9 +15,9 @@
 use Sylius\Bundle\UserBundle\UserEvents;
 use Sylius\Component\User\Model\UserInterface;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\Security\Core\SecurityContextInterface;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
 
 /**
@@ -27,9 +27,9 @@
 class UserLogin implements UserLoginInterface
 {
     /**
-     * @var SecurityContextInterface
+     * @var TokenStorageInterface
      */
-    private $securityContext;
+    private $tokenStorage;
 
     /**
      * @var UserCheckerInterface
@@ -42,13 +42,13 @@ class UserLogin implements UserLoginInterface
     private $eventDispatcher;
 
     /**
-     * @param SecurityContextInterface $securityContext
+     * @param TokenStorageInterface $tokenStorage
      * @param UserCheckerInterface     $userChecker
      * @param EventDispatcherInterface $eventDispatcher
      */
-    public function __construct(SecurityContextInterface $securityContext, UserCheckerInterface $userChecker, EventDispatcherInterface $eventDispatcher)
+    public function __construct(TokenStorageInterface $tokenStorage, UserCheckerInterface $userChecker, EventDispatcherInterface $eventDispatcher)
     {
-        $this->securityContext = $securityContext;
+        $this->tokenStorage = $tokenStorage;
         $this->userChecker = $userChecker;
         $this->eventDispatcher = $eventDispatcher;
     }
@@ -66,7 +66,7 @@ public function login(UserInterface $user, $firewallName = 'main')
             throw new AuthenticationException('Unauthenticated token');
         }
 
-        $this->securityContext->setToken($token);
+        $this->tokenStorage->setToken($token);
         $this->eventDispatcher->dispatch(UserEvents::SECURITY_IMPLICIT_LOGIN, new UserEvent($user));
     }