[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing

issei-m · issei-m · commit debb422be139 · 2015-02-07T22:03:24.000+09:00
diff --git a/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php b/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php
@@ -67,17 +67,17 @@ public function createUser(UserInterface $user)
      */
     public function loadUserByUsername($username)
     {
-        if (!isset($this->users[strtolower($username)])) {
-            $ex = new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
-            $ex->setUsername($username);
-
-            throw $ex;
-        }
-
-        $user = $this->users[strtolower($username)];
+        $storedUser = $this->getUser($username);
 
-        return new User($user->getUsername(), $user->getPassword(), $user->getRoles(), $user->isEnabled(), $user->isAccountNonExpired(),
-                $user->isCredentialsNonExpired(), $user->isAccountNonLocked());
+        return new User(
+            $storedUser->getUsername(),
+            $storedUser->getPassword(),
+            $storedUser->getRoles(),
+            $storedUser->isEnabled(),
+            $storedUser->isAccountNonExpired(),
+            $storedUser->isCredentialsNonExpired(),
+            $storedUser->isAccountNonLocked()
+        );
     }
 
     /**
@@ -89,7 +89,17 @@ public function refreshUser(UserInterface $user)
             throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
         }
 
-        return $this->loadUserByUsername($user->getUsername());
+        $storedUser = $this->getUser($user->getUsername());
+
+        return new User(
+            $storedUser->getUsername(),
+            $storedUser->getPassword(),
+            $storedUser->getRoles(),
+            $storedUser->isEnabled(),
+            $storedUser->isAccountNonExpired(),
+            $storedUser->isCredentialsNonExpired() && $storedUser->getPassword() === $user->getPassword(),
+            $storedUser->isAccountNonLocked()
+        );
     }
 
     /**
@@ -99,4 +109,20 @@ public function supportsClass($class)
     {
         return $class === 'Symfony\Component\Security\Core\User\User';
     }
+
+    /**
+     * @param  string $username
+     * @return User
+     */
+    private function getUser($username)
+    {
+        if (!isset($this->users[strtolower($username)])) {
+            $ex = new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
+            $ex->setUsername($username);
+
+            throw $ex;
+        }
+
+        return $this->users[strtolower($username)];
+    }
 }
diff --git a/src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php b/src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php
@@ -18,18 +18,39 @@ class InMemoryUserProviderTest extends \PHPUnit_Framework_TestCase
 {
     public function testConstructor()
     {
-        $provider = new InMemoryUserProvider(array(
+        $provider = $this->createProvider();
+
+        $user = $provider->loadUserByUsername('fabien');
+        $this->assertEquals('foo', $user->getPassword());
+        $this->assertEquals(array('ROLE_USER'), $user->getRoles());
+        $this->assertFalse($user->isEnabled());
+    }
+
+    public function testRefresh()
+    {
+        $user = new User('fabien', 'bar');
+
+        $provider = $this->createProvider();
+
+        $refreshedUser = $provider->refreshUser($user);
+        $this->assertEquals('foo', $refreshedUser->getPassword());
+        $this->assertEquals(array('ROLE_USER'), $refreshedUser->getRoles());
+        $this->assertFalse($refreshedUser->isEnabled());
+        $this->assertFalse($refreshedUser->isCredentialsNonExpired());
+    }
+
+    /**
+     * @return InMemoryUserProvider
+     */
+    protected function createProvider()
+    {
+        return new InMemoryUserProvider(array(
             'fabien' => array(
                 'password' => 'foo',
                 'enabled' => false,
                 'roles' => array('ROLE_USER'),
             ),
         ));
-
-        $user = $provider->loadUserByUsername('fabien');
-        $this->assertEquals('foo', $user->getPassword());
-        $this->assertEquals(array('ROLE_USER'), $user->getRoles());
-        $this->assertFalse($user->isEnabled());
     }
 
     public function testCreateUser()
