[Security] removed usage of the deprecated SecurityContextInterface

Author: fabpot

Resources/config/security_listeners.xml

@@ -52,7 +52,7 @@
     <services>
         <service id="security.authentication.listener.anonymous" class="%security.authentication.listener.anonymous.class%" public="false">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument /> <!-- Key -->
             <argument type="service" id="logger" on-invalid="null" />
             <argument type="service" id="security.authentication.manager" />
@@ -82,15 +82,15 @@
 
         <service id="security.context_listener" class="%security.context_listener.class%" public="false">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="collection"></argument>
             <argument /> <!-- Provider Key -->
             <argument type="service" id="logger" on-invalid="null" />
             <argument type="service" id="event_dispatcher" on-invalid="null"/>
         </service>
 
         <service id="security.logout_listener" class="%security.logout_listener.class%" public="false" abstract="true">
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.http_utils" />
             <argument type="service" id="security.logout.success_handler" />
             <argument /> <!-- Options -->
@@ -109,7 +109,7 @@
 
         <service id="security.authentication.listener.abstract" abstract="true" public="false">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.manager" />
             <argument type="service" id="security.authentication.session_strategy" />
             <argument type="service" id="security.http_utils" />
@@ -167,7 +167,7 @@
 
         <service id="security.authentication.listener.simple_preauth" class="%security.authentication.listener.simple_preauth.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.manager" />
             <argument /> <!-- Provider-shared Key -->
             <argument /> <!-- Authenticator -->
@@ -177,7 +177,7 @@
 
         <service id="security.authentication.listener.x509" class="%security.authentication.listener.x509.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.manager" />
             <argument /> <!-- Provider-shared Key -->
             <argument /> <!-- x509 user -->
@@ -188,7 +188,7 @@
 
         <service id="security.authentication.listener.remote_user" class="Symfony\Component\Security\Http\Firewall\RemoteUserAuthenticationListener" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.manager" />
             <argument /> <!-- Provider-shared Key -->
             <argument /> <!-- REMOTE_USER server env var -->
@@ -198,7 +198,7 @@
 
         <service id="security.authentication.listener.basic" class="%security.authentication.listener.basic.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.manager" />
             <argument /> <!-- Provider-shared Key -->
             <argument /> <!-- Entry Point -->
@@ -207,7 +207,7 @@
 
         <service id="security.authentication.listener.digest" class="%security.authentication.listener.digest.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument /> <!-- User Provider -->
             <argument /> <!-- Provider-shared Key -->
             <argument /> <!-- Entry Point -->
@@ -235,7 +235,7 @@
 
         <service id="security.exception_listener" class="%security.exception_listener.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.trust_resolver" />
             <argument type="service" id="security.http_utils" />
             <argument />
@@ -247,7 +247,7 @@
 
         <service id="security.authentication.switchuser_listener" class="%security.authentication.switchuser_listener.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument /> <!-- User Provider -->
             <argument type="service" id="security.user_checker" />
             <argument /> <!--  Provider Key -->
@@ -260,7 +260,7 @@
 
         <service id="security.access_listener" class="%security.access_listener.class%" public="false">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.access.decision_manager" />
             <argument type="service" id="security.access_map" />
             <argument type="service" id="security.authentication.manager" />

Resources/config/security_rememberme.xml

@@ -19,7 +19,7 @@
     <services>
         <service id="security.authentication.listener.rememberme" class="%security.authentication.listener.rememberme.class%" public="false" abstract="true">
             <tag name="monolog.logger" channel="security" />
-            <argument type="service" id="security.context" />
+            <argument type="service" id="security.token_storage" />
             <argument type="service" id="security.authentication.rememberme" />
             <argument type="service" id="security.authentication.manager" />
             <argument type="service" id="logger" on-invalid="null" />

Resources/config/templating_php.xml

@@ -18,7 +18,7 @@
 
         <service id="templating.helper.security" class="%templating.helper.security.class%">
             <tag name="templating.helper" alias="security" />
-            <argument type="service" id="security.context" on-invalid="ignore" />
+            <argument type="service" id="security.authorization_checker" on-invalid="ignore" />
         </service>
     </services>
 </container>

Resources/config/templating_twig.xml

@@ -17,7 +17,7 @@
 
         <service id="twig.extension.security" class="%twig.extension.security.class%" public="false">
             <tag name="twig.extension" />
-            <argument type="service" id="security.context" on-invalid="ignore" />
+            <argument type="service" id="security.authorization_checker" on-invalid="ignore" />
         </service>
     </services>
 </container>

Templating/Helper/SecurityHelper.php

@@ -14,37 +14,38 @@
 use Symfony\Component\Security\Acl\Voter\FieldVote;
 use Symfony\Component\Templating\Helper\Helper;
 use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 
 /**
- * SecurityHelper provides read-only access to the security context.
+ * SecurityHelper provides read-only access to the security checker.
  *
  * @author Fabien Potencier <[email protected]>
  */
 class SecurityHelper extends Helper
 {
-    private $context;
+    private $securityChecker;
 
     /**
-     * Constructor.
+     * @param SecurityContextInterface|AuthorizationCheckerInterface
      *
-     * @param SecurityContextInterface $context A SecurityContext instance
+     * Passing a SecurityContextInterface as a first argument was deprecated in 2.7 and will be removed in 3.0
      */
-    public function __construct(SecurityContextInterface $context = null)
+    public function __construct($securityChecker = null)
     {
-        $this->context = $context;
+        $this->securityChecker = $securityChecker;
     }
 
     public function isGranted($role, $object = null, $field = null)
     {
-        if (null === $this->context) {
+        if (null === $this->securityChecker) {
             return false;
         }
 
         if (null !== $field) {
             $object = new FieldVote($object, $field);
         }
 
-        return $this->context->isGranted($role, $object);
+        return $this->securityChecker->isGranted($role, $object);
     }
 
     /**

Tests/DataCollector/SecurityDataCollectorTest.php

@@ -25,9 +25,9 @@ public function testCollectWhenSecurityIsDisabled()
         $this->assertEmpty($collector->getUser());
     }
 
-    /** @dataProvider provideTokenStorage */
-    public function testCollectWhenAuthenticationTokenIsNull($tokenStorage)
+    public function testCollectWhenAuthenticationTokenIsNull()
     {
+        $tokenStorage = new TokenStorage();
         $collector = new SecurityDataCollector($tokenStorage, $this->getRoleHierarchy());
         $collector->collect($this->getRequest(), $this->getResponse());
 
@@ -40,12 +40,21 @@ public function testCollectWhenAuthenticationTokenIsNull($tokenStorage)
         $this->assertEmpty($collector->getUser());
     }
 
-    public function provideTokenStorage()
+    public function testLegacyCollectWhenAuthenticationTokenIsNull()
     {
-        return array(
-            array(new TokenStorage()),
-            array($this->getMock('Symfony\Component\Security\Core\SecurityContextInterface')),
-        );
+        $this->iniSet('error_reporting', -1 & ~E_USER_DEPRECATED);
+
+        $tokenStorage = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $collector = new SecurityDataCollector($tokenStorage, $this->getRoleHierarchy());
+        $collector->collect($this->getRequest(), $this->getResponse());
+
+        $this->assertTrue($collector->isEnabled());
+        $this->assertFalse($collector->isAuthenticated());
+        $this->assertNull($collector->getTokenClass());
+        $this->assertTrue($collector->supportsRoleHierarchy());
+        $this->assertCount(0, $collector->getRoles());
+        $this->assertCount(0, $collector->getInheritedRoles());
+        $this->assertEmpty($collector->getUser());
     }
 
     /** @dataProvider provideRoles */

Tests/Functional/Bundle/FormLoginBundle/Controller/LocalizedController.php

@@ -11,7 +11,7 @@
 
 namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FormLoginBundle\Controller;
 
-use Symfony\Component\Security\Core\SecurityContext;
+use Symfony\Component\Security\Core\Security;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\DependencyInjection\ContainerAware;
@@ -21,15 +21,15 @@ class LocalizedController extends ContainerAware
     public function loginAction(Request $request)
     {
         // get the login error if there is one
-        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
-            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+        if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
+            $error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
         } else {
-            $error = $request->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
+            $error = $request->getSession()->get(Security::AUTHENTICATION_ERROR);
         }
 
         return $this->container->get('templating')->renderResponse('FormLoginBundle:Localized:login.html.twig', array(
             // last username entered by the user
-            'last_username' => $request->getSession()->get(SecurityContext::LAST_USERNAME),
+            'last_username' => $request->getSession()->get(Security::LAST_USERNAME),
             'error' => $error,
         ));
     }

Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php

@@ -14,23 +14,23 @@
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Security\Core\SecurityContext;
+use Symfony\Component\Security\Core\Security;
 use Symfony\Component\DependencyInjection\ContainerAware;
 
 class LoginController extends ContainerAware
 {
     public function loginAction(Request $request)
     {
         // get the login error if there is one
-        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
-            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+        if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
+            $error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
         } else {
-            $error = $request->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
+            $error = $request->getSession()->get(Security::AUTHENTICATION_ERROR);
         }
 
         return $this->container->get('templating')->renderResponse('FormLoginBundle:Login:login.html.twig', array(
             // last username entered by the user
-            'last_username' => $request->getSession()->get(SecurityContext::LAST_USERNAME),
+            'last_username' => $request->getSession()->get(Security::LAST_USERNAME),
             'error' => $error,
         ));
     }

composer.json

@@ -17,7 +17,7 @@
     ],
     "require": {
         "php": ">=5.3.3",
-        "symfony/security": "~2.6|~3.0.0",
+        "symfony/security": "~2.7|~3.0.0",
         "symfony/http-kernel": "~2.2|~3.0.0"
     },
     "require-dev": {