From 35b62ac4cd227d93bed92bd35ecf67c5b6b0dce1 Mon Sep 17 00:00:00 2001 From: Hugo Hamon Date: Mon, 4 Feb 2013 13:20:14 +0100 Subject: [PATCH] [Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API. --- UPGRADE-2.2.md | 49 +++++++++++++++++++ .../Resources/config/security.xml | 2 +- .../Validator/Constraint/UserPassword.php | 15 +++--- .../Constraint/UserPasswordValidator.php | 31 +++--------- .../Validator/Constraints/UserPassword.php | 28 +++++++++++ .../Constraints/UserPasswordValidator.php | 46 +++++++++++++++++ .../UserPasswordValidatorTest.php | 6 +-- 7 files changed, 142 insertions(+), 35 deletions(-) create mode 100644 src/Symfony/Component/Security/Core/Validator/Constraints/UserPassword.php create mode 100644 src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php rename src/Symfony/Component/Security/Tests/Core/Validator/{Constraint => Constraints}/UserPasswordValidatorTest.php (96%) diff --git a/UPGRADE-2.2.md b/UPGRADE-2.2.md index f911ec8cdd3a8..e4494eeda8d5e 100644 --- a/UPGRADE-2.2.md +++ b/UPGRADE-2.2.md @@ -567,6 +567,55 @@ trusted_proxies: ['127.0.0.1', '10.0.0.1'] # a list of proxy IPs you trust ``` +### Security + + * The existing ``UserPassword`` validator constraint class has been modified. + Its namespace has been changed to better fit the Symfony coding conventions. + + Before: + + ``` + use Symfony\Component\Security\Core\Validator\Constraint\UserPassword; + ``` + + After: (note the `s` at the end of `Constraint`) + + ``` + use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; + ``` + + * The new ``UserPassword`` validator constraint class now accepts a new + ``service`` option that allows to specify a custom validator service name in + order to validate the current logged-in user's password. + + ``` + use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; + + $constraint = new UserPassword(array( + 'service' => 'my.custom.validator.user_password', + )); + ``` + +#### Deprecations + + * The two previous ``UserPassword`` and ``UserPasswordValidator`` classes in + the ``Symfony\Component\Security\Core\Validator\Constraint`` namespace have + been deprecated and will be removed in 2.3. + + Before: + + ``` + use Symfony\Component\Security\Core\Validator\Constraint\UserPassword; + use Symfony\Component\Security\Core\Validator\Constraint\UserPasswordValidator; + ``` + + After: + + ``` + use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; + use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator; + ``` + ### Serializer * All serializer interfaces (Serializer, Normalizer, Encoder) have been diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml index d0fbfbcac490c..622ddbe97b97c 100644 --- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml +++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml @@ -41,7 +41,7 @@ Symfony\Component\Security\Http\HttpUtils - Symfony\Component\Security\Core\Validator\Constraint\UserPasswordValidator + Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator diff --git a/src/Symfony/Component/Security/Core/Validator/Constraint/UserPassword.php b/src/Symfony/Component/Security/Core/Validator/Constraint/UserPassword.php index e90d9af05ff78..93ca24d6b0d4e 100644 --- a/src/Symfony/Component/Security/Core/Validator/Constraint/UserPassword.php +++ b/src/Symfony/Component/Security/Core/Validator/Constraint/UserPassword.php @@ -11,18 +11,19 @@ namespace Symfony\Component\Security\Core\Validator\Constraint; -use Symfony\Component\Validator\Constraint; +use Symfony\Component\Security\Core\Validator\Constraints\UserPassword as BaseUserPassword; /** * @Annotation + * + * @deprecated Deprecated since version 2.2, to be removed in 2.3. */ -class UserPassword extends Constraint +class UserPassword extends BaseUserPassword { - public $message = 'This value should be the user current password.'; - public $service = 'security.validator.user_password'; - - public function validatedBy() + public function __construct($options = null) { - return $this->service; + trigger_error('UserPassword class in Symfony\Component\Security\Core\Validator\Constraint namespace is deprecated since version 2.2 and will be removed in 2.3. Use the Symfony\Component\Security\Core\Validator\Constraints\UserPassword class instead.', E_USER_DEPRECATED); + + parent::__construct($options); } } diff --git a/src/Symfony/Component/Security/Core/Validator/Constraint/UserPasswordValidator.php b/src/Symfony/Component/Security/Core/Validator/Constraint/UserPasswordValidator.php index a54906bb74250..0195fe5aae819 100644 --- a/src/Symfony/Component/Security/Core/Validator/Constraint/UserPasswordValidator.php +++ b/src/Symfony/Component/Security/Core/Validator/Constraint/UserPasswordValidator.php @@ -11,36 +11,19 @@ namespace Symfony\Component\Security\Core\Validator\Constraint; -use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; -use Symfony\Component\Validator\Constraint; -use Symfony\Component\Validator\ConstraintValidator; -use Symfony\Component\Validator\Exception\ConstraintDefinitionException; +use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator as BaseUserPasswordValidator; -class UserPasswordValidator extends ConstraintValidator +/** + * @deprecated Deprecated since version 2.2, to be removed in 2.3. + */ +class UserPasswordValidator extends BaseUserPasswordValidator { - private $securityContext; - private $encoderFactory; - public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory) { - $this->securityContext = $securityContext; - $this->encoderFactory = $encoderFactory; - } - - public function validate($password, Constraint $constraint) - { - $user = $this->securityContext->getToken()->getUser(); - - if (!$user instanceof UserInterface) { - throw new ConstraintDefinitionException('The User must extend UserInterface'); - } - - $encoder = $this->encoderFactory->getEncoder($user); + trigger_error('UserPasswordValidator class in Symfony\Component\Security\Core\Validator\Constraint namespace is deprecated since version 2.2 and will be removed in 2.3. Use the Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator class instead.', E_USER_DEPRECATED); - if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { - $this->context->addViolation($constraint->message); - } + parent::__construct($securityContext, $encoderFactory); } } diff --git a/src/Symfony/Component/Security/Core/Validator/Constraints/UserPassword.php b/src/Symfony/Component/Security/Core/Validator/Constraints/UserPassword.php new file mode 100644 index 0000000000000..ed29b0c95b86b --- /dev/null +++ b/src/Symfony/Component/Security/Core/Validator/Constraints/UserPassword.php @@ -0,0 +1,28 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Validator\Constraints; + +use Symfony\Component\Validator\Constraint; + +/** + * @Annotation + */ +class UserPassword extends Constraint +{ + public $message = 'This value should be the user current password.'; + public $service = 'security.validator.user_password'; + + public function validatedBy() + { + return $this->service; + } +} diff --git a/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php b/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php new file mode 100644 index 0000000000000..a4e0f909bf53e --- /dev/null +++ b/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php @@ -0,0 +1,46 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Validator\Constraints; + +use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\SecurityContextInterface; +use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; +use Symfony\Component\Validator\Constraint; +use Symfony\Component\Validator\ConstraintValidator; +use Symfony\Component\Validator\Exception\ConstraintDefinitionException; + +class UserPasswordValidator extends ConstraintValidator +{ + private $securityContext; + private $encoderFactory; + + public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory) + { + $this->securityContext = $securityContext; + $this->encoderFactory = $encoderFactory; + } + + public function validate($password, Constraint $constraint) + { + $user = $this->securityContext->getToken()->getUser(); + + if (!$user instanceof UserInterface) { + throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.'); + } + + $encoder = $this->encoderFactory->getEncoder($user); + + if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { + $this->context->addViolation($constraint->message); + } + } +} diff --git a/src/Symfony/Component/Security/Tests/Core/Validator/Constraint/UserPasswordValidatorTest.php b/src/Symfony/Component/Security/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php similarity index 96% rename from src/Symfony/Component/Security/Tests/Core/Validator/Constraint/UserPasswordValidatorTest.php rename to src/Symfony/Component/Security/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php index e3bcbf45fef63..d9395baf873cf 100644 --- a/src/Symfony/Component/Security/Tests/Core/Validator/Constraint/UserPasswordValidatorTest.php +++ b/src/Symfony/Component/Security/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php @@ -9,10 +9,10 @@ * file that was distributed with this source code. */ -namespace Symfony\Component\Security\Tests\Core\Validator\Constraint; +namespace Symfony\Component\Security\Tests\Core\Validator\Constraints; -use Symfony\Component\Security\Core\Validator\Constraint\UserPassword; -use Symfony\Component\Security\Core\Validator\Constraint\UserPasswordValidator; +use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; +use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator; class UserPasswordValidatorTest extends \PHPUnit_Framework_TestCase {