2222use Symfony \Component \Security \Core \Authorization \AccessDecisionManagerInterface ;
2323use Symfony \Component \Security \Core \Exception \AccessDeniedException ;
2424use Symfony \Component \Security \Core \Exception \AuthenticationCredentialsNotFoundException ;
25- use Symfony \Component \Security \Core \Exception \ UsernameNotFoundException ;
25+ use Symfony \Component \Security \Core \User \ InMemoryUserProvider ;
2626use Symfony \Component \Security \Core \User \User ;
2727use Symfony \Component \Security \Core \User \UserCheckerInterface ;
28- use Symfony \Component \Security \Core \User \UserProviderInterface ;
2928use Symfony \Component \Security \Http \Event \SwitchUserEvent ;
3029use Symfony \Component \Security \Http \Firewall \SwitchUserListener ;
3130use Symfony \Component \Security \Http \SecurityEvents ;
@@ -48,7 +47,7 @@ class SwitchUserListenerTest extends TestCase
4847 protected function setUp (): void
4948 {
5049 $ this tokenStorage = new TokenStorage ();
51- $ this userProvider = $ this -> createMock (UserProviderInterface::class );
50+ $ this userProvider = new InMemoryUserProvider ([ ' kuba ' => []] );
5251 $ this userChecker = $ this createMock (UserCheckerInterface::class);
5352 $ this accessDecisionManager = $ this createMock (AccessDecisionManagerInterface::class);
5453 $ this request = new Request ();
@@ -113,8 +112,8 @@ public function testExitUserDispatchesEventWithRefreshedUser()
113112 {
114113 $ originalUsernew User ('username ' , null );
115114 $ refreshedUsernew User ('username ' , null );
116- $ this
117- -> userProvider
115+ $ userProvider = $ this -> createMock (InMemoryUserProvider::class);
116+ $ userProvider
118117 ->expects ($ this any ())
119118 ->method ('refreshUser ' )
120119 ->with ($ this identicalTo ($ originalUser
@@ -135,15 +134,15 @@ public function testExitUserDispatchesEventWithRefreshedUser()
135134 )
136135 ;
137136
138- $ listenernew SwitchUserListener ($ this tokenStorage , $ this -> userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , $ dispatcher
137+ $ listenernew SwitchUserListener ($ this tokenStorage , $ userProvider$ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , $ dispatcher
139138 $ listener$ this event );
140139 }
141140
142141 public function testExitUserDoesNotDispatchEventWithStringUser ()
143142 {
144143 $ originalUser'anon. ' ;
145- $ this
146- -> userProvider
144+ $ userProvider = $ this -> createMock (InMemoryUserProvider::class);
145+ $ userProvider
147146 ->expects ($ this never ())
148147 ->method ('refreshUser ' );
149148 $ originalTokennew UsernamePasswordToken ($ originalUser'' , 'key ' );
@@ -156,7 +155,7 @@ public function testExitUserDoesNotDispatchEventWithStringUser()
156155 ->method ('dispatch ' )
157156 ;
158157
159- $ listenernew SwitchUserListener ($ this tokenStorage , $ this -> userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , $ dispatcher
158+ $ listenernew SwitchUserListener ($ this tokenStorage , $ userProvider$ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , $ dispatcher
160159 $ listener$ this event );
161160 }
162161
@@ -173,11 +172,6 @@ public function testSwitchUserIsDisallowed()
173172 ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ])
174173 ->willReturn (false );
175174
176- $ this userProvider ->expects ($ this exactly (2 ))
177- ->method ('loadUserByUsername ' )
178- ->withConsecutive (['kuba ' ])
179- ->will ($ this onConsecutiveCalls ($ user$ this throwException (new UsernameNotFoundException ())));
180-
181175 $ listenernew SwitchUserListener ($ this tokenStorage , $ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager );
182176 $ listener$ this event );
183177 }
@@ -188,38 +182,28 @@ public function testSwitchUserTurnsAuthenticationExceptionTo403()
188182 $ tokennew UsernamePasswordToken ('username ' , '' , 'key ' , ['ROLE_ALLOWED_TO_SWITCH ' ]);
189183
190184 $ this tokenStorage ->setToken ($ token
191- $ this request ->query ->set ('_switch_user ' , 'kuba ' );
185+ $ this request ->query ->set ('_switch_user ' , 'not-existing ' );
192186
193187 $ this accessDecisionManager ->expects ($ this never ())
194188 ->method ('decide ' );
195189
196- $ this userProvider ->expects ($ this exactly (2 ))
197- ->method ('loadUserByUsername ' )
198- ->withConsecutive (['kuba ' ], ['username ' ])
199- ->will ($ this onConsecutiveCalls ($ this throwException (new UsernameNotFoundException ())));
200-
201190 $ listenernew SwitchUserListener ($ this tokenStorage , $ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager );
202191 $ listener$ this event );
203192 }
204193
205194 public function testSwitchUser ()
206195 {
207196 $ tokennew UsernamePasswordToken ('username ' , '' , 'key ' , ['ROLE_FOO ' ]);
208- $ usernew User ('username ' , 'password ' , []);
209197
210198 $ this tokenStorage ->setToken ($ token
211199 $ this request ->query ->set ('_switch_user ' , 'kuba ' );
212200
213201 $ this accessDecisionManager ->expects ($ this once ())
214- ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ user
202+ ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ this -> callback ( function ( $ user) { return ' kuba ' === $ user -> getUsername (); }) )
215203 ->willReturn (true );
216204
217- $ this userProvider ->expects ($ this exactly (2 ))
218- ->method ('loadUserByUsername ' )
219- ->withConsecutive (['kuba ' ])
220- ->will ($ this onConsecutiveCalls ($ user$ this throwException (new UsernameNotFoundException ())));
221205 $ this userChecker ->expects ($ this once ())
222- ->method ('checkPostAuth ' )->with ($ user
206+ ->method ('checkPostAuth ' )->with ($ this -> callback ( function ( $ user) { return ' kuba ' === $ user -> getUsername (); }) );
223207
224208 $ listenernew SwitchUserListener ($ this tokenStorage , $ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager );
225209 $ listener$ this event );
@@ -237,20 +221,15 @@ public function testSwitchUserAlreadySwitched()
237221 $ tokenStoragenew TokenStorage ();
238222 $ tokenStoragesetToken ($ alreadySwitchedToken
239223
240- $ targetUsernew User ('kuba ' , 'password ' , ['ROLE_FOO ' , 'ROLE_BAR ' ]);
241-
242224 $ this request ->query ->set ('_switch_user ' , 'kuba ' );
243225
226+ $ targetsUser$ this callback (function ($ userreturn 'kuba ' === $ usergetUsername (); });
244227 $ this accessDecisionManager ->expects ($ this once ())
245- ->method ('decide ' )->with ($ originalToken'ROLE_ALLOWED_TO_SWITCH ' ], $ targetUser
228+ ->method ('decide ' )->with ($ originalToken'ROLE_ALLOWED_TO_SWITCH ' ], $ targetsUser
246229 ->willReturn (true );
247230
248- $ this userProvider ->expects ($ this exactly (2 ))
249- ->method ('loadUserByUsername ' )
250- ->withConsecutive (['kuba ' ])
251- ->will ($ this onConsecutiveCalls ($ targetUser$ this throwException (new UsernameNotFoundException ())));
252231 $ this userChecker ->expects ($ this once ())
253- ->method ('checkPostAuth ' )->with ($ targetUser
232+ ->method ('checkPostAuth ' )->with ($ targetsUser
254233
255234 $ listenernew SwitchUserListener ($ tokenStorage$ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , null , false );
256235 $ listener$ this event );
@@ -264,22 +243,19 @@ public function testSwitchUserAlreadySwitched()
264243
265244 public function testSwitchUserWorksWithFalsyUsernames ()
266245 {
267- $ tokennew UsernamePasswordToken ('username ' , '' , 'key ' , ['ROLE_FOO ' ]);
268- $ usernew User ('username ' , 'password ' , []);
246+ $ tokennew UsernamePasswordToken ('kuba ' , '' , 'key ' , ['ROLE_FOO ' ]);
269247
270248 $ this tokenStorage ->setToken ($ token
271249 $ this request ->query ->set ('_switch_user ' , '0 ' );
272250
251+ $ this userProvider ->createUser ($ usernew User ('0 ' , null ));
252+
273253 $ this accessDecisionManager ->expects ($ this once ())
274254 ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ])
275255 ->willReturn (true );
276256
277- $ this userProvider ->expects ($ this exactly (2 ))
278- ->method ('loadUserByUsername ' )
279- ->withConsecutive (['0 ' ])
280- ->will ($ this onConsecutiveCalls ($ user$ this throwException (new UsernameNotFoundException ())));
281257 $ this userChecker ->expects ($ this once ())
282- ->method ('checkPostAuth ' )->with ($ user
258+ ->method ('checkPostAuth ' )->with ($ this -> callback ( function ( $ argUser ) use ( $ user) { return $ user -> isEqualTo ( $ argUser ); }) );
283259
284260 $ listenernew SwitchUserListener ($ this tokenStorage , $ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager );
285261 $ listener$ this event );
@@ -292,7 +268,6 @@ public function testSwitchUserWorksWithFalsyUsernames()
292268 public function testSwitchUserKeepsOtherQueryStringParameters ()
293269 {
294270 $ tokennew UsernamePasswordToken ('username ' , '' , 'key ' , ['ROLE_FOO ' ]);
295- $ usernew User ('username ' , 'password ' , []);
296271
297272 $ this tokenStorage ->setToken ($ token
298273 $ this request ->query ->replace ([
@@ -301,16 +276,13 @@ public function testSwitchUserKeepsOtherQueryStringParameters()
301276 'section ' => 2 ,
302277 ]);
303278
279+ $ targetsUser$ this callback (function ($ userreturn 'kuba ' === $ usergetUsername (); });
304280 $ this accessDecisionManager ->expects ($ this once ())
305- ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ user
281+ ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ targetsUser
306282 ->willReturn (true );
307283
308- $ this userProvider ->expects ($ this exactly (2 ))
309- ->method ('loadUserByUsername ' )
310- ->withConsecutive (['kuba ' ])
311- ->will ($ this onConsecutiveCalls ($ user$ this throwException (new UsernameNotFoundException ())));
312284 $ this userChecker ->expects ($ this once ())
313- ->method ('checkPostAuth ' )->with ($ user
285+ ->method ('checkPostAuth ' )->with ($ targetsUser
314286
315287 $ listenernew SwitchUserListener ($ this tokenStorage , $ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager );
316288 $ listener$ this event );
@@ -331,21 +303,16 @@ public function testSwitchUserWithReplacedToken()
331303 $ this request ->query ->set ('_switch_user ' , 'kuba ' );
332304
333305 $ this accessDecisionManager ->expects ($ this any ())
334- ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ user
306+ ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ this -> callback ( function ( $ user) { return ' kuba ' === $ user -> getUsername (); }) )
335307 ->willReturn (true );
336308
337- $ this userProvider ->expects ($ this exactly (2 ))
338- ->method ('loadUserByUsername ' )
339- ->withConsecutive (['kuba ' ])
340- ->will ($ this onConsecutiveCalls ($ user$ this throwException (new UsernameNotFoundException ())));
341-
342309 $ dispatcher$ this createMock (EventDispatcherInterface::class);
343310 $ dispatcher
344311 ->expects ($ this once ())
345312 ->method ('dispatch ' )
346313 ->with (
347- $ this callback (function (SwitchUserEvent $ eventuse ($ replacedToken, $ user
348- if ($ user $ eventgetTargetUser ()) {
314+ $ this callback (function (SwitchUserEvent $ eventuse ($ replacedToken
315+ if (' kuba ' $ eventgetTargetUser ()-> getUsername ()) {
349316 return false ;
350317 }
351318 $ eventsetToken ($ replacedToken
@@ -373,21 +340,17 @@ public function testSwitchUserThrowsAuthenticationExceptionIfNoCurrentToken()
373340 public function testSwitchUserStateless ()
374341 {
375342 $ tokennew UsernamePasswordToken ('username ' , '' , 'key ' , ['ROLE_FOO ' ]);
376- $ usernew User ('username ' , 'password ' , []);
377343
378344 $ this tokenStorage ->setToken ($ token
379345 $ this request ->query ->set ('_switch_user ' , 'kuba ' );
380346
347+ $ targetsUser$ this callback (function ($ userreturn 'kuba ' === $ usergetUsername (); });
381348 $ this accessDecisionManager ->expects ($ this once ())
382- ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ user
349+ ->method ('decide ' )->with ($ token'ROLE_ALLOWED_TO_SWITCH ' ], $ targetsUser
383350 ->willReturn (true );
384351
385- $ this userProvider ->expects ($ this exactly (2 ))
386- ->method ('loadUserByUsername ' )
387- ->withConsecutive (['kuba ' ])
388- ->will ($ this onConsecutiveCalls ($ user$ this throwException (new UsernameNotFoundException ())));
389352 $ this userChecker ->expects ($ this once ())
390- ->method ('checkPostAuth ' )->with ($ user
353+ ->method ('checkPostAuth ' )->with ($ targetsUser
391354
392355 $ listenernew SwitchUserListener ($ this tokenStorage , $ this userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , null , true );
393356 $ listener$ this event );
@@ -400,8 +363,8 @@ public function testSwitchUserRefreshesOriginalToken()
400363 {
401364 $ originalUsernew User ('username ' , null );
402365 $ refreshedOriginalUsernew User ('username ' , null );
403- $ this
404- -> userProvider
366+ $ userProvider = $ this -> createMock (InMemoryUserProvider::class);
367+ $ userProvider
405368 ->expects ($ this any ())
406369 ->method ('refreshUser ' )
407370 ->with ($ this identicalTo ($ originalUser
@@ -422,7 +385,7 @@ public function testSwitchUserRefreshesOriginalToken()
422385 )
423386 ;
424387
425- $ listenernew SwitchUserListener ($ this tokenStorage , $ this -> userProvider , $ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , $ dispatcher
388+ $ listenernew SwitchUserListener ($ this tokenStorage , $ userProvider$ this userChecker , 'provider123 ' , $ this accessDecisionManager , null , '_switch_user ' , 'ROLE_ALLOWED_TO_SWITCH ' , $ dispatcher
426389 $ listener$ this event );
427390 }
428391}
0 commit comments