Skip to content

Add access_control rule for form login auth #460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: 1.x
Choose a base branch
from
Open

Add access_control rule for form login auth #460

wants to merge 3 commits into from

Conversation

GaryPEGEOT
Copy link

Q A
Branch? master
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #396
License MIT

Add access_control rule when make:auth command is used with login form authenticator

@romaricdrigon
Copy link
Contributor

Hello,
Thank you for this PR, sorry for the delay in reviewing it.
The feature sounds nice. Does it support merging rules with already existing acces_control rules? We should not break user config.

@GaryPEGEOT
Copy link
Author

Hello,
Thank you for this PR, sorry for the delay in reviewing it.
Does it support merging rules with already existing acces_control rules? We should not break user config.

Hi! Yes, it's done here: If an existing config is detected, the line is not added. The test case name is simple_security_with_access_control

romaricdrigon
romaricdrigon suggested changes Oct 16, 2019
View reviewed changes
Copy link
Contributor

@romaricdrigon romaricdrigon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, we are almost there!

src/Security/SecurityConfigUpdater.php Outdated
$accessControlRules = $newData['security']['access_control'] ?? [];

foreach ($accessControlRules as $rule) {
if ('^/login$' === $rule['path']) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that check is a little bit too strict: I think we should check for ^/login, it's the syntax from the (old) documentation: https://symfony.com/doc/4.0/security/form_login_setup.html#be-sure-the-login-page-isn-t-secure-redirect-loop

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed!

...Security/yaml_fixtures/expected_authenticator/simple_security_with_added_access_control.yaml
Comment on lines +14 to +16
-
path: ^/login$
roles: IS_AUTHENTICATED_ANONYMOUSLY
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any way to use the inline syntax (as in simple_security_with_access_control.yaml) instead of that one?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not that I'm aware of. It was pointed out in the related issue that this might happen

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, thank you for the clarification!

@romaricdrigon romaricdrigon added Status: Needs Work Additional work is needed and removed Status: Waiting Feedback Needs feedback from the author labels Oct 16, 2019
@romaricdrigon romaricdrigon added Status: Reviewed Has been reviewed by a maintainer and removed Status: Needs Work Additional work is needed labels Oct 25, 2019
@weaverryan
Copy link
Member

Hiya!

This generally look very good (including the tests). But, I think I need to do a bit of work on YamlSourceManipulator to allow for the access_control to be inline as we really want. Also, I find a few edge-cases with it - like if the security.yaml file looks like the recipe - https://github.com/symfony/recipes/blob/master/symfony/security-bundle/4.4/config/packages/security.yaml - where it has access_control set to no value, then with 2 lines of comments, those comments end up in a screwy place. I'd like to get that done, then this PR (which is already perfect for what it does) should be ready

@weaverryan weaverryan mentioned this pull request Nov 3, 2019
Merged
weaverryan added a commit that referenced this pull request Dec 1, 2019
@weaverryan
bug #487 Yaml source manipulator - fix access control (weaverryan)
7102b79 
This PR was squashed before being merged into the 1.0-dev branch (closes #487).

Discussion
----------

Yaml source manipulator - fix access control

This helps #460 by fixing a few bugs with YamlSourceManipulator. But, it doesn't yet allow for the `access_control` array structure to be printed in an inline format (#460 (comment)).

Cheers!

Commits
-------

aa6c358 Fixing bug where a scalar value would become and array, but comment placement was wrong
1927d14 Fixing bug when a yaml key with no value ends a file
@weaverryan weaverryan changed the base branch from master to main November 16, 2020 20:03
@maxhelias
Copy link
Contributor

A rebase is required

@GaryPEGEOT GaryPEGEOT force-pushed the feature/access-control-rule branch from 7525d82 to ef5d7cc Compare March 29, 2021 08:03
@GaryPEGEOT
Copy link
Author

A rebase is required

Rebase done !

@jrushlow jrushlow added Feature New Feature Status: Needs Review Needs to be reviewed and removed Status: Reviewed Has been reviewed by a maintainer Related Tests Pass labels May 10, 2022
saylor-mik87786 added a commit to saylor-mik87786/maker-bundle that referenced this pull request Jun 3, 2025
@saylor-mik87786
bug #487 Yaml source manipulator - fix access control (weaverryan)
91ab311 
This PR was squashed before being merged into the 1.0-dev branch (closes #487).

Discussion
----------

Yaml source manipulator - fix access control

This helps #460 by fixing a few bugs with YamlSourceManipulator. But, it doesn't yet allow for the `access_control` array structure to be printed in an inline format (symfony/maker-bundle#460 (comment)).

Cheers!

Commits
-------

aa6c358 Fixing bug where a scalar value would become and array, but comment placement was wrong
1927d14 Fixing bug when a yaml key with no value ends a file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@romaricdrigon romaricdrigon romaricdrigon approved these changes

@maxhelias maxhelias maxhelias approved these changes

Assignees
No one assigned
Labels
Feature New Feature Status: Needs Review Needs to be reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@GaryPEGEOT @romaricdrigon @weaverryan @maxhelias @jrushlow