Fix after review

This commit is contained in:
Michał Kaczmarek 2026-05-22 14:52:30 +02:00
parent 6920a9dfff
commit 29d0ce9614
2 changed files with 18 additions and 5 deletions

View file

@ -50,7 +50,10 @@
</service> </service>
<service id="sylius.twig.extension.security_csrf" class="Sylius\Bundle\CoreBundle\Twig\SecurityCsrfExtension" public="false"> <service id="sylius.twig.extension.security_csrf" class="Sylius\Bundle\CoreBundle\Twig\SecurityCsrfExtension" public="false">
<argument type="service" id="service_container" /> <argument>%sylius_admin.security.csrf_parameter%</argument>
<argument>%sylius_admin.security.csrf_token_id%</argument>
<argument>%sylius_shop.security.csrf_parameter%</argument>
<argument>%sylius_shop.security.csrf_token_id%</argument>
<tag name="twig.extension" /> <tag name="twig.extension" />
</service> </service>
</services> </services>

View file

@ -13,14 +13,16 @@ declare(strict_types=1);
namespace Sylius\Bundle\CoreBundle\Twig; namespace Sylius\Bundle\CoreBundle\Twig;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Twig\Extension\AbstractExtension; use Twig\Extension\AbstractExtension;
use Twig\TwigFunction; use Twig\TwigFunction;
final class SecurityCsrfExtension extends AbstractExtension final class SecurityCsrfExtension extends AbstractExtension
{ {
public function __construct( public function __construct(
private readonly ContainerInterface $container, private readonly string $adminCsrfParameter,
private readonly string $adminCsrfTokenId,
private readonly string $shopCsrfParameter,
private readonly string $shopCsrfTokenId,
) { ) {
} }
@ -34,11 +36,19 @@ final class SecurityCsrfExtension extends AbstractExtension
public function getCsrfParameter(string $section): string public function getCsrfParameter(string $section): string
{ {
return (string) $this->container->getParameter(sprintf('sylius_%s.security.csrf_parameter', $section)); return match ($section) {
'admin' => $this->adminCsrfParameter,
'shop' => $this->shopCsrfParameter,
default => throw new \InvalidArgumentException(sprintf('Unknown section "%s". Expected "admin" or "shop".', $section)),
};
} }
public function getCsrfTokenId(string $section): string public function getCsrfTokenId(string $section): string
{ {
return (string) $this->container->getParameter(sprintf('sylius_%s.security.csrf_token_id', $section)); return match ($section) {
'admin' => $this->adminCsrfTokenId,
'shop' => $this->shopCsrfTokenId,
default => throw new \InvalidArgumentException(sprintf('Unknown section "%s". Expected "admin" or "shop".', $section)),
};
} }
} }