Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Security] Added debug:firewall command #39326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 19, 2021
Merged

[Security] Added debug:firewall command #39326

merged 1 commit into from
Feb 19, 2021

Conversation

TimoBakx
Copy link
Member

@TimoBakx TimoBakx commented Dec 5, 2020
edited
Loading

Q A
Branch? 5.x
Bug fix? no
New feature? yes
Deprecations? no
Tickets Fix #39321
License MIT
Doc PR symfony/symfony-docs#14982
Tags #SymfonyHackday

Subtasks

  • Add list view (for use without arguments)
  • Add more information to list view
  • Add detail view (for use with firewall argument)
  • Add more information to detail view table
  • Add authenticators list
  • Add event listeners & events (copy from debug:event-listener)
  • Add --include-listeners option (default: false)
  • Add helptext
  • Add documentation

Moved outside of current scope

  • Add allowed badges

Usage (and example output) for a list

bin/console debug:firewall

Firewalls
=========

 The following firewalls are defined:
 -------- 
  Name    
 -------- 
  dev     
  public
  main    
 -------- 

 // To view details of a specific firewall, re-run this command with a firewall name. (e.g. debug:firewall              
 // main)

Usage (and example output) for details

bin/console debug:firewall main

Firewall "main"
===============

 ----------------------- --------------------------------------------------- 
  Option                  Value                                              
 ----------------------- --------------------------------------------------- 
  Name                    main                                               
  Context                 main                                               
  Lazy                    Yes                                                
  Stateless               No                                                 
  User Checker            security.user_checker                              
  Provider                security.user.provider.concrete.app_user_provider  
  Entry Point             App\Security\LoginFormAuthenticator                
  Access Denied URL                                                          
  Access Denied Handler                                                      
 ----------------------- --------------------------------------------------- 

User switching
--------------

 ----------- --------------------------------------------------- 
  Option      Value                                              
 ----------- --------------------------------------------------- 
  Parameter   test                                               
  Provider    security.user.provider.concrete.app_user_provider  
  User Role   ROLE_SWITCH_POSSIBLE                               
 ----------- --------------------------------------------------- 

Event listeners for firewall "main"
===================================

"Symfony\Component\Security\Http\Event\LoginSuccessEvent" event
---------------------------------------------------------------

 ------- -------------------------------------------------------------------------------------------- ---------- 
  Order   Callable                                                                                     Priority  
 ------- -------------------------------------------------------------------------------------------- ---------- 
  #1      Symfony\Component\Security\Http\EventListener\UserCheckerListener::postCheckCredentials()    256       
  #2      Symfony\Component\Security\Http\EventListener\SessionStrategyListener::onSuccessfulLogin()   0         
  #3      Symfony\Component\Security\Http\EventListener\RememberMeListener::onSuccessfulLogin()        0         
  #4      App\Security\UpdateLastLogin::__invoke()                                                     0         
  #5      Symfony\Component\Security\Http\EventListener\PasswordMigratingListener::onLoginSuccess()    0         
 ------- -------------------------------------------------------------------------------------------- ---------- 

"Symfony\Component\Security\Http\Event\LogoutEvent" event
---------------------------------------------------------

 ------- ------------------------------------------------------------------------------------------- ---------- 
  Order   Callable                                                                                    Priority  
 ------- ------------------------------------------------------------------------------------------- ---------- 
  #1      Symfony\Component\Security\Http\EventListener\DefaultLogoutListener::onLogout()             64        
  #2      Symfony\Component\Security\Http\EventListener\SessionLogoutListener::onLogout()             0         
  #3      Symfony\Component\Security\Http\EventListener\RememberMeLogoutListener::onLogout()          0         
  #4      Symfony\Component\Security\Http\EventListener\CsrfTokenClearingLogoutListener::onLogout()   0         
 ------- ------------------------------------------------------------------------------------------- ---------- 

"Symfony\Component\Security\Http\Event\CheckPassportEvent" event
----------------------------------------------------------------

 ------- ------------------------------------------------------------------------------------------ ---------- 
  Order   Callable                                                                                   Priority  
 ------- ------------------------------------------------------------------------------------------ ---------- 
  #1      Symfony\Component\Security\Http\EventListener\LoginThrottlingListener::checkPassport()     2080      
  #2      Symfony\Component\Security\Http\EventListener\UserProviderListener::checkPassport()        2048      
  #3      Symfony\Component\Security\Http\EventListener\UserProviderListener::checkPassport()        1024      
  #4      Symfony\Component\Security\Http\EventListener\CsrfProtectionListener::checkPassport()      512       
  #5      Symfony\Component\Security\Http\EventListener\UserCheckerListener::preCheckCredentials()   256       
  #6      App\Security\DisallowBannedUsers::__invoke()                                               0         
  #7      Symfony\Component\Security\Http\EventListener\CheckCredentialsListener::checkPassport()    0         
 ------- ------------------------------------------------------------------------------------------ ---------- 

"Symfony\Component\Security\Http\Event\LoginFailureEvent" event
---------------------------------------------------------------

 ------- ----------------------------------------------------------------------------------- ---------- 
  Order   Callable                                                                            Priority  
 ------- ----------------------------------------------------------------------------------- ---------- 
  #1      Symfony\Component\Security\Http\EventListener\RememberMeListener::onFailedLogin()   0         
 ------- ----------------------------------------------------------------------------------- ---------- 

Authenticators for firewall "main"
==================================

 // @TODO: List authenticator information

@carsonbot carsonbot changed the title [WIP] [Security] Added debug:firewall command [Security] [WIP] Added debug:firewall command Dec 5, 2020
@wouterj wouterj added this to the 5.x milestone Dec 5, 2020
wouterj
wouterj reviewed Dec 5, 2020
View reviewed changes
Copy link
Member

@wouterj wouterj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking great already :)

wouterj
wouterj reviewed Dec 5, 2020
View reviewed changes
Copy link
Member

@wouterj wouterj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some comments. Thanks for your enthusiasm about this today!

Btw, #39276 is now merged (but you've probably already discovered that), so this PR is unlocked again

@TimoBakx TimoBakx marked this pull request as draft December 6, 2020 16:07
wouterj
wouterj reviewed Jan 20, 2021
View reviewed changes
Copy link
Member

@wouterj wouterj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I'm correct, the 2 suggested changes are required to use the authenticator locator.

Or than that (and tests), is there anything preventing this command from being merged? It seems quite feature complete already (and we can always open new PRs to add even more features).

@TimoBakx
Copy link
Member Author

@wouterj Thanks for your last suggestion. I'll check if I can make that work and finish up this PR this weekend.

@TimoBakx TimoBakx mentioned this pull request Feb 14, 2021
Merged
@TimoBakx TimoBakx changed the title [Security] [WIP] Added debug:firewall command [Security] Added debug:firewall command Feb 14, 2021
@TimoBakx TimoBakx marked this pull request as ready for review February 14, 2021 16:09
@TimoBakx TimoBakx requested a review from wouterj February 14, 2021 16:10
@TimoBakx
Copy link
Member Author

TimoBakx commented Feb 14, 2021
edited
Loading

Made some changes for the last review comments. Added help text and documentation. I think this PR is ready to be reviewed.

wouterj
wouterj requested changes Feb 16, 2021
View reviewed changes
Copy link
Member

@wouterj wouterj left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I promise this was the final round of comments :)

I think this looks really nice and helpful (I've been testing it out on a demo project)! (the duplicate UserProviderListener in the output already catches my eyes, maybe there is a bug in the security code 👀 )

Most are about CS (we prefer longer lines over many small lines, it takes some getting used to when contributing). Can you please also update the CHANGELOG.md in the bundle?

wouterj
wouterj approved these changes Feb 17, 2021
View reviewed changes
Copy link
Member

@wouterj wouterj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks perfect to me!

It's probably good to add some tests here some day. However, I see all other debug commands also don't have tests, so I'm fine with merging this feature as-is.

@TimoBakx
Copy link
Member Author

Yeah, I've been thinking about tests, but right now it's kinda hard to test command output. Especially when my IDE keeps trying to remove trailing spaces from the expected table output.

javiereguiluz
javiereguiluz approved these changes Feb 19, 2021
View reviewed changes
Copy link
Member

@javiereguiluz javiereguiluz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this proposal! Thanks Timo!

chalasr
chalasr approved these changes Feb 19, 2021
View reviewed changes
Copy link
Member

@chalasr chalasr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here is a cosmetic review. Once addressed, this should be ready to go on my side.
Nice work @TimoBakx

@TimoBakx
Copy link
Member Author

@chalasr Thank you for your CS pointers. It's much appreciated. I addressed all points except for the code-move that I can't do.

@wouterj
Copy link
Member

wouterj commented Feb 19, 2021

This is great. Thanks a ton Timo for updating your PR with all these review rounds and thinking so hard about all the info that could be displayed here!

@wouterj wouterj merged commit 70ef5b3 into symfony:5.x Feb 19, 2021
@TimoBakx
Copy link
Member Author

Thank all of you for your reviews and encouragement. My first class added to Symfony. I'm so excited! 🎉

wouterj added a commit to symfony/symfony-docs that referenced this pull request Feb 19, 2021
@wouterj
feature #14982 [Security] Added debug:firewall command (TimoBakx)
6615f1c 
This PR was merged into the 5.3-dev branch.

Discussion
----------

[Security] Added debug:firewall command

Documentation for symfony/symfony#39326

Commits
-------

7512515 [Security] Added debug:firewall command
wouterj added a commit that referenced this pull request Feb 19, 2021
@wouterj
[#39326] Fix PHP 7.2 heredoc syntax
b8f5b7a
@TimoBakx TimoBakx deleted the debug-firewall-command branch March 2, 2021 16:38
junaidbinfarooq pushed a commit to junaidbinfarooq/symfony that referenced this pull request Mar 2, 2021
@wouterj @junaidbinfarooq
[symfony#39326] Fix PHP 7.2 heredoc syntax
6f603e0
@fabpot fabpot mentioned this pull request Apr 18, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OskarStark OskarStark OskarStark left review comments

@javiereguiluz javiereguiluz javiereguiluz approved these changes

@wouterj wouterj wouterj approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Feature Security Status: Reviewed
Projects
None yet
Milestone
5.4
Development

Successfully merging this pull request may close these issues.

[Security] Add a debug:firewall command
6 participants
@TimoBakx @wouterj @javiereguiluz @OskarStark @chalasr @carsonbot