Merge pull request #1060 from dunglas/opt_security

Make the dependency to SecurityBundle optional

Author: dunglas

src/Bridge/Symfony/Bundle/DependencyInjection/ApiPlatformExtension.php

@@ -76,11 +76,15 @@ public function load(array $configs, ContainerBuilder $container)
         $loader = new XmlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
         $loader->load('api.xml');
         $loader->load('data_provider.xml');
+
         if (interface_exists(ValidatorInterface::class)) {
             $loader->load('validator.xml');
         }
 
         $bundles = $container->getParameter('kernel.bundles');
+        if (isset($bundles['SecurityBundle'])) {
+            $loader->load('security.xml');
+        }
 
         $this->registerMetadataConfiguration($container, $loader, $bundles, $config['loader_paths']);
         $this->registerOAuthConfiguration($container, $config, $loader);

src/Bridge/Symfony/Bundle/Resources/config/api.xml

@@ -112,14 +112,6 @@
             <tag name="kernel.event_listener" event="kernel.request" method="onKernelRequest" priority="2" />
         </service>
 
-        <!-- This listener must be executed only when the current object is available -->
-        <service id="api_platform.listener.request.deny_access" class="ApiPlatform\Core\EventListener\DenyAccessListener">
-            <argument type="service" id="api_platform.metadata.resource.metadata_factory" />
-            <argument type="service" id="security.authorization_checker" on-invalid="ignore" />
-
-            <tag name="kernel.event_listener" event="kernel.request" method="onKernelRequest" priority="1" />
-        </service>
-
         <service id="api_platform.listener.view.serialize" class="ApiPlatform\Core\EventListener\SerializeListener">
             <argument type="service" id="api_platform.serializer" />
             <argument type="service" id="api_platform.serializer.context_builder" />

src/Bridge/Symfony/Bundle/Resources/config/security.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" ?>
+
+<container xmlns="http://symfony.com/schema/dic/services"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
+
+    <services>
+        <!-- This listener must be executed only when the current object is available -->
+        <service id="api_platform.listener.request.deny_access" class="ApiPlatform\Core\EventListener\DenyAccessListener">
+            <argument type="service" id="api_platform.metadata.resource.metadata_factory" />
+            <argument type="service" id="security.authorization_checker" on-invalid="ignore" />
+
+            <tag name="kernel.event_listener" event="kernel.request" method="onKernelRequest" priority="1" />
+        </service>
+    </services>
+
+</container>

tests/Bridge/Symfony/Bundle/DependencyInjection/ApiPlatformExtensionTest.php

@@ -19,6 +19,7 @@
 use FOS\UserBundle\FOSUserBundle;
 use Nelmio\ApiDocBundle\NelmioApiDocBundle;
 use Prophecy\Argument;
+use Symfony\Bundle\SecurityBundle\SecurityBundle;
 use Symfony\Component\Config\Resource\ResourceInterface;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Definition;
@@ -167,6 +168,19 @@ public function testEnableNelmioApiDoc()
         $this->extension->load(array_merge_recursive(self::DEFAULT_CONFIG, ['api_platform' => ['enable_nelmio_api_doc' => true]]), $containerBuilder);
     }
 
+    public function testEnablSecurity()
+    {
+        $containerBuilderProphecy = $this->getContainerBuilderProphecy();
+        $containerBuilderProphecy->getParameter('kernel.bundles')->willReturn([
+            'DoctrineBundle' => DoctrineBundle::class,
+            'SecurityBundle' => SecurityBundle::class,
+        ])->shouldBeCalled();
+        $containerBuilderProphecy->setDefinition('api_platform.listener.request.deny_access', Argument::type(Definition::class))->shouldBeCalled();
+        $containerBuilder = $containerBuilderProphecy->reveal();
+
+        $this->extension->load(self::DEFAULT_CONFIG, $containerBuilder);
+    }
+
     public function testDisableEagerLoadingExtension()
     {
         $containerBuilderProphecy = $this->getContainerBuilderProphecy();
@@ -300,7 +314,6 @@ private function getContainerBuilderProphecy()
             'api_platform.listener.view.respond',
             'api_platform.listener.view.serialize',
             'api_platform.listener.view.validate',
-            'api_platform.listener.request.deny_access',
             'api_platform.metadata.extractor.yaml',
             'api_platform.metadata.extractor.xml',
             'api_platform.metadata.property.metadata_factory.annotation',