From 5d9ad1efad7472f46e38a235f8a0fdec59ca2a76 Mon Sep 17 00:00:00 2001 From: Ernest Warwas Date: Thu, 15 Sep 2022 11:53:29 +0200 Subject: [PATCH] UPGRADE file updated and review changes UPGRADE file updated and review changes fix services --- UPGRADE-1.12.md | 36 +++++++++++++++++++ .../Context/TokenBasedUserContext.php | 15 ++------ .../EventListener/ApiCartBlamerListener.php | 2 +- .../ApiBundle/Resources/config/services.xml | 2 +- .../ApiCartBlamerListenerSpec.php | 14 ++++---- .../UniqueReviewerEmailValidator.php | 7 ++-- 6 files changed, 52 insertions(+), 24 deletions(-) diff --git a/UPGRADE-1.12.md b/UPGRADE-1.12.md index 7005f262b6..28d9197b44 100644 --- a/UPGRADE-1.12.md +++ b/UPGRADE-1.12.md @@ -38,6 +38,42 @@ with test or remove these services with complier pass. 7. The `Sylius\Component\Promotion\Event\CatalogPromotionFailed` has been removed as it is not used anymore. +8. Due to updating to Symfony 6 security file was changed to use the updated security system so you need to adjust your `config/packages/security.yaml` file: + + ```diff + security: + - always_authenticate_before_granting: true + + enable_authenticator_manager: true + ``` + + and you need to adjust all of your firewalls like that: + + ```diff + admin: + # ... + form_login: + # ... + - csrf_token_generator: security.csrf.token_manager + + enable_csrf: true + # ... + new_api_admin_user: + # ... + - anonymous: true + + entry_point: jwt + # ... + - guard: + # ... + + jwt: true + ``` + + and also you need to adjust all of your access_control like that: + + ```diff + - - { path: "%sylius.security.admin_regex%/forgotten-password", role: IS_AUTHENTICATED_ANONYMOUSLY } + + + - { path: "%sylius.security.admin_regex%/forgotten-password", role: PUBLIC_ACCESS } + ``` + ### Asset management changes We updated gulp-sass plugin as well as the sass implementation we use to be compatible with most installation diff --git a/src/Sylius/Bundle/ApiBundle/Context/TokenBasedUserContext.php b/src/Sylius/Bundle/ApiBundle/Context/TokenBasedUserContext.php index 970a4c6323..a2071045f5 100644 --- a/src/Sylius/Bundle/ApiBundle/Context/TokenBasedUserContext.php +++ b/src/Sylius/Bundle/ApiBundle/Context/TokenBasedUserContext.php @@ -25,18 +25,9 @@ final class TokenBasedUserContext implements UserContextInterface public function getUser(): ?UserInterface { - $token = $this->tokenStorage->getToken(); - if ($token === null) { - return null; - } + /** @var UserInterface|null $user */ + $user = $this->tokenStorage->getToken()?->getUser(); - /** @var UserInterface|string|null $user */ - $user = $token->getUser(); - - if (is_string($user) || null === $user) { - return null; - } - - return $user; + return $user instanceof UserInterface ? $user : null; } } diff --git a/src/Sylius/Bundle/ApiBundle/EventListener/ApiCartBlamerListener.php b/src/Sylius/Bundle/ApiBundle/EventListener/ApiCartBlamerListener.php index fb343a9cd5..f004ebc420 100644 --- a/src/Sylius/Bundle/ApiBundle/EventListener/ApiCartBlamerListener.php +++ b/src/Sylius/Bundle/ApiBundle/EventListener/ApiCartBlamerListener.php @@ -35,7 +35,7 @@ final class ApiCartBlamerListener ) { } - public function onSuccessLogin(LoginSuccessEvent $loginSuccessEvent): void + public function onLoginSuccess(LoginSuccessEvent $loginSuccessEvent): void { if (!$this->uriBasedSectionContext->getSection() instanceof ShopApiOrdersSubSection) { return; diff --git a/src/Sylius/Bundle/ApiBundle/Resources/config/services.xml b/src/Sylius/Bundle/ApiBundle/Resources/config/services.xml index 24f4439a06..7018378f23 100644 --- a/src/Sylius/Bundle/ApiBundle/Resources/config/services.xml +++ b/src/Sylius/Bundle/ApiBundle/Resources/config/services.xml @@ -117,7 +117,7 @@ - + diff --git a/src/Sylius/Bundle/ApiBundle/spec/EventListener/ApiCartBlamerListenerSpec.php b/src/Sylius/Bundle/ApiBundle/spec/EventListener/ApiCartBlamerListenerSpec.php index 8cb080629e..84981904f4 100644 --- a/src/Sylius/Bundle/ApiBundle/spec/EventListener/ApiCartBlamerListenerSpec.php +++ b/src/Sylius/Bundle/ApiBundle/spec/EventListener/ApiCartBlamerListenerSpec.php @@ -63,7 +63,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior $this ->shouldThrow(UnexpectedTypeException::class) - ->during('onSuccessLogin', [ + ->during('onLoginSuccess', [ new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), @@ -106,7 +106,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior ->willReturn(new Envelope($blameCart)) ; - $this->onSuccessLogin( + $this->onLoginSuccess( new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), @@ -135,7 +135,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior $cart->setCustomer(Argument::any())->shouldNotBeCalled(); - $this->onSuccessLogin( + $this->onLoginSuccess( new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), @@ -163,7 +163,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior $cart->setCustomer(Argument::any())->shouldNotBeCalled(); - $this->onSuccessLogin( + $this->onLoginSuccess( new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), @@ -189,7 +189,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior $cartContext->getCart()->willThrow(CartNotFoundException::class); $token->getUser()->willReturn($user); - $this->onSuccessLogin( + $this->onLoginSuccess( new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), @@ -215,7 +215,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior $token->getUser()->shouldNotBeCalled(); $cartContext->getCart()->shouldNotBeCalled(); - $this->onSuccessLogin( + $this->onLoginSuccess( new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), @@ -241,7 +241,7 @@ final class ApiCartBlamerListenerSpec extends ObjectBehavior $token->getUser()->shouldNotBeCalled(); $cartContext->getCart()->shouldNotBeCalled(); - $this->onSuccessLogin( + $this->onLoginSuccess( new LoginSuccessEvent( $authenticator->getWrappedObject(), $passport->getWrappedObject(), diff --git a/src/Sylius/Bundle/CoreBundle/Validator/Constraints/UniqueReviewerEmailValidator.php b/src/Sylius/Bundle/CoreBundle/Validator/Constraints/UniqueReviewerEmailValidator.php index 358321cc20..4e5cb84874 100644 --- a/src/Sylius/Bundle/CoreBundle/Validator/Constraints/UniqueReviewerEmailValidator.php +++ b/src/Sylius/Bundle/CoreBundle/Validator/Constraints/UniqueReviewerEmailValidator.php @@ -40,13 +40,12 @@ class UniqueReviewerEmailValidator extends ConstraintValidator /** @var ReviewerInterface|null $customer */ $customer = $value->getAuthor(); - $token = $this->tokenStorage->getToken(); if (null !== $customer) { if (null === $customer->getEmail()) { return; } - if ($customer->getEmail() === $this->getAuthenticatedUserEmail($token)) { + if ($customer->getEmail() === $this->getAuthenticatedUserEmail()) { return; } } @@ -56,8 +55,10 @@ class UniqueReviewerEmailValidator extends ConstraintValidator } } - private function getAuthenticatedUserEmail(?TokenInterface $token): ?string + private function getAuthenticatedUserEmail(): ?string { + $token = $this->tokenStorage->getToken(); + if (null === $token) { return null; }