diff -Nru php-symfony-security-acl-3.1.1/CHANGELOG.md php-symfony-security-acl-3.3.1/CHANGELOG.md --- php-symfony-security-acl-3.1.1/CHANGELOG.md 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/CHANGELOG.md 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,13 @@ +CHANGELOG +========= + +3.2.0 +----- + + * Change minimum PHP version to 7.2.5 + * Add PSR-6 support for ACL caching + * Add support for `doctrine/cache` v2 + * Drop support for Symfony 3 + * Deprecate not implementing `__serialize()` and `__unserialize()` methods in + `AclInterface` and `EntryInterface` implementations. The methods will be + added to the interfaces in 4.0. diff -Nru php-symfony-security-acl-3.1.1/composer.json php-symfony-security-acl-3.3.1/composer.json --- php-symfony-security-acl-3.1.1/composer.json 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/composer.json 2022-02-15 18:20:11.000000000 +0000 @@ -16,15 +16,18 @@ } ], "require": { - "php": ">=7.1.3", - "symfony/security-core": "^3.4|^4.4|^5.0" + "php": ">=7.2.5", + "symfony/security-core": "^4.4|^5.0|^6.0" }, "require-dev": { - "symfony/phpunit-bridge": "^3.4|^4.4|^5.0", - "doctrine/common": "~2.2", - "doctrine/persistence": "^1.3.3", - "doctrine/dbal": "~2.2", - "psr/log": "~1.0" + "symfony/cache": "^4.4|^5.0|^6.0", + "symfony/finder": "^4.4|^5.0|^6.0", + "symfony/phpunit-bridge": "^5.2|^6.0", + "doctrine/cache": "^1.11|^2.0", + "doctrine/common": "^2.2|^3", + "doctrine/persistence": "^1.3.3|^2", + "doctrine/dbal": "^2.13.1|^3.1", + "psr/log": "^1|^2|^3" }, "autoload": { "psr-4": { "Symfony\\Component\\Security\\Acl\\": "" }, @@ -32,10 +35,13 @@ "/Tests/" ] }, - "minimum-stability": "dev", + "conflict": { + "doctrine/cache": "<1.11", + "doctrine/dbal": "<2.13.1|~3.0.0" + }, "extra": { "branch-alias": { - "dev-main": "3.0-dev" + "dev-main": "3.x-dev" } } } diff -Nru php-symfony-security-acl-3.1.1/Dbal/AclProvider.php php-symfony-security-acl-3.3.1/Dbal/AclProvider.php --- php-symfony-security-acl-3.1.1/Dbal/AclProvider.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Dbal/AclProvider.php 2022-02-15 18:20:11.000000000 +0000 @@ -12,7 +12,7 @@ namespace Symfony\Component\Security\Acl\Dbal; use Doctrine\DBAL\Connection; -use Doctrine\DBAL\Driver\Statement; +use Doctrine\DBAL\Result; use Symfony\Component\Security\Acl\Domain\Acl; use Symfony\Component\Security\Acl\Domain\Entry; use Symfony\Component\Security\Acl\Domain\FieldEntry; @@ -36,7 +36,7 @@ */ class AclProvider implements AclProviderInterface { - const MAX_BATCH_SIZE = 30; + public const MAX_BATCH_SIZE = 30; /** * @var AclCacheInterface|null @@ -56,11 +56,6 @@ */ private $permissionGrantingStrategy; - /** - * Constructor. - * - * @param AclCacheInterface $cache - */ public function __construct(Connection $connection, PermissionGrantingStrategyInterface $permissionGrantingStrategy, array $options, AclCacheInterface $cache = null) { $this->cache = $cache; @@ -77,7 +72,7 @@ $sql = $this->getFindChildrenSql($parentOid, $directChildrenOnly); $children = []; - foreach ($this->connection->executeQuery($sql)->fetchAll() as $data) { + foreach ($this->connection->executeQuery($sql)->fetchAllAssociative() as $data) { $children[] = new ObjectIdentity($data['object_identifier'], $data['class_type']); } @@ -97,6 +92,7 @@ */ public function findAcls(array $oids, array $sids = []) { + /** @var \SplObjectStorage */ $result = new \SplObjectStorage(); $currentBatch = []; $oidLookup = []; @@ -249,7 +245,7 @@ {$this->options['oid_table_name']} o INNER JOIN {$this->options['class_table_name']} c ON c.id = o.class_id LEFT JOIN {$this->options['entry_table_name']} e ON ( - e.class_id = o.class_id AND (e.object_identity_id = o.id OR {$this->connection->getDatabasePlatform()->getIsNullExpression('e.object_identity_id')}) + e.class_id = o.class_id AND (e.object_identity_id = o.id OR e.object_identity_id IS NULL) ) LEFT JOIN {$this->options['sid_table_name']} s ON ( s.id = e.security_identity_id @@ -384,7 +380,7 @@ */ final protected function retrieveObjectIdentityPrimaryKey(ObjectIdentityInterface $oid) { - return $this->connection->executeQuery($this->getSelectObjectIdentityIdSql($oid))->fetchColumn(); + return $this->connection->executeQuery($this->getSelectObjectIdentityIdSql($oid))->fetchOne(); } /** @@ -421,7 +417,7 @@ $sql = $this->getAncestorLookupSql($batch); $ancestorIds = []; - foreach ($this->connection->executeQuery($sql)->fetchAll() as $data) { + foreach ($this->connection->executeQuery($sql)->fetchAllAssociative() as $data) { // FIXME: skip ancestors which are cached // Fix: Oracle returns keys in uppercase $ancestorIds[] = reset($data); @@ -433,8 +429,6 @@ /** * Does either overwrite the passed ACE, or saves it in the global identity * map to ensure every ACE only gets instantiated once. - * - * @param array &$aces */ private function doUpdateAceIdentityMap(array &$aces) { @@ -451,7 +445,7 @@ * This method is called for object identities which could not be retrieved * from the cache, and for which thus a database query is required. * - * @return \SplObjectStorage mapping object identities to ACL instances + * @return \SplObjectStorage mapping object identities to ACL instances * * @throws AclNotFoundException */ @@ -477,22 +471,24 @@ * Keep in mind that changes to this method might severely reduce the * performance of the entire ACL system. * - * @return \SplObjectStorage + * @return \SplObjectStorage * * @throws \RuntimeException */ - private function hydrateObjectIdentities(Statement $stmt, array $oidLookup, array $sids) + private function hydrateObjectIdentities(Result $stmt, array $oidLookup, array $sids) { + /** @var \SplObjectStorage */ $parentIdToFill = new \SplObjectStorage(); $acls = $aces = $emptyArray = []; $oidCache = $oidLookup; + /** @var \SplObjectStorage */ $result = new \SplObjectStorage(); $loadedAces = &$this->loadedAces; $loadedAcls = &$this->loadedAcls; $permissionGrantingStrategy = $this->permissionGrantingStrategy; // we need these to set protected properties on hydrated objects - $aclReflection = new \ReflectionClass('Symfony\Component\Security\Acl\Domain\Acl'); + $aclReflection = new \ReflectionClass(Acl::class); $aclClassAcesProperty = $aclReflection->getProperty('classAces'); $aclClassAcesProperty->setAccessible(true); $aclClassFieldAcesProperty = $aclReflection->getProperty('classFieldAces'); @@ -506,8 +502,8 @@ // fetchAll() consumes more memory than consecutive calls to fetch(), // but it is faster - foreach ($stmt->fetchAll(\PDO::FETCH_NUM) as $data) { - list($aclId, + foreach ($stmt->fetchAllNumeric() as $data) { + [$aclId, $objectIdentifier, $parentObjectIdentityId, $entriesInheriting, @@ -522,7 +518,10 @@ $auditSuccess, $auditFailure, $username, - $securityIdentifier) = array_values($data); + $securityIdentifier] = array_values($data); + + // FIX: remove duplicate slashes + $classType = str_replace('\\\\', '\\', $classType); // has the ACL been hydrated during this hydration cycle? if (isset($acls[$aclId])) { diff -Nru php-symfony-security-acl-3.1.1/Dbal/MutableAclProvider.php php-symfony-security-acl-3.3.1/Dbal/MutableAclProvider.php --- php-symfony-security-acl-3.1.1/Dbal/MutableAclProvider.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Dbal/MutableAclProvider.php 2022-02-15 18:20:11.000000000 +0000 @@ -13,6 +13,8 @@ use Doctrine\DBAL\Connection; use Doctrine\Persistence\PropertyChangedListener; +use Symfony\Component\Security\Acl\Domain\Acl; +use Symfony\Component\Security\Acl\Domain\Entry; use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; use Symfony\Component\Security\Acl\Exception\AclAlreadyExistsException; @@ -60,7 +62,7 @@ $this->createObjectIdentity($oid); $pk = $this->retrieveObjectIdentityPrimaryKey($oid); - $this->connection->executeUpdate($this->getInsertObjectIdentityRelationSql($pk, $pk)); + $this->connection->executeStatement($this->getInsertObjectIdentityRelationSql($pk, $pk)); $this->connection->commit(); } catch (\Exception $e) { @@ -117,7 +119,7 @@ */ public function deleteSecurityIdentity(SecurityIdentityInterface $sid) { - $this->connection->executeUpdate($this->getDeleteSecurityIdentityIdSql($sid)); + $this->connection->executeStatement($this->getDeleteSecurityIdentityIdSql($sid)); } /** @@ -306,9 +308,9 @@ // if there have been changes to shared properties, we need to synchronize other // ACL instances for object identities of the same type that are already in-memory if (\count($sharedPropertyChanges) > 0) { - $classAcesProperty = new \ReflectionProperty('Symfony\Component\Security\Acl\Domain\Acl', 'classAces'); + $classAcesProperty = new \ReflectionProperty(Acl::class, 'classAces'); $classAcesProperty->setAccessible(true); - $classFieldAcesProperty = new \ReflectionProperty('Symfony\Component\Security\Acl\Domain\Acl', 'classFieldAces'); + $classFieldAcesProperty = new \ReflectionProperty(Acl::class, 'classFieldAces'); $classFieldAcesProperty->setAccessible(true); foreach ($this->loadedAcls[$acl->getObjectIdentity()->getType()] as $sameTypeAcl) { @@ -332,7 +334,7 @@ // persist any changes to the acl_object_identities table if (\count($sets) > 0) { - $this->connection->executeUpdate($this->getUpdateObjectIdentitySql($acl->getId(), $sets)); + $this->connection->executeStatement($this->getUpdateObjectIdentitySql($acl->getId(), $sets)); } $this->connection->commit(); @@ -370,7 +372,7 @@ */ public function updateUserSecurityIdentity(UserSecurityIdentity $usid, $oldUsername) { - $this->connection->executeUpdate($this->getUpdateUserSecurityIdentitySql($usid, $oldUsername)); + $this->connection->executeStatement($this->getUpdateUserSecurityIdentitySql($usid, $oldUsername)); } /** @@ -576,25 +578,25 @@ /** * Constructs the SQL for selecting an ACE. * - * @param int $classId - * @param int $oid - * @param string $field - * @param int $order + * @param int $classId + * @param int|null $oid + * @param string|null $field + * @param int $order * * @return string */ protected function getSelectAccessControlEntryIdSql($classId, $oid, $field, $order) { return sprintf( - 'SELECT id FROM %s WHERE class_id = %d AND %s AND %s AND ace_order = %d', + 'SELECT id FROM %s WHERE class_id = %d AND object_identity_id %s AND field_name %s AND ace_order = %d', $this->options['entry_table_name'], $classId, - null === $oid ? - $this->connection->getDatabasePlatform()->getIsNullExpression('object_identity_id') - : 'object_identity_id = '.(int) $oid, - null === $field ? - $this->connection->getDatabasePlatform()->getIsNullExpression('field_name') - : 'field_name = '.$this->connection->quote($field), + null === $oid + ? 'IS NULL' + : '= '.(int) $oid, + null === $field + ? 'IS NULL' + : '= '.$this->connection->quote($field), $order ); } @@ -736,7 +738,7 @@ { $classId = $this->createOrRetrieveClassId($oid->getType()); - $this->connection->executeUpdate($this->getInsertObjectIdentitySql($oid->getIdentifier(), $classId, true)); + $this->connection->executeStatement($this->getInsertObjectIdentitySql($oid->getIdentifier(), $classId, true)); } /** @@ -750,13 +752,13 @@ */ private function createOrRetrieveClassId($classType) { - if (false !== $id = $this->connection->executeQuery($this->getSelectClassIdSql($classType))->fetchColumn()) { + if (false !== $id = $this->connection->executeQuery($this->getSelectClassIdSql($classType))->fetchOne()) { return $id; } - $this->connection->executeUpdate($this->getInsertClassSql($classType)); + $this->connection->executeStatement($this->getInsertClassSql($classType)); - return $this->connection->executeQuery($this->getSelectClassIdSql($classType))->fetchColumn(); + return $this->connection->executeQuery($this->getSelectClassIdSql($classType))->fetchOne(); } /** @@ -769,13 +771,13 @@ */ private function createOrRetrieveSecurityIdentityId(SecurityIdentityInterface $sid) { - if (false !== $id = $this->connection->executeQuery($this->getSelectSecurityIdentityIdSql($sid))->fetchColumn()) { + if (false !== $id = $this->connection->executeQuery($this->getSelectSecurityIdentityIdSql($sid))->fetchOne()) { return $id; } - $this->connection->executeUpdate($this->getInsertSecurityIdentitySql($sid)); + $this->connection->executeStatement($this->getInsertSecurityIdentitySql($sid)); - return $this->connection->executeQuery($this->getSelectSecurityIdentityIdSql($sid))->fetchColumn(); + return $this->connection->executeQuery($this->getSelectSecurityIdentityIdSql($sid))->fetchOne(); } /** @@ -785,7 +787,7 @@ */ private function deleteAccessControlEntries($oidPK) { - $this->connection->executeUpdate($this->getDeleteAccessControlEntriesSql($oidPK)); + $this->connection->executeStatement($this->getDeleteAccessControlEntriesSql($oidPK)); } /** @@ -795,7 +797,7 @@ */ private function deleteObjectIdentity($pk) { - $this->connection->executeUpdate($this->getDeleteObjectIdentitySql($pk)); + $this->connection->executeStatement($this->getDeleteObjectIdentitySql($pk)); } /** @@ -805,7 +807,7 @@ */ private function deleteObjectIdentityRelations($pk) { - $this->connection->executeUpdate($this->getDeleteObjectIdentityRelationsSql($pk)); + $this->connection->executeStatement($this->getDeleteObjectIdentityRelationsSql($pk)); } /** @@ -814,12 +816,12 @@ private function regenerateAncestorRelations(AclInterface $acl) { $pk = $acl->getId(); - $this->connection->executeUpdate($this->getDeleteObjectIdentityRelationsSql($pk)); - $this->connection->executeUpdate($this->getInsertObjectIdentityRelationSql($pk, $pk)); + $this->connection->executeStatement($this->getDeleteObjectIdentityRelationsSql($pk)); + $this->connection->executeStatement($this->getInsertObjectIdentityRelationSql($pk, $pk)); $parentAcl = $acl->getParentAcl(); while (null !== $parentAcl) { - $this->connection->executeUpdate($this->getInsertObjectIdentityRelationSql($pk, $parentAcl->getId())); + $this->connection->executeStatement($this->getInsertObjectIdentityRelationSql($pk, $parentAcl->getId())); $parentAcl = $parentAcl->getParentAcl(); } @@ -854,11 +856,11 @@ $objectIdentityId = 'classFieldAces' === $name ? null : $ace->getAcl()->getId(); - $this->connection->executeUpdate($this->getInsertAccessControlEntrySql($classId, $objectIdentityId, $field, $i, $sid, $ace->getStrategy(), $ace->getMask(), $ace->isGranting(), $ace->isAuditSuccess(), $ace->isAuditFailure())); - $aceId = $this->connection->executeQuery($this->getSelectAccessControlEntryIdSql($classId, $objectIdentityId, $field, $i))->fetchColumn(); + $this->connection->executeStatement($this->getInsertAccessControlEntrySql($classId, $objectIdentityId, $field, $i, $sid, $ace->getStrategy(), $ace->getMask(), $ace->isGranting(), $ace->isAuditSuccess(), $ace->isAuditFailure())); + $aceId = $this->connection->executeQuery($this->getSelectAccessControlEntryIdSql($classId, $objectIdentityId, $field, $i))->fetchOne(); $this->loadedAces[$aceId] = $ace; - $aceIdProperty = new \ReflectionProperty('Symfony\Component\Security\Acl\Domain\Entry', 'id'); + $aceIdProperty = new \ReflectionProperty(Entry::class, 'id'); $aceIdProperty->setAccessible(true); $aceIdProperty->setValue($ace, (int) $aceId); } @@ -889,7 +891,7 @@ $ace = $old[$i]; if (!isset($currentIds[$ace->getId()])) { - $this->connection->executeUpdate($this->getDeleteAccessControlEntrySql($ace->getId())); + $this->connection->executeStatement($this->getDeleteAccessControlEntrySql($ace->getId())); unset($this->loadedAces[$ace->getId()]); } } @@ -903,7 +905,7 @@ */ private function updateNewAceProperty($name, array $changes) { - list($old, $new) = $changes; + [$old, $new] = $changes; $sids = new \SplObjectStorage(); $classIds = new \SplObjectStorage(); @@ -926,8 +928,8 @@ $objectIdentityId = 'classAces' === $name ? null : $ace->getAcl()->getId(); - $this->connection->executeUpdate($this->getInsertAccessControlEntrySql($classId, $objectIdentityId, null, $i, $sid, $ace->getStrategy(), $ace->getMask(), $ace->isGranting(), $ace->isAuditSuccess(), $ace->isAuditFailure())); - $aceId = $this->connection->executeQuery($this->getSelectAccessControlEntryIdSql($classId, $objectIdentityId, null, $i))->fetchColumn(); + $this->connection->executeStatement($this->getInsertAccessControlEntrySql($classId, $objectIdentityId, null, $i, $sid, $ace->getStrategy(), $ace->getMask(), $ace->isGranting(), $ace->isAuditSuccess(), $ace->isAuditFailure())); + $aceId = $this->connection->executeQuery($this->getSelectAccessControlEntryIdSql($classId, $objectIdentityId, null, $i))->fetchOne(); $this->loadedAces[$aceId] = $ace; $aceIdProperty = new \ReflectionProperty($ace, 'id'); @@ -944,7 +946,7 @@ */ private function updateOldAceProperty($name, array $changes) { - list($old, $new) = $changes; + [$old, $new] = $changes; $currentIds = []; for ($i = 0, $c = \count($new); $i < $c; ++$i) { @@ -959,7 +961,7 @@ $ace = $old[$i]; if (!isset($currentIds[$ace->getId()])) { - $this->connection->executeUpdate($this->getDeleteAccessControlEntrySql($ace->getId())); + $this->connection->executeStatement($this->getDeleteAccessControlEntrySql($ace->getId())); unset($this->loadedAces[$ace->getId()]); } } @@ -1005,6 +1007,6 @@ $sets[] = sprintf('audit_failure = %s', $this->connection->getDatabasePlatform()->convertBooleans($propertyChanges['auditFailure'][1])); } - $this->connection->executeUpdate($this->getUpdateAccessControlEntrySql($ace->getId(), $sets)); + $this->connection->executeStatement($this->getUpdateAccessControlEntrySql($ace->getId(), $sets)); } } diff -Nru php-symfony-security-acl-3.1.1/Dbal/Schema.php php-symfony-security-acl-3.3.1/Dbal/Schema.php --- php-symfony-security-acl-3.1.1/Dbal/Schema.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Dbal/Schema.php 2022-02-15 18:20:11.000000000 +0000 @@ -12,7 +12,9 @@ namespace Symfony\Component\Security\Acl\Dbal; use Doctrine\DBAL\Connection; +use Doctrine\DBAL\Platforms\SQLServerPlatform; use Doctrine\DBAL\Schema\Schema as BaseSchema; +use Doctrine\DBAL\Schema\SchemaConfig; /** * The schema used for the ACL system. @@ -22,20 +24,19 @@ final class Schema extends BaseSchema { protected $options; + protected $platform; /** - * Constructor. - * - * @param array $options the names for tables - * @param Connection $connection + * @param array $options the names for tables */ public function __construct(array $options, Connection $connection = null) { - $schemaConfig = null === $connection ? null : $connection->getSchemaManager()->createSchemaConfig(); + $schemaConfig = $this->createSchemaConfig($connection); parent::__construct([], [], $schemaConfig); $this->options = $options; + $this->platform = $connection ? $connection->getDatabasePlatform() : null; $this->addClassTable(); $this->addSecurityIdentitiesTable(); @@ -131,8 +132,13 @@ $table->setPrimaryKey(['object_identity_id', 'ancestor_id']); $oidTable = $this->getTable($this->options['oid_table_name']); - $table->addForeignKeyConstraint($oidTable, ['object_identity_id'], ['id'], ['onDelete' => 'CASCADE', 'onUpdate' => 'CASCADE']); - $table->addForeignKeyConstraint($oidTable, ['ancestor_id'], ['id'], ['onDelete' => 'CASCADE', 'onUpdate' => 'CASCADE']); + $action = 'CASCADE'; + if ($this->platform instanceof SQLServerPlatform) { + // MS SQL Server does not support recursive cascading + $action = 'NO ACTION'; + } + $table->addForeignKeyConstraint($oidTable, ['object_identity_id'], ['id'], ['onDelete' => $action, 'onUpdate' => $action]); + $table->addForeignKeyConstraint($oidTable, ['ancestor_id'], ['id'], ['onDelete' => $action, 'onUpdate' => $action]); } /** @@ -149,4 +155,18 @@ $table->setPrimaryKey(['id']); $table->addUniqueIndex(['identifier', 'username']); } + + private function createSchemaConfig(?Connection $connection): ?SchemaConfig + { + if (null === $connection) { + return null; + } + + $schemaManager = method_exists($connection, 'createSchemaManager') + ? $connection->createSchemaManager() + : $connection->getSchemaManager() + ; + + return $schemaManager->createSchemaConfig(); + } } diff -Nru php-symfony-security-acl-3.1.1/debian/autoloaders/php-symfony-security-acl php-symfony-security-acl-3.3.1/debian/autoloaders/php-symfony-security-acl --- php-symfony-security-acl-3.1.1/debian/autoloaders/php-symfony-security-acl 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/autoloaders/php-symfony-security-acl 2021-10-11 22:08:18.000000000 +0000 @@ -1 +1 @@ -symfony security-acl Symfony/Component/Security/Acl/autoloader.php +symfony security-acl Symfony/Component/Security/Acl/autoload.php diff -Nru php-symfony-security-acl-3.1.1/debian/autoload.php php-symfony-security-acl-3.3.1/debian/autoload.php --- php-symfony-security-acl-3.1.1/debian/autoload.php 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/autoload.php 1970-01-01 00:00:00.000000000 +0000 @@ -1,23 +0,0 @@ - Wed, 27 Oct 2021 18:06:33 +0000 + -- Bryce Harrington Sun, 20 Feb 2022 00:11:32 +0000 -php-symfony-security-acl (3.1.1-1ubuntu1) impish; urgency=medium +php-symfony-security-acl (3.3.1-1) unstable; urgency=medium - * d/p/adapt-to-new-symfony.patch: Add patch to adapt to - newer Symfony. This helps unblock Symfony's and PHP 8's - migration. + [ Jeroen Thora ] + * Fix symfony 5.3 incompatibility - -- Utkarsh Gupta Wed, 16 Jun 2021 18:59:44 +0530 + -- David Prévot Thu, 17 Feb 2022 04:28:03 -0400 -php-symfony-security-acl (3.1.1-1build1) impish; urgency=medium +php-symfony-security-acl (3.3.0-1) unstable; urgency=medium - * No change rebuild for PHP 8.0 and symfony + [ Alexander M. Turek ] + * Allow Symfony 6 again + * Fix deprecations triggered by PHP 8.1 + * Fix deprecations triggered by Doctrine DBAL - -- Bryce Harrington Fri, 04 Jun 2021 23:15:38 +0000 + [ David Prévot ] + * Drop d/pkg-php-tools-autoloaders entry + + -- David Prévot Wed, 09 Feb 2022 02:40:48 -0400 + +php-symfony-security-acl (3.2.0-1) unstable; urgency=medium + + [ Jeroen Thora ] + * Fix doctrine/dbal 2.13 incompatibility + + [ Alexander M. Turek ] + * Allow Doctrine Cache 2 + * Allow psr/log 2 and 3 + + [ Jérémy Derussé ] + * Allow Symfony 6.0 + + [ David Prévot ] + * d/control: Use generic Homepage instead of outdated documentation + * Simplify gbp import-orig (and prepare signature checking) + * Update signing key + * Install dh-sequence-* instead of using dh --with + * Generate phpabtpl at build time + * Update standards version to 4.6.0, no changes needed. + * Update copyright (years) + * Use SYMFONY_DEPRECATIONS_HELPER=weak for PHP 8.1 + + -- David Prévot Sun, 21 Nov 2021 22:18:08 -0400 php-symfony-security-acl (3.1.1-1) unstable; urgency=medium diff -Nru php-symfony-security-acl-3.1.1/debian/clean php-symfony-security-acl-3.3.1/debian/clean --- php-symfony-security-acl-3.1.1/debian/clean 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/clean 2021-10-11 22:11:43.000000000 +0000 @@ -1,3 +1,6 @@ .phpunit.result.cache autoload.php +debian/autoload.php.tpl +debian/autoload.tests.php.tpl Symfony/ +vendor/ diff -Nru php-symfony-security-acl-3.1.1/debian/control php-symfony-security-acl-3.3.1/debian/control --- php-symfony-security-acl-3.1.1/debian/control 2021-06-16 13:29:44.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/control 2022-02-20 00:11:32.000000000 +0000 @@ -5,15 +5,17 @@ XSBC-Original-Maintainer: Debian PHP PEAR Maintainers Uploaders: Daniel Beyer , David Prévot Build-Depends: debhelper-compat (= 13), + dh-sequence-phpcomposer, php-doctrine-common, php-doctrine-dbal, php-sqlite3, + php-symfony-phpunit-bridge, php-symfony-security-core, phpab, phpunit, pkg-php-tools -Standards-Version: 4.5.1 -Homepage: https://symfony.com/doc/2.8/components/security/introduction.html +Standards-Version: 4.6.0 +Homepage: https://symfony.com/ Vcs-Git: https://salsa.debian.org/php-team/pear/php-symfony-security-acl.git -b debian/latest Vcs-Browser: https://salsa.debian.org/php-team/pear/php-symfony-security-acl Rules-Requires-Root: no diff -Nru php-symfony-security-acl-3.1.1/debian/copyright php-symfony-security-acl-3.3.1/debian/copyright --- php-symfony-security-acl-3.1.1/debian/copyright 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/copyright 2021-11-21 20:48:57.000000000 +0000 @@ -4,7 +4,7 @@ Source: https://github.com/symfony/security-acl Files: * -Copyright: 2004-2015, Fabien Potencier +Copyright: 2004-2021, Fabien Potencier License: Expat Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff -Nru php-symfony-security-acl-3.1.1/debian/gbp.conf php-symfony-security-acl-3.3.1/debian/gbp.conf --- php-symfony-security-acl-3.1.1/debian/gbp.conf 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/gbp.conf 2021-10-11 22:08:18.000000000 +0000 @@ -2,6 +2,7 @@ debian-branch = debian/latest pristine-tar = True upstream-branch = upstream/latest +upstream-vcs-tag = v%(version%~%-)s [pq] patch-numbers = False diff -Nru php-symfony-security-acl-3.1.1/debian/install php-symfony-security-acl-3.3.1/debian/install --- php-symfony-security-acl-3.1.1/debian/install 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/install 2021-10-11 22:08:18.000000000 +0000 @@ -1,4 +1,3 @@ -debian/autoloaders usr/share/pkg-php-tools *.php usr/share/php/Symfony/Component/Security/Acl Dbal usr/share/php/Symfony/Component/Security/Acl Domain usr/share/php/Symfony/Component/Security/Acl @@ -7,3 +6,4 @@ Permission usr/share/php/Symfony/Component/Security/Acl Util usr/share/php/Symfony/Component/Security/Acl Voter usr/share/php/Symfony/Component/Security/Acl +debian/autoloaders usr/share/pkg-php-tools diff -Nru php-symfony-security-acl-3.1.1/debian/patches/adapt-to-new-symfony.patch php-symfony-security-acl-3.3.1/debian/patches/adapt-to-new-symfony.patch --- php-symfony-security-acl-3.1.1/debian/patches/adapt-to-new-symfony.patch 2021-06-16 13:28:31.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/patches/adapt-to-new-symfony.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,56 +0,0 @@ -Description: Adapt to newer Symfony changes. - Class "Symfony\Component\Security\Acl\Tests\Domain\Role" is no longer - available and thus drop it from the tests! \o/ -Author: Utkarsh Gupta -Origin: upstream; cherry-picked from: https://github.com/symfony/security-acl/pull/78 -Last-Update: 2021-06-16 - ---- a/Tests/Domain/RoleSecurityIdentityTest.php -+++ b/Tests/Domain/RoleSecurityIdentityTest.php -@@ -11,11 +11,12 @@ - - namespace Symfony\Component\Security\Acl\Tests\Domain; - -+use PHPUnit\Framework\TestCase; - use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; - use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; --use Symfony\Component\Security\Core\Role\Role; -+use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; - --class RoleSecurityIdentityTest extends \PHPUnit\Framework\TestCase -+class RoleSecurityIdentityTest extends TestCase - { - public function testConstructor() - { -@@ -24,17 +25,10 @@ - $this->assertEquals('ROLE_FOO', $id->getRole()); - } - -- public function testConstructorWithRoleInstance() -- { -- $id = new RoleSecurityIdentity(new Role('ROLE_FOO')); -- -- $this->assertEquals('ROLE_FOO', $id->getRole()); -- } -- - /** - * @dataProvider getCompareData - */ -- public function testEquals($id1, $id2, $equal) -+ public function testEquals(RoleSecurityIdentity $id1, SecurityIdentityInterface $id2, bool $equal) - { - if ($equal) { - $this->assertTrue($id1->equals($id2)); -@@ -43,11 +37,10 @@ - } - } - -- public function getCompareData() -+ public function getCompareData(): array - { - return [ - [new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('ROLE_FOO'), true], -- [new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity(new Role('ROLE_FOO')), true], - [new RoleSecurityIdentity('ROLE_USER'), new RoleSecurityIdentity('ROLE_FOO'), false], - [new RoleSecurityIdentity('ROLE_FOO'), new UserSecurityIdentity('ROLE_FOO', 'Foo'), false], - ]; diff -Nru php-symfony-security-acl-3.1.1/debian/patches/fixed-obsolete-getMock-usage.patch php-symfony-security-acl-3.3.1/debian/patches/fixed-obsolete-getMock-usage.patch --- php-symfony-security-acl-3.1.1/debian/patches/fixed-obsolete-getMock-usage.patch 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/patches/fixed-obsolete-getMock-usage.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,48 +0,0 @@ -From: Fabien Potencier -Date: Mon, 19 Dec 2016 10:02:29 +0100 -Subject: fixed obsolete getMock() usage - -Origin: backport, https://github.com/symfony/security-acl/commit/3a510c7919d2d5bd12caeec9bdfb1cd6c0343d25 -Bug-Debian: https://bugs.debian.org/882924 -Bug: https://github.com/symfony/security-acl/issues/59 -Forwarded: https://github.com/symfony/security-acl/pull/61 ---- - Tests/Dbal/MutableAclProviderTest.php | 2 +- - Tests/Domain/SecurityIdentityRetrievalStrategyTest.php | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/Tests/Dbal/MutableAclProviderTest.php b/Tests/Dbal/MutableAclProviderTest.php -index 8cd4502..103b030 100644 ---- a/Tests/Dbal/MutableAclProviderTest.php -+++ b/Tests/Dbal/MutableAclProviderTest.php -@@ -252,7 +252,7 @@ class MutableAclProviderTest extends \PHPUnit\Framework\TestCase - - public function testUpdateDoesNothingWhenThereAreNoChanges() - { -- $con = $this->getMock('Doctrine\DBAL\Connection', [], [], '', false); -+ $con = $this->getMockBuilder('Doctrine\DBAL\Connection')->disableOriginalConstructor()->getMock(); - $con - ->expects($this->never()) - ->method('beginTransaction') -diff --git a/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php b/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php -index 13cd390..76cad54 100644 ---- a/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php -+++ b/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php -@@ -122,7 +122,7 @@ class SecurityIdentityRetrievalStrategyTest extends \PHPUnit\Framework\TestCase - - protected function getAccount($username, $class) - { -- $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface', [], [], $class); -+ $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->setMockClassName($class)->getMock(); - $account - ->expects($this->any()) - ->method('getUsername') -@@ -158,7 +158,7 @@ class SecurityIdentityRetrievalStrategyTest extends \PHPUnit\Framework\TestCase - ->willReturn($roles); - } - -- $trustResolver = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface', [], ['', '']); -+ $trustResolver = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface')->getMock(); - - $trustResolver - ->expects($this->at(0)) diff -Nru php-symfony-security-acl-3.1.1/debian/patches/Modify-version-conflict-that-confuses-pkg-php-tools.patch php-symfony-security-acl-3.3.1/debian/patches/Modify-version-conflict-that-confuses-pkg-php-tools.patch --- php-symfony-security-acl-3.1.1/debian/patches/Modify-version-conflict-that-confuses-pkg-php-tools.patch 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/patches/Modify-version-conflict-that-confuses-pkg-php-tools.patch 2022-02-09 06:37:48.000000000 +0000 @@ -0,0 +1,22 @@ +From: =?utf-8?q?David_Pr=C3=A9vot?= +Date: Mon, 11 Oct 2021 18:04:01 -0400 +Subject: Modify version conflict that confuses pkg-php-tools + +Forwarded: not-needed +--- + composer.json | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/composer.json b/composer.json +index 8d08e1d..fd92305 100644 +--- a/composer.json ++++ b/composer.json +@@ -37,7 +37,7 @@ + }, + "conflict": { + "doctrine/cache": "<1.11", +- "doctrine/dbal": "<2.13.1|~3.0.0" ++ "doctrine/dbal": "<2.13.1" + }, + "extra": { + "branch-alias": { diff -Nru php-symfony-security-acl-3.1.1/debian/patches/series php-symfony-security-acl-3.3.1/debian/patches/series --- php-symfony-security-acl-3.1.1/debian/patches/series 2021-06-16 13:18:39.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/patches/series 2022-02-09 06:37:48.000000000 +0000 @@ -1,4 +1 @@ -fixed-obsolete-getMock-usage.patch -tfix-Drop-extra-semi-colon.patch -WIP-Drop-warning.patch -adapt-to-new-symfony.patch +Modify-version-conflict-that-confuses-pkg-php-tools.patch diff -Nru php-symfony-security-acl-3.1.1/debian/patches/tfix-Drop-extra-semi-colon.patch php-symfony-security-acl-3.3.1/debian/patches/tfix-Drop-extra-semi-colon.patch --- php-symfony-security-acl-3.1.1/debian/patches/tfix-Drop-extra-semi-colon.patch 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/patches/tfix-Drop-extra-semi-colon.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,23 +0,0 @@ -From: =?utf-8?q?David_Pr=C3=A9vot?= -Date: Sun, 20 Dec 2020 09:41:41 -0400 -Subject: tfix: Drop extra semi-colon - -Bug: https://github.com/symfony/security-acl/issues/59 -Forwarded: https://github.com/symfony/security-acl/pull/61 ---- - Tests/Domain/AclTest.php | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Tests/Domain/AclTest.php b/Tests/Domain/AclTest.php -index ca6628c..4774a49 100644 ---- a/Tests/Domain/AclTest.php -+++ b/Tests/Domain/AclTest.php -@@ -497,7 +497,7 @@ class AclTest extends \PHPUnit\Framework\TestCase - { - $aceProperties = ['aceOrder', 'mask', 'strategy', 'auditSuccess', 'auditFailure']; - -- $listener = $this->createMock('Doctrine\Persistence\PropertyChangedListener;'); -+ $listener = $this->createMock('Doctrine\Persistence\PropertyChangedListener'); - foreach ($expectedChanges as $index => $property) { - if (\in_array($property, $aceProperties)) { - $class = 'Symfony\Component\Security\Acl\Domain\Entry'; diff -Nru php-symfony-security-acl-3.1.1/debian/patches/WIP-Drop-warning.patch php-symfony-security-acl-3.3.1/debian/patches/WIP-Drop-warning.patch --- php-symfony-security-acl-3.1.1/debian/patches/WIP-Drop-warning.patch 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/patches/WIP-Drop-warning.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,45 +0,0 @@ -From: =?utf-8?q?David_Pr=C3=A9vot?= -Date: Sun, 20 Dec 2020 10:03:27 -0400 -Subject: WIP: Drop warning -MIME-Version: 1.0 -Content-Type: text/plain; charset="utf-8" -Content-Transfer-Encoding: 8bit - -The following warning is dropped by PHPUnit otherwise: - -Trying to configure method "getId" which cannot be configured because it -does not exist, has not been specified, is final, or is static - -I assume this change makes the test a bit useless, but I don’t know yet -how to address properly this issue. - -Bug: https://github.com/symfony/security-acl/issues/59 -Forwarded: https://github.com/symfony/security-acl/pull/61 ---- - Tests/Domain/ObjectIdentityTest.php | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/Tests/Domain/ObjectIdentityTest.php b/Tests/Domain/ObjectIdentityTest.php -index 9958b42..ae82162 100644 ---- a/Tests/Domain/ObjectIdentityTest.php -+++ b/Tests/Domain/ObjectIdentityTest.php -@@ -40,11 +40,14 @@ namespace Symfony\Component\Security\Acl\Tests\Domain - ->method('getObjectIdentifier') - ->willReturn('getObjectIdentifier()') - ; -- $domainObject -- ->expects($this->never()) -- ->method('getId') -- ->willReturn('getId()') -- ; -+// The following commented code makes PHPUnit complain about method -+// "getId" which cannot be configured because it does not exist, has not -+// been specified, is final, or is static -+// $domainObject -+// ->expects($this->never()) -+// ->method('getId') -+// ->willReturn('getId()') -+// ; - - $id = ObjectIdentity::fromDomainObject($domainObject); - $this->assertEquals('getObjectIdentifier()', $id->getIdentifier()); diff -Nru php-symfony-security-acl-3.1.1/debian/pkg-php-tools-autoloaders php-symfony-security-acl-3.3.1/debian/pkg-php-tools-autoloaders --- php-symfony-security-acl-3.1.1/debian/pkg-php-tools-autoloaders 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/pkg-php-tools-autoloaders 2021-10-11 22:08:18.000000000 +0000 @@ -0,0 +1 @@ +symfony security-acl Symfony/Component/Security/Acl/autoload.php diff -Nru php-symfony-security-acl-3.1.1/debian/rules php-symfony-security-acl-3.3.1/debian/rules --- php-symfony-security-acl-3.1.1/debian/rules 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/rules 2022-02-20 00:11:00.000000000 +0000 @@ -1,15 +1,27 @@ #!/usr/bin/make -f %: - dh $@ --with phpcomposer + dh $@ override_dh_auto_build: + phpabtpl composer.json > debian/autoload.php.tpl phpab \ --output autoload.php \ - --template debian/autoload.php \ + --template debian/autoload.php.tpl \ --blacklist '*\\tests\\*' \ . - mkdir --parents Symfony/Component/Security + mkdir --parents Symfony/Component/Security vendor + phpabtpl \ + --require doctrine/common \ + --require doctrine/dbal \ + --require symfony/cache \ + --require symfony/phpunit-bridge \ + --require symfony/security-acl \ + > debian/autoload.tests.php.tpl + phpab \ + --output vendor/autoload.php \ + --template debian/autoload.tests.php.tpl \ + Tests ln -s ../../.. Symfony/Component/Security/Acl override_dh_auto_test: - phpunit --bootstrap debian/autoload.tests.php + echo "disabled: SYMFONY_DEPRECATIONS_HELPER=weak phpunit" diff -Nru php-symfony-security-acl-3.1.1/debian/tests/control php-symfony-security-acl-3.3.1/debian/tests/control --- php-symfony-security-acl-3.1.1/debian/tests/control 2021-06-16 13:15:24.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/tests/control 2022-02-08 23:25:23.000000000 +0000 @@ -1,2 +1,11 @@ -Test-Command: phpunit --bootstrap debian/autoload.tests.php -Depends: @, php-doctrine-common, php-doctrine-dbal, php-sqlite3, phpunit +Test-Command: mkdir -p vendor && phpabtpl --require doctrine/common --require doctrine/dbal --require symfony/cache --require symfony/phpunit-bridge --require symfony/security-acl > debian/autoload.tests.php.tpl && phpab --output vendor/autoload.php --template debian/autoload.tests.php.tpl Tests && SYMFONY_DEPRECATIONS_HELPER=weak phpunit +Restrictions: allow-stderr, rw-build-tree +Depends: php-doctrine-common, + php-doctrine-dbal, + php-sqlite3, + php-symfony-cache, + php-symfony-phpunit-bridge, + phpab, + phpunit, + pkg-php-tools (>= 1.41~), + @ diff -Nru php-symfony-security-acl-3.1.1/debian/upstream/signing-key.asc php-symfony-security-acl-3.3.1/debian/upstream/signing-key.asc --- php-symfony-security-acl-3.1.1/debian/upstream/signing-key.asc 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/debian/upstream/signing-key.asc 2021-10-11 22:08:18.000000000 +0000 @@ -0,0 +1,86 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQMuBFG+/7cRCACOJQOBUWpgGWVman9hHBVCcck6GDeeZXhcC8+vAZg0LnITsRYv +RdS8kV9sjK3aVlD2R0kb+nIBnpdAd5Qtfq1TeG7X1sf6SbTyHfHUAgiI+fjKoRz5 +hSMI6HALngPlvgwmm668bKbA4IJ9ObC7bjHFtCtXmhF0kKd0z/yBj6ENMMFWV75r +Cza9s8X+/hV8n/yLnd86A8nEg9yT2peXxBqKuplDFYGcXUV4brnF1DJTdWt2DWns +JH9kK6TX5wZ+Tx35AD7c4lODfuUjzd9Oh1hqogk5lcjq/bP8A573/QOEDwTMSTtQ +b12neSu2xQhkSxh1sj1c7VyyTi9emngd9KmbAQD2jV72oehHpieWi7uIYLsh9m6O +7FJqAYCB8REYh2tb2Qf8C3/mE4wzh2BILZuflkwQJxswyjQJ3F93qxypQ6eoT4Vt +6n1b3jTnfAgoniX94X2cpnq5mANp+6MeraZQ7zw1RDpqQPpfP9PXMoNxUxC08UzF +g95DGS0ZyEE2z0M696JR2Q/55T4atiCqVNcS6afInm6sVK90Ign9xfOmcpL/PbaR +r32nLJHq7AKYOi6YZUfdXiuo858ZdXtVGKZyFAvYaWv33FAQHQw16SyDj9F84ubL +X1rsosXw7DoqxYptAKWKlWKNlfDueOkywfIbZ+kTyKBkYKPSbHy74dzEgoNrz3+M +RUAVzxF+gxPueL8Qn+jplhEDV1s+Ajm8uJCBKzTYZgf8D3CP+QoaX6U6Wa8jOAn0 +ykDSLwvatzFmwj6HX64mvyoU14wtRQyQ+tnOPruBxBx6oLoQ2UhR1dOQd2UbV2al +LnUTu/qCSdt8qQ/n3fJ6sMxJN7SQSQN2bPuOYfnaouDnLeeKBQkonSgWziKkcUKE +qVCslZfp1YlGDPku8uIyHBQSsHkOB82PWOvhS7wnS0bBNmDn1KG/7UDKSv7fVBWv +1INf5y+W5qnRCo5Y1DIF+aXUgw8jkveAC4DTaQlXq43e6nnSgavgt53Gx88ZHfQ4 +LTwGxn3oOTGvsX1AfTIY/Vxd6QXEP0M2x6E8xM1ml/9KwxIhn6n3yUE4RTtPJrWn +ILQtRmFiaWVuIFBvdGVuY2llciA8ZmFiaWVuLnBvdGVuY2llckBnbWFpbC5jb20+ +iHoEExEIACIFAlcFC3ECGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOuK +pppWbAeVdtcA/0L8pKmycUb5NiSoKfZy5zzGuqgkwwQLlfTnzamS/QidAQCY5SHd +SolDy+sw+7KvtJ5zIsjIjWXQ1R82FJzj0h1FprQuRmFiaWVuIFBvdGVuY2llciAo +ZmFicG90KSA8ZmFiaWVuQHN5bWZvbnkuY29tPoh6BBMRCAAiBQJRvwK0AhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDriqaaVmwHlTHnAQCOJOBOHUic0YFZ +A6icu2hDz/58nnbhj7PSKnGwMlNb9wEAsm+qp9s+zdAsJa03Xh1yVg8ZJsSloFaA +ZyBUZ1lV5DW0MEZhYmllbiBQb3RlbmNpZXIgKGZhYnBvdCkgPGZhYmllbkBwb3Rl +bmNpZXIub3JnPoh6BBMRCAAiBQJRvv+3AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe +AQIXgAAKCRDriqaaVmwHlR3MAQCupgYBAqnEgr0pjDReHZiBJFhNYf1sa7nAU9Vq +bLSImwD/eV7Qz1isHu9rJODlJDS/AAUUiqvcUNCfS8s5sAib9Vm5Ag0EUb7/txAI +AJts/d91JLPXrtEacXI1i1kz4k90SQ+h72+zzkMZXzRJa9nJh8s+JVLEtoimX7ZC +ort0E9zdR1oKXvVykzaXMvS7FWyCKFt3ovYRVk8LTfIfTQPY33ARy41v4V9GoF9x +Kjru/EdOyAUAF6iWJRiK8SxIvNcC57rvCFi8q3vo+6PgXQid7Iherou9QCBryqGL +vNieh4WOZNMg1doNTIveN2Azm1vzYCJyr7/jqSkjgsJGPCWx1d2j+FxXyTyFyrtk +LKeREawwUUy+JeKjAGes/SOxi7uNmi6IbDaFUC34K8WvDcxyBel+JECirHHG5eXJ +A25Dr2s+aXxogucOIfpRHysAAwUH/iZYNrYCujLn9Oolk8l7AU8hfTXnKnP4iyKx +d3QJJxQ6PKsH3ktn/6tphGxA6lgNFzsNcgILauM4TuOUftSTp77TvdPvybENePUP +PHJSv4NVQQqTXg7FFB6EpXAhr3t4L5Nu40CYATrq/OxIj6HGUrAxiAkr+yMzcSWR +WTT2UOGJ242FKy2xHy6M8b/6qFBy9en93M5ZiaIG8gJhqsiuomZUZc8AMMD3Ubhi +GmhnQjAd42I7N+cI2SBRUgytmiMHws6SOPFLAd5xRV3QX9RJOlCYokBPoTV8nDXp +2uAvpH4dCIWxCwmcdevacROFfu0+yAhNph1DC7wwZpKhuXwHl+GIYQQYEQgACQUC +Ub7/twIbDAAKCRDriqaaVmwHlfoyAP4z2/q1lkVVzQvRcI8i/GPWHMM68yoZNwtp +pf2JvozuLgEA4vPAiTl3tMIS40MVJ87sx4EUFLRxO45Ayo4nT2fWpj0= +=lyY8 +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBF3aklsBDADMnAAZkoYXmS9x1wrkFOuv0NocHOA9AB4RwDlPfsLW2Q2NB/0T +N5ffIAo5NBIqmKSOGu3pMrCH7Idi4JQRyGQU6soTjgm/5ivtP3k7DVv1DCs0gNzt +J90Lj7HkDsb+MiqEPnHRdLLm677arnCNuIqF8mb1kuwZballTAzvxkU02Wr7BsmJ +EYiaoHQ52YSNmSPNMS31lXhzniD96CoI233AnNcQZVn8n0X+5mj+dM/JZBigaTGp +9IlxZ0LNyP3u38dmdKgc+3vi1eaQ9dKaiMRJmKXSehgUjgFazIPJmtlxdcZXzHm/ +/QklVEqg4Ul0i6GnfF5bTYCbW96mNHSOxdvdT2yzX0HojijdgLFTvXIukrSe+HNt +w27gf6kumLkOT1Z98Aulj2vFnFpSM9j+8nzDWcifrlh8w+EOyUp1s7mqgc6wCbqh +jEFU5K4IdyaPeGUUttuMMjgShYWws6dm388NivEbhWjqNHHQuMVaOM1VBgL6zzOr +EIyewPtGEIBa7Y8AEQEAAbQiV291dGVyIGRlIEpvbmcgPHdvdXRlckB3b3V0ZXJq +Lm5sPokB1AQTAQoAPhYhBMN66JpEkKct2EZyUriwVHvo/WiQBQJd2pJbAhsDBQkD +wmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELiwVHvo/WiQ/qEL/iQlsn9u +8kFamw+oSaJfUc6fQvy8MXmNiNlKT6eFssGnN+jAOQ3VYWUp2h5BdDd4hokKqKk4 +9Ovo4tkU/b9e0xIf49qSZooWKTl/Co5MDWROBEGdHU//U07MbHV3FGJu9fKxWY8E +4L6y+QnaV1vppJRWmcsX4rzmxi1boOeETxfPXjqt83gtppR/V3DHMEJjjXwJe2TH +tkn0+sj4OR9j412rQbX+On5Zpzx7K/Otwp4BX+nbIocdwTPT9BNaGcGBoq5hhj7Q +CzhT4ZVNggwmvPcfHZTutCuyohG1BTVS9wHiEK0Xmant0rMxACnlC9A5UR98DuYU +S0wOjtyDslT69kq70dmJ9kZ1DKWB4QTKxkRli9D7d9PLX3QnPksptbnphJe2cLkQ +US4V/w/YFTs8l38vNMxe5EOSsDaDL/VaL5FbYPKxEkG7pmLDWUQm+viZyhzAFmzI +YEJ4NFIeYEqLuTyU2I+EeN5AL8YWbTLW7HsUNAEC5sROTDEmn2w2n6JtKrkBjQRd +2pJbAQwA4pzB5ZqThFPnkGygANpHAq/3QwZu0bRz1yqK+U6N96jJbM6YcD6gT1z1 +W+/UDYaD+GFS8VVVEGjHVaQ+6Lg9bh0WukWjkizT7lcSeI7nkZhPYldQAF6xQCnF +iCK18rMIUiPlkE5XSPd4fbAKqPJWS0TgG1kynQDM6VBJOsOwJEHy4E9GmjjFx2eq +frpmf5fdRI1fqD58+36rgbfUdS/z29k7DZb/fNC35Ecne6Q6aM6SJJArJyZcQQbJ +tDgM0s0Yq/XSFkCDrjwrYjVdBXNv+AGHwLb3+lQ4u7l668JGR25Whn26ckK47I2m +l0MFnp3zSvojwQSOi5GcDOknVl6zifJ8sx7WzUzHtGUoz/5v55X7BRCt6KbdKN2J +0sTCJPW4giPI+WBOtrNBY0byiHXjq2sU7ENMtwMbPNx5PBpBNhrt4sqUkIn4GwsO +5dRXR6TzygqgOStoit7HITtyhLO3QsGL6BBB/hXff0CHKRJaj3Ah44FnQsPVvclD +0Ve2hnjnABEBAAGJAbwEGAEKACYWIQTDeuiaRJCnLdhGclK4sFR76P1okAUCXdqS +WwIbDAUJA8JnAAAKCRC4sFR76P1okO/HC/9RVNg5gdXFTJu0XZJ225UfCPbdCgs6 +GHS8t6/+fkprO5BB7Rds2SK7aD5KO1wssN9+tAq5ygGxUVf7bBAMbB0TOX6bnU8h +Bwo618fUSWs30qjpuJ6mjpWiuQl2S7ts4LUPkrq6JaRQtf1DOfLrQWxwSm5sXyw3 +cxpqWitkoyQUAAcTyNx1nhFkR9WEHRLoVM2Bw3ejjDj0+U5nF6wjIOkO4W4mc8Vr +rifMrYu2XJ2ybm5TBZu9empa4LvjipyjjLoD5UrMmChwptO2lrqCILvIoPMivV6O +ump9UrMZlEEtMYpjpttrOWzLk9vphapJsTvl2yX3xOTrAQV//2WZpKtoalyr+JMf +0o1OqfJHSqSUwSM88L7ryDKmzChRYVpGO9H1+bBTQbCaY4KnOUkR5kIGjVniPpV4 +3o46s22uFUwXnfi367J734Wl4HhLqTDUmWRnbBRtXWi4rJT6kl4f+O7RCr7qHsjU +PP5QEOowoxzAq2Tes7H92SIiYIE/PLxrx2M= +=76bv +-----END PGP PUBLIC KEY BLOCK----- diff -Nru php-symfony-security-acl-3.1.1/Domain/AclCacheTrait.php php-symfony-security-acl-3.3.1/Domain/AclCacheTrait.php --- php-symfony-security-acl-3.1.1/Domain/AclCacheTrait.php 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/AclCacheTrait.php 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,98 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Acl\Domain; + +use Symfony\Component\Security\Acl\Model\AclInterface; +use Symfony\Component\Security\Acl\Model\ObjectIdentityInterface; + +/** + * @author Johannes M. Schmitt + * + * @internal + */ +trait AclCacheTrait +{ + private $prefix; + private $permissionGrantingStrategy; + + /** + * Unserializes the ACL. + */ + private function unserializeAcl(string $serialized): ?AclInterface + { + $acl = unserialize($serialized); + + if (null !== $parentId = $acl->getParentAcl()) { + $parentAcl = $this->getFromCacheById($parentId); + + if (null === $parentAcl) { + return null; + } + + $acl->setParentAcl($parentAcl); + } + + $reflectionProperty = new \ReflectionProperty($acl, 'permissionGrantingStrategy'); + $reflectionProperty->setAccessible(true); + $reflectionProperty->setValue($acl, $this->permissionGrantingStrategy); + $reflectionProperty->setAccessible(false); + + $aceAclProperty = new \ReflectionProperty(Entry::class, 'acl'); + $aceAclProperty->setAccessible(true); + + foreach ($acl->getObjectAces() as $ace) { + $aceAclProperty->setValue($ace, $acl); + } + foreach ($acl->getClassAces() as $ace) { + $aceAclProperty->setValue($ace, $acl); + } + + $aceClassFieldProperty = new \ReflectionProperty($acl, 'classFieldAces'); + $aceClassFieldProperty->setAccessible(true); + foreach ($aceClassFieldProperty->getValue($acl) as $aces) { + foreach ($aces as $ace) { + $aceAclProperty->setValue($ace, $acl); + } + } + $aceClassFieldProperty->setAccessible(false); + + $aceObjectFieldProperty = new \ReflectionProperty($acl, 'objectFieldAces'); + $aceObjectFieldProperty->setAccessible(true); + foreach ($aceObjectFieldProperty->getValue($acl) as $aces) { + foreach ($aces as $ace) { + $aceAclProperty->setValue($ace, $acl); + } + } + $aceObjectFieldProperty->setAccessible(false); + + $aceAclProperty->setAccessible(false); + + return $acl; + } + + /** + * Returns the key for the object identity. + */ + private function getDataKeyByIdentity(ObjectIdentityInterface $oid): string + { + return $this->prefix.md5($oid->getType()).sha1($oid->getType()) + .'_'.md5($oid->getIdentifier()).sha1($oid->getIdentifier()); + } + + /** + * Returns the alias key for the object identity key. + */ + private function getAliasKeyForIdentity(string $aclId): string + { + return $this->prefix.$aclId; + } +} diff -Nru php-symfony-security-acl-3.1.1/Domain/Acl.php php-symfony-security-acl-3.3.1/Domain/Acl.php --- php-symfony-security-acl-3.1.1/Domain/Acl.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/Acl.php 2022-02-15 18:20:11.000000000 +0000 @@ -73,7 +73,7 @@ /** * {@inheritdoc} */ - public function deleteClassAce($index) + public function deleteClassAce(int $index) { $this->deleteAce('classAces', $index); } @@ -81,7 +81,7 @@ /** * {@inheritdoc} */ - public function deleteClassFieldAce($index, $field) + public function deleteClassFieldAce(int $index, string $field) { $this->deleteFieldAce('classFieldAces', $index, $field); } @@ -89,7 +89,7 @@ /** * {@inheritdoc} */ - public function deleteObjectAce($index) + public function deleteObjectAce(int $index) { $this->deleteAce('objectAces', $index); } @@ -97,7 +97,7 @@ /** * {@inheritdoc} */ - public function deleteObjectFieldAce($index, $field) + public function deleteObjectFieldAce(int $index, string $field) { $this->deleteFieldAce('objectFieldAces', $index, $field); } @@ -113,9 +113,9 @@ /** * {@inheritdoc} */ - public function getClassFieldAces($field) + public function getClassFieldAces(string $field) { - return isset($this->classFieldAces[$field]) ? $this->classFieldAces[$field] : []; + return $this->classFieldAces[$field] ?? []; } /** @@ -129,9 +129,9 @@ /** * {@inheritdoc} */ - public function getObjectFieldAces($field) + public function getObjectFieldAces(string $field) { - return isset($this->objectFieldAces[$field]) ? $this->objectFieldAces[$field] : []; + return $this->objectFieldAces[$field] ?? []; } /** @@ -161,7 +161,7 @@ /** * {@inheritdoc} */ - public function insertClassAce(SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null) + public function insertClassAce(SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null) { $this->insertAce('classAces', $index, $mask, $sid, $granting, $strategy); } @@ -169,7 +169,7 @@ /** * {@inheritdoc} */ - public function insertClassFieldAce($field, SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null) + public function insertClassFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null) { $this->insertFieldAce('classFieldAces', $index, $field, $mask, $sid, $granting, $strategy); } @@ -177,7 +177,7 @@ /** * {@inheritdoc} */ - public function insertObjectAce(SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null) + public function insertObjectAce(SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null) { $this->insertAce('objectAces', $index, $mask, $sid, $granting, $strategy); } @@ -185,7 +185,7 @@ /** * {@inheritdoc} */ - public function insertObjectFieldAce($field, SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null) + public function insertObjectFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null) { $this->insertFieldAce('objectFieldAces', $index, $field, $mask, $sid, $granting, $strategy); } @@ -201,7 +201,7 @@ /** * {@inheritdoc} */ - public function isFieldGranted($field, array $masks, array $securityIdentities, $administrativeMode = false) + public function isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false) { return $this->permissionGrantingStrategy->isFieldGranted($this, $field, $masks, $securityIdentities, $administrativeMode); } @@ -209,7 +209,7 @@ /** * {@inheritdoc} */ - public function isGranted(array $masks, array $securityIdentities, $administrativeMode = false) + public function isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false) { return $this->permissionGrantingStrategy->isGranted($this, $masks, $securityIdentities, $administrativeMode); } @@ -217,17 +217,17 @@ /** * {@inheritdoc} */ - public function isSidLoaded($sids) + public function isSidLoaded($securityIdentities) { if (!$this->loadedSids) { return true; } - if (!\is_array($sids)) { - $sids = [$sids]; + if (!\is_array($securityIdentities)) { + $securityIdentities = [$securityIdentities]; } - foreach ($sids as $sid) { + foreach ($securityIdentities as $sid) { if (!$sid instanceof SecurityIdentityInterface) { throw new \InvalidArgumentException('$sid must be an instance of SecurityIdentityInterface.'); } @@ -244,14 +244,9 @@ return true; } - /** - * Implementation for the \Serializable interface. - * - * @return string - */ - public function serialize() + public function __serialize(): array { - return serialize([ + return [ null === $this->parentAcl ? null : $this->parentAcl->getId(), $this->objectIdentity, $this->classAces, @@ -261,17 +256,12 @@ $this->id, $this->loadedSids, $this->entriesInheriting, - ]); + ]; } - /** - * Implementation for the \Serializable interface. - * - * @param string $serialized - */ - public function unserialize($serialized) + public function __unserialize(array $data): void { - list($this->parentAcl, + [$this->parentAcl, $this->objectIdentity, $this->classAces, $this->classFieldAces, @@ -280,15 +270,37 @@ $this->id, $this->loadedSids, $this->entriesInheriting - ) = unserialize($serialized); + ] = $data; $this->listeners = []; } /** + * @internal + * @final + * + * @return string + */ + public function serialize() + { + return serialize($this->__serialize()); + } + + /** + * @internal + * @final + * + * @param string $serialized + */ + public function unserialize($serialized) + { + $this->__unserialize(\is_array($serialized) ? $serialized : unserialize($serialized)); + } + + /** * {@inheritdoc} */ - public function setEntriesInheriting($boolean) + public function setEntriesInheriting(bool $boolean) { if ($this->entriesInheriting !== $boolean) { $this->onPropertyChanged('entriesInheriting', $this->entriesInheriting, $boolean); @@ -299,7 +311,7 @@ /** * {@inheritdoc} */ - public function setParentAcl(AclInterface $acl = null) + public function setParentAcl(?AclInterface $acl = null) { if (null !== $acl && null === $acl->getId()) { throw new \InvalidArgumentException('$acl must have an ID.'); @@ -314,7 +326,7 @@ /** * {@inheritdoc} */ - public function updateClassAce($index, $mask, $strategy = null) + public function updateClassAce(int $index, int $mask, ?string $strategy = null) { $this->updateAce('classAces', $index, $mask, $strategy); } @@ -322,7 +334,7 @@ /** * {@inheritdoc} */ - public function updateClassFieldAce($index, $field, $mask, $strategy = null) + public function updateClassFieldAce(int $index, string $field, int $mask, ?string $strategy = null) { $this->updateFieldAce('classFieldAces', $index, $field, $mask, $strategy); } @@ -330,7 +342,7 @@ /** * {@inheritdoc} */ - public function updateObjectAce($index, $mask, $strategy = null) + public function updateObjectAce(int $index, int $mask, ?string $strategy = null) { $this->updateAce('objectAces', $index, $mask, $strategy); } @@ -338,7 +350,7 @@ /** * {@inheritdoc} */ - public function updateObjectFieldAce($index, $field, $mask, $strategy = null) + public function updateObjectFieldAce(int $index, string $field, int $mask, ?string $strategy = null) { $this->updateFieldAce('objectFieldAces', $index, $field, $mask, $strategy); } @@ -346,7 +358,7 @@ /** * {@inheritdoc} */ - public function updateClassAuditing($index, $auditSuccess, $auditFailure) + public function updateClassAuditing(int $index, bool $auditSuccess, bool $auditFailure) { $this->updateAuditing($this->classAces, $index, $auditSuccess, $auditFailure); } @@ -354,7 +366,7 @@ /** * {@inheritdoc} */ - public function updateClassFieldAuditing($index, $field, $auditSuccess, $auditFailure) + public function updateClassFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure) { if (!isset($this->classFieldAces[$field])) { throw new \InvalidArgumentException(sprintf('There are no ACEs for field "%s".', $field)); @@ -366,7 +378,7 @@ /** * {@inheritdoc} */ - public function updateObjectAuditing($index, $auditSuccess, $auditFailure) + public function updateObjectAuditing(int $index, bool $auditSuccess, bool $auditFailure) { $this->updateAuditing($this->objectAces, $index, $auditSuccess, $auditFailure); } @@ -374,7 +386,7 @@ /** * {@inheritdoc} */ - public function updateObjectFieldAuditing($index, $field, $auditSuccess, $auditFailure) + public function updateObjectFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure) { if (!isset($this->objectFieldAces[$field])) { throw new \InvalidArgumentException(sprintf('There are no ACEs for field "%s".', $field)); @@ -497,7 +509,8 @@ */ private function insertFieldAce($property, $index, $field, $mask, SecurityIdentityInterface $sid, $granting, $strategy = null) { - if (0 === \strlen($field)) { + $field = (string) $field; + if ('' === $field) { throw new \InvalidArgumentException('$field cannot be empty.'); } @@ -570,10 +583,9 @@ /** * Updates auditing for an ACE. * - * @param array &$aces - * @param int $index - * @param bool $auditSuccess - * @param bool $auditFailure + * @param int $index + * @param bool $auditSuccess + * @param bool $auditFailure * * @throws \OutOfBoundsException */ @@ -608,7 +620,8 @@ */ private function updateFieldAce($property, $index, $field, $mask, $strategy = null) { - if (0 === \strlen($field)) { + $field = (string) $field; + if ('' === $field) { throw new \InvalidArgumentException('$field cannot be empty.'); } diff -Nru php-symfony-security-acl-3.1.1/Domain/DoctrineAclCache.php php-symfony-security-acl-3.3.1/Domain/DoctrineAclCache.php --- php-symfony-security-acl-3.1.1/Domain/DoctrineAclCache.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/DoctrineAclCache.php 2022-02-15 18:20:11.000000000 +0000 @@ -25,11 +25,11 @@ */ class DoctrineAclCache implements AclCacheInterface { - const PREFIX = 'sf2_acl_'; + use AclCacheTrait; + + public const PREFIX = 'sf2_acl_'; private $cache; - private $prefix; - private $permissionGrantingStrategy; /** * Constructor. @@ -40,7 +40,8 @@ */ public function __construct(Cache $cache, PermissionGrantingStrategyInterface $permissionGrantingStrategy, $prefix = self::PREFIX) { - if (0 === \strlen($prefix)) { + $prefix = (string) $prefix; + if ('' === $prefix) { throw new \InvalidArgumentException('$prefix cannot be empty.'); } @@ -140,86 +141,4 @@ $this->cache->save($key, serialize($acl)); $this->cache->save($this->getAliasKeyForIdentity($acl->getId()), $key); } - - /** - * Unserializes the ACL. - * - * @param string $serialized - * - * @return AclInterface - */ - private function unserializeAcl($serialized) - { - $acl = unserialize($serialized); - - if (null !== $parentId = $acl->getParentAcl()) { - $parentAcl = $this->getFromCacheById($parentId); - - if (null === $parentAcl) { - return; - } - - $acl->setParentAcl($parentAcl); - } - - $reflectionProperty = new \ReflectionProperty($acl, 'permissionGrantingStrategy'); - $reflectionProperty->setAccessible(true); - $reflectionProperty->setValue($acl, $this->permissionGrantingStrategy); - $reflectionProperty->setAccessible(false); - - $aceAclProperty = new \ReflectionProperty('Symfony\Component\Security\Acl\Domain\Entry', 'acl'); - $aceAclProperty->setAccessible(true); - - foreach ($acl->getObjectAces() as $ace) { - $aceAclProperty->setValue($ace, $acl); - } - foreach ($acl->getClassAces() as $ace) { - $aceAclProperty->setValue($ace, $acl); - } - - $aceClassFieldProperty = new \ReflectionProperty($acl, 'classFieldAces'); - $aceClassFieldProperty->setAccessible(true); - foreach ($aceClassFieldProperty->getValue($acl) as $aces) { - foreach ($aces as $ace) { - $aceAclProperty->setValue($ace, $acl); - } - } - $aceClassFieldProperty->setAccessible(false); - - $aceObjectFieldProperty = new \ReflectionProperty($acl, 'objectFieldAces'); - $aceObjectFieldProperty->setAccessible(true); - foreach ($aceObjectFieldProperty->getValue($acl) as $aces) { - foreach ($aces as $ace) { - $aceAclProperty->setValue($ace, $acl); - } - } - $aceObjectFieldProperty->setAccessible(false); - - $aceAclProperty->setAccessible(false); - - return $acl; - } - - /** - * Returns the key for the object identity. - * - * @return string - */ - private function getDataKeyByIdentity(ObjectIdentityInterface $oid) - { - return $this->prefix.md5($oid->getType()).sha1($oid->getType()) - .'_'.md5($oid->getIdentifier()).sha1($oid->getIdentifier()); - } - - /** - * Returns the alias key for the object identity key. - * - * @param string $aclId - * - * @return string - */ - private function getAliasKeyForIdentity($aclId) - { - return $this->prefix.$aclId; - } } diff -Nru php-symfony-security-acl-3.1.1/Domain/Entry.php php-symfony-security-acl-3.3.1/Domain/Entry.php --- php-symfony-security-acl-3.1.1/Domain/Entry.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/Entry.php 2022-02-15 18:20:11.000000000 +0000 @@ -31,17 +31,7 @@ private $auditSuccess; private $granting; - /** - * Constructor. - * - * @param int $id - * @param string $strategy - * @param int $mask - * @param bool $granting - * @param bool $auditFailure - * @param bool $auditSuccess - */ - public function __construct($id, AclInterface $acl, SecurityIdentityInterface $sid, $strategy, $mask, $granting, $auditFailure, $auditSuccess) + public function __construct(?int $id, AclInterface $acl, SecurityIdentityInterface $sid, string $strategy, int $mask, bool $granting, bool $auditFailure, bool $auditSuccess) { $this->id = $id; $this->acl = $acl; @@ -169,14 +159,9 @@ $this->strategy = $strategy; } - /** - * Implementation of \Serializable. - * - * @return string - */ - public function serialize() + public function __serialize(): array { - return serialize([ + return [ $this->mask, $this->id, $this->securityIdentity, @@ -184,23 +169,40 @@ $this->auditFailure, $this->auditSuccess, $this->granting, - ]); + ]; } - /** - * Implementation of \Serializable. - * - * @param string $serialized - */ - public function unserialize($serialized) + public function __unserialize(array $data): void { - list($this->mask, + [$this->mask, $this->id, $this->securityIdentity, $this->strategy, $this->auditFailure, $this->auditSuccess, $this->granting - ) = unserialize($serialized); + ] = $data; + } + + /** + * @internal + * @final + * + * @return string + */ + public function serialize() + { + return serialize($this->__serialize()); + } + + /** + * @internal + * @final + * + * @param string $serialized + */ + public function unserialize($serialized) + { + $this->__unserialize(\is_array($serialized) ? $serialized : unserialize($serialized)); } } diff -Nru php-symfony-security-acl-3.1.1/Domain/FieldEntry.php php-symfony-security-acl-3.3.1/Domain/FieldEntry.php --- php-symfony-security-acl-3.1.1/Domain/FieldEntry.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/FieldEntry.php 2022-02-15 18:20:11.000000000 +0000 @@ -24,18 +24,7 @@ { private $field; - /** - * Constructor. - * - * @param int $id - * @param string $field - * @param string $strategy - * @param int $mask - * @param bool $granting - * @param bool $auditFailure - * @param bool $auditSuccess - */ - public function __construct($id, AclInterface $acl, $field, SecurityIdentityInterface $sid, $strategy, $mask, $granting, $auditFailure, $auditSuccess) + public function __construct(?int $id, AclInterface $acl, string $field, SecurityIdentityInterface $sid, string $strategy, int $mask, bool $granting, bool $auditFailure, $auditSuccess) { parent::__construct($id, $acl, $sid, $strategy, $mask, $granting, $auditFailure, $auditSuccess); @@ -53,23 +42,18 @@ /** * {@inheritdoc} */ - public function serialize() + public function __serialize(): array { - return serialize([ - $this->field, - parent::serialize(), - ]); + return [$this->field, parent::__serialize()]; } /** * {@inheritdoc} */ - public function unserialize($serialized) + public function __unserialize(array $data): void { - list($this->field, $parentStr) = unserialize($serialized); - if (!\is_string($parentStr)) { - throw new \BadMethodCallException('Cannot serialize '.__CLASS__); - } - parent::unserialize($parentStr); + [$this->field, $parentData] = $data; + $parentData = \is_array($parentData) ? $parentData : unserialize($parentData); + parent::__unserialize($parentData); } } diff -Nru php-symfony-security-acl-3.1.1/Domain/PermissionGrantingStrategy.php php-symfony-security-acl-3.3.1/Domain/PermissionGrantingStrategy.php --- php-symfony-security-acl-3.1.1/Domain/PermissionGrantingStrategy.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/PermissionGrantingStrategy.php 2022-02-15 18:20:11.000000000 +0000 @@ -25,9 +25,9 @@ */ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface { - const EQUAL = 'equal'; - const ALL = 'all'; - const ANY = 'any'; + public const EQUAL = 'equal'; + public const ALL = 'all'; + public const ANY = 'any'; private $auditLogger; diff -Nru php-symfony-security-acl-3.1.1/Domain/PsrAclCache.php php-symfony-security-acl-3.3.1/Domain/PsrAclCache.php --- php-symfony-security-acl-3.1.1/Domain/PsrAclCache.php 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/PsrAclCache.php 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,140 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Acl\Domain; + +use Psr\Cache\CacheItemPoolInterface; +use Symfony\Component\Security\Acl\Model\AclCacheInterface; +use Symfony\Component\Security\Acl\Model\AclInterface; +use Symfony\Component\Security\Acl\Model\ObjectIdentityInterface; +use Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface; + +/** + * This class is a wrapper around a PSR-6 cache implementation. + * + * @author Michael Babker + */ +class PsrAclCache implements AclCacheInterface +{ + use AclCacheTrait; + + public const PREFIX = 'sf_acl_'; + + private $cache; + + /** + * @throws \InvalidArgumentException When $prefix is empty + */ + public function __construct(CacheItemPoolInterface $cache, PermissionGrantingStrategyInterface $permissionGrantingStrategy, string $prefix = self::PREFIX) + { + if ('' === $prefix) { + throw new \InvalidArgumentException('$prefix cannot be empty.'); + } + + $this->cache = $cache; + $this->permissionGrantingStrategy = $permissionGrantingStrategy; + $this->prefix = $prefix; + } + + /** + * {@inheritdoc} + */ + public function clearCache(): void + { + $this->cache->clear(); + } + + /** + * {@inheritdoc} + */ + public function evictFromCacheById($aclId): void + { + $lookupKey = $this->getAliasKeyForIdentity($aclId); + $cacheItem = $this->cache->getItem($lookupKey); + if (!$cacheItem->isHit()) { + return; + } + + $this->cache->deleteItems([$cacheItem->get(), $lookupKey]); + } + + /** + * {@inheritdoc} + */ + public function evictFromCacheByIdentity(ObjectIdentityInterface $oid): void + { + $this->cache->deleteItem($this->getDataKeyByIdentity($oid)); + } + + /** + * {@inheritdoc} + */ + public function getFromCacheById($aclId): ?AclInterface + { + $lookupKey = $this->getAliasKeyForIdentity($aclId); + $lookupKeyItem = $this->cache->getItem($lookupKey); + if (!$lookupKeyItem->isHit()) { + return null; + } + + $key = $lookupKeyItem->get(); + $keyItem = $this->cache->getItem($key); + if (!$keyItem->isHit()) { + $this->cache->deleteItem($lookupKey); + + return null; + } + + return $this->unserializeAcl($keyItem->get()); + } + + /** + * {@inheritdoc} + */ + public function getFromCacheByIdentity(ObjectIdentityInterface $oid): ?AclInterface + { + $key = $this->getDataKeyByIdentity($oid); + $cacheItem = $this->cache->getItem($key); + if (!$cacheItem->isHit()) { + return null; + } + + return $this->unserializeAcl($cacheItem->get()); + } + + /** + * {@inheritdoc} + */ + public function putInCache(AclInterface $acl): void + { + if (null === $acl->getId()) { + throw new \InvalidArgumentException('Transient ACLs cannot be cached.'); + } + + if (null !== $parentAcl = $acl->getParentAcl()) { + $this->putInCache($parentAcl); + } + + $key = $this->getDataKeyByIdentity($acl->getObjectIdentity()); + $objectIdentityItem = $this->cache->getItem($key); + $objectIdentityItem->set(serialize($acl)); + + $this->cache->saveDeferred($objectIdentityItem); + + $aliasKey = $this->getAliasKeyForIdentity($acl->getId()); + $aliasItem = $this->cache->getItem($aliasKey); + $aliasItem->set($key); + + $this->cache->saveDeferred($aliasItem); + + $this->cache->commit(); + } +} diff -Nru php-symfony-security-acl-3.1.1/Domain/RoleSecurityIdentity.php php-symfony-security-acl-3.3.1/Domain/RoleSecurityIdentity.php --- php-symfony-security-acl-3.1.1/Domain/RoleSecurityIdentity.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/RoleSecurityIdentity.php 2022-02-15 18:20:11.000000000 +0000 @@ -12,7 +12,6 @@ namespace Symfony\Component\Security\Acl\Domain; use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; -use Symfony\Component\Security\Core\Role\Role; /** * A SecurityIdentity implementation for roles. @@ -23,17 +22,8 @@ { private $role; - /** - * Constructor. - * - * @param mixed $role a Role instance, or its string representation - */ - public function __construct($role) + public function __construct(string $role) { - if ($role instanceof Role) { - $role = $role->getRole(); - } - $this->role = $role; } diff -Nru php-symfony-security-acl-3.1.1/Domain/SecurityIdentityRetrievalStrategy.php php-symfony-security-acl-3.3.1/Domain/SecurityIdentityRetrievalStrategy.php --- php-symfony-security-acl-3.1.1/Domain/SecurityIdentityRetrievalStrategy.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/SecurityIdentityRetrievalStrategy.php 2022-02-15 18:20:11.000000000 +0000 @@ -14,9 +14,9 @@ use Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; +use Symfony\Component\Security\Core\Authentication\Token\NullToken; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter; -use Symfony\Component\Security\Core\Role\Role; use Symfony\Component\Security\Core\Role\RoleHierarchyInterface; /** @@ -40,13 +40,15 @@ /** * {@inheritdoc} + * + * @return RoleSecurityIdentity[] */ public function getSecurityIdentities(TokenInterface $token) { $sids = []; // add user security identity - if (!$token instanceof AnonymousToken) { + if (!$token instanceof AnonymousToken && !$token instanceof NullToken) { try { $sids[] = UserSecurityIdentity::fromToken($token); } catch (\InvalidArgumentException $e) { @@ -55,41 +57,39 @@ } // add all reachable roles - if (method_exists($this->roleHierarchy, 'getReachableRoleNames')) { - foreach ($this->roleHierarchy->getReachableRoleNames($this->getRoleNames($token)) as $role) { - $sids[] = new RoleSecurityIdentity($role); - } - } else { - // Symfony < 4.3 BC layer - foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) { - $sids[] = new RoleSecurityIdentity($role); - } + foreach ($this->roleHierarchy->getReachableRoleNames($token->getRoleNames()) as $role) { + $sids[] = new RoleSecurityIdentity($role); } // add built-in special roles if ($this->authenticationTrustResolver->isFullFledged($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); - $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); + $this->addAnonymousRoles($sids); } elseif ($this->authenticationTrustResolver->isRememberMe($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); - $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); - } elseif ($this->authenticationTrustResolver->isAnonymous($token)) { - $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); + $this->addAnonymousRoles($sids); + } elseif ($this->isNotAuthenticated($token)) { + $this->addAnonymousRoles($sids); } return $sids; } - private function getRoleNames(TokenInterface $token) + private function isNotAuthenticated(TokenInterface $token): bool { - if (method_exists($token, 'getRoleNames')) { - return $token->getRoleNames(); + if (method_exists($this->authenticationTrustResolver, 'isAuthenticated')) { + return !$this->authenticationTrustResolver->isAuthenticated($token); } - // Symfony < 4.3 BC layer - return array_map(function (Role $role) { - return $role->getRole(); - }, $token->getRoles()); + return $this->authenticationTrustResolver->isAnonymous($token); + } + + private function addAnonymousRoles(array &$sids) + { + $sids[] = new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'); + if (\defined('\Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter::PUBLIC_ACCESS')) { + $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::PUBLIC_ACCESS); + } } } diff -Nru php-symfony-security-acl-3.1.1/Domain/UserSecurityIdentity.php php-symfony-security-acl-3.3.1/Domain/UserSecurityIdentity.php --- php-symfony-security-acl-3.1.1/Domain/UserSecurityIdentity.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Domain/UserSecurityIdentity.php 2022-02-15 18:20:11.000000000 +0000 @@ -54,7 +54,7 @@ */ public static function fromAccount(UserInterface $user) { - return new self($user->getUsername(), ClassUtils::getRealClass($user)); + return new self(method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername(), ClassUtils::getRealClass($user)); } /** diff -Nru php-symfony-security-acl-3.1.1/Exception/NotAllAclsFoundException.php php-symfony-security-acl-3.3.1/Exception/NotAllAclsFoundException.php --- php-symfony-security-acl-3.1.1/Exception/NotAllAclsFoundException.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Exception/NotAllAclsFoundException.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,6 +11,9 @@ namespace Symfony\Component\Security\Acl\Exception; +use Symfony\Component\Security\Acl\Model\AclInterface; +use Symfony\Component\Security\Acl\Model\ObjectIdentityInterface; + /** * This exception is thrown when you have requested ACLs for multiple object * identities, but the AclProvider implementation failed to find ACLs for all @@ -25,7 +28,7 @@ private $partialResult; /** - * Sets the partial result. + * @param \SplObjectStorage $result */ public function setPartialResult(\SplObjectStorage $result) { @@ -35,7 +38,7 @@ /** * Returns the partial result. * - * @return \SplObjectStorage + * @return \SplObjectStorage */ public function getPartialResult() { diff -Nru php-symfony-security-acl-3.1.1/.github/psalm/.gitignore php-symfony-security-acl-3.3.1/.github/psalm/.gitignore --- php-symfony-security-acl-3.1.1/.github/psalm/.gitignore 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.github/psalm/.gitignore 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1 @@ +/cache diff -Nru php-symfony-security-acl-3.1.1/.github/psalm/psalm.baseline.xml php-symfony-security-acl-3.3.1/.github/psalm/psalm.baseline.xml --- php-symfony-security-acl-3.1.1/.github/psalm/psalm.baseline.xml 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.github/psalm/psalm.baseline.xml 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,3 @@ + + + diff -Nru php-symfony-security-acl-3.1.1/.github/workflows/ci.yml php-symfony-security-acl-3.3.1/.github/workflows/ci.yml --- php-symfony-security-acl-3.1.1/.github/workflows/ci.yml 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.github/workflows/ci.yml 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,61 @@ +name: CI + +on: + pull_request: + push: + branches: [main] + +jobs: + test: + name: 'Test ${{ matrix.deps }} on PHP ${{ matrix.php }}' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + php: ['7.2.5', '7.3', '7.4', '8.0', '8.1'] + include: + - php: '7.4' + deps: lowest + deprecations: max[self]=0 + - php: '8.0' + deps: highest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '${{ matrix.php }}' + coverage: none + + - name: Configure composer + if: "${{ matrix.deps == 'highest' }}" + run: composer config minimum-stability dev + + - name: Composer install + uses: ramsey/composer-install@v1 + with: + dependency-versions: '${{ matrix.deps }}' + + - name: Install PHPUnit + run: vendor/bin/simple-phpunit install + + - name: Run tests + run: vendor/bin/simple-phpunit + env: + SYMFONY_DEPRECATIONS_HELPER: '${{ matrix.deprecations }}' + + cs: + name: 'Code Style' + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + - name: PHP-CS-Fixer + uses: docker://oskarstark/php-cs-fixer-ga:3.5.0 + with: + args: --diff --dry-run diff -Nru php-symfony-security-acl-3.1.1/.github/workflows/psalm.yml php-symfony-security-acl-3.3.1/.github/workflows/psalm.yml --- php-symfony-security-acl-3.1.1/.github/workflows/psalm.yml 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.github/workflows/psalm.yml 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,48 @@ +name: Static analysis + +on: + pull_request: ~ + +defaults: + run: + shell: bash + +jobs: + psalm: + name: Psalm + runs-on: Ubuntu-20.04 + + steps: + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '8.0' + ini-values: "memory_limit=-1" + coverage: none + + - name: Checkout target branch + uses: actions/checkout@v2 + with: + ref: ${{ github.base_ref }} + + - name: Checkout PR + uses: actions/checkout@v2 + + - name: Install dependencies + run: | + composer remove --dev --no-update --no-interaction symfony/phpunit-bridge + composer require --no-update vimeo/psalm phpunit/phpunit:^9.5 psalm/plugin-phpunit + composer update --no-progress --ansi + git checkout -- composer.json + + ./vendor/bin/psalm --version + + - name: Generate Psalm baseline + run: | + git checkout -m ${{ github.base_ref }} + ./vendor/bin/psalm --set-baseline=.github/psalm/psalm.baseline.xml --no-progress + git checkout -m FETCH_HEAD + + - name: Psalm + run: | + ./vendor/bin/psalm --output-format=github --no-progress diff -Nru php-symfony-security-acl-3.1.1/.gitignore php-symfony-security-acl-3.3.1/.gitignore --- php-symfony-security-acl-3.1.1/.gitignore 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.gitignore 2022-02-15 18:20:11.000000000 +0000 @@ -1,3 +1,6 @@ vendor/ composer.lock phpunit.xml +.phpunit.result.cache +.php-cs-fixer.cache +.php-cs-fixer.php diff -Nru php-symfony-security-acl-3.1.1/LICENSE php-symfony-security-acl-3.3.1/LICENSE --- php-symfony-security-acl-3.1.1/LICENSE 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/LICENSE 2022-02-15 18:20:11.000000000 +0000 @@ -1,4 +1,4 @@ -Copyright (c) 2004-2015 Fabien Potencier +Copyright (c) 2004-2021 Fabien Potencier Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff -Nru php-symfony-security-acl-3.1.1/Model/AclCacheInterface.php php-symfony-security-acl-3.3.1/Model/AclCacheInterface.php --- php-symfony-security-acl-3.1.1/Model/AclCacheInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/AclCacheInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -21,9 +21,9 @@ /** * Removes an ACL from the cache. * - * @param string $primaryKey a serialized primary key + * @param string $aclId a serialized primary key */ - public function evictFromCacheById($primaryKey); + public function evictFromCacheById($aclId); /** * Removes an ACL from the cache. @@ -35,16 +35,16 @@ /** * Retrieves an ACL for the given object identity primary key from the cache. * - * @param int $primaryKey + * @param int $aclId * - * @return AclInterface + * @return AclInterface|null */ - public function getFromCacheById($primaryKey); + public function getFromCacheById($aclId); /** * Retrieves an ACL for the given object identity from the cache. * - * @return AclInterface + * @return AclInterface|null */ public function getFromCacheByIdentity(ObjectIdentityInterface $oid); diff -Nru php-symfony-security-acl-3.1.1/Model/AclInterface.php php-symfony-security-acl-3.3.1/Model/AclInterface.php --- php-symfony-security-acl-3.1.1/Model/AclInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/AclInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -22,40 +22,39 @@ * use ObjectIdentity implementations as an additional level of indirection. * * @author Johannes M. Schmitt + * + * @method array __serialize() returns all the necessary state of the object for serialization purposes + * @method void __unserialize(array $data) restores the object state from an array given by {@see __serialize} */ interface AclInterface extends \Serializable { /** * Returns all class-based ACEs associated with this ACL. * - * @return array + * @return array */ public function getClassAces(); /** * Returns all class-field-based ACEs associated with this ACL. * - * @param string $field - * - * @return array + * @return array */ - public function getClassFieldAces($field); + public function getClassFieldAces(string $field); /** * Returns all object-based ACEs associated with this ACL. * - * @return array + * @return array */ public function getObjectAces(); /** * Returns all object-field-based ACEs associated with this ACL. * - * @param string $field - * - * @return array + * @return array */ - public function getObjectFieldAces($field); + public function getObjectFieldAces(string $field); /** * Returns the object identity associated with this ACL. @@ -81,28 +80,23 @@ /** * Determines whether field access is granted. * - * @param string $field - * @param bool $administrativeMode - * * @return bool */ - public function isFieldGranted($field, array $masks, array $securityIdentities, $administrativeMode = false); + public function isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false); /** * Determines whether access is granted. * - * @param bool $administrativeMode - * * @throws NoAceFoundException when no ACE was applicable for this request * * @return bool */ - public function isGranted(array $masks, array $securityIdentities, $administrativeMode = false); + public function isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false); /** * Whether the ACL has loaded ACEs for all of the passed security identities. * - * @param mixed $securityIdentities an implementation of SecurityIdentityInterface, or an array thereof + * @param SecurityIdentityInterface|SecurityIdentityInterface[] $securityIdentities * * @return bool */ diff -Nru php-symfony-security-acl-3.1.1/Model/AclProviderInterface.php php-symfony-security-acl-3.3.1/Model/AclProviderInterface.php --- php-symfony-security-acl-3.1.1/Model/AclProviderInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/AclProviderInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -46,7 +46,7 @@ * @param ObjectIdentityInterface[] $oids an array of ObjectIdentityInterface implementations * @param SecurityIdentityInterface[] $sids an array of SecurityIdentityInterface implementations * - * @return \SplObjectStorage mapping the passed object identities to ACLs + * @return \SplObjectStorage mapping the passed object identities to ACLs * * @throws AclNotFoundException when we cannot find an ACL for all identities */ diff -Nru php-symfony-security-acl-3.1.1/Model/AuditableAclInterface.php php-symfony-security-acl-3.3.1/Model/AuditableAclInterface.php --- php-symfony-security-acl-3.1.1/Model/AuditableAclInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/AuditableAclInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -20,39 +20,21 @@ { /** * Updates auditing for class-based ACE. - * - * @param int $index - * @param bool $auditSuccess - * @param bool $auditFailure */ - public function updateClassAuditing($index, $auditSuccess, $auditFailure); + public function updateClassAuditing(int $index, bool $auditSuccess, bool $auditFailure); /** * Updates auditing for class-field-based ACE. - * - * @param int $index - * @param string $field - * @param bool $auditSuccess - * @param bool $auditFailure */ - public function updateClassFieldAuditing($index, $field, $auditSuccess, $auditFailure); + public function updateClassFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure); /** * Updates auditing for object-based ACE. - * - * @param int $index - * @param bool $auditSuccess - * @param bool $auditFailure */ - public function updateObjectAuditing($index, $auditSuccess, $auditFailure); + public function updateObjectAuditing(int $index, bool $auditSuccess, bool $auditFailure); /** * Updates auditing for object-field-based ACE. - * - * @param int $index - * @param string $field - * @param bool $auditSuccess - * @param bool $auditFailure */ - public function updateObjectFieldAuditing($index, $field, $auditSuccess, $auditFailure); + public function updateObjectFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure); } diff -Nru php-symfony-security-acl-3.1.1/Model/EntryInterface.php php-symfony-security-acl-3.3.1/Model/EntryInterface.php --- php-symfony-security-acl-3.1.1/Model/EntryInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/EntryInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -18,6 +18,9 @@ * allow client modification. * * @author Johannes M. Schmitt + * + * @method array __serialize() returns all the necessary state of the object for serialization purposes + * @method void __unserialize(array $data) restores the object state from an array given by {@see __serialize} */ interface EntryInterface extends \Serializable { @@ -31,7 +34,7 @@ /** * The primary key of this ACE. * - * @return int + * @return int|null */ public function getId(); diff -Nru php-symfony-security-acl-3.1.1/Model/MutableAclInterface.php php-symfony-security-acl-3.3.1/Model/MutableAclInterface.php --- php-symfony-security-acl-3.1.1/Model/MutableAclInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/MutableAclInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -23,33 +23,23 @@ { /** * Deletes a class-based ACE. - * - * @param int $index */ - public function deleteClassAce($index); + public function deleteClassAce(int $index); /** * Deletes a class-field-based ACE. - * - * @param int $index - * @param string $field */ - public function deleteClassFieldAce($index, $field); + public function deleteClassFieldAce(int $index, string $field); /** * Deletes an object-based ACE. - * - * @param int $index */ - public function deleteObjectAce($index); + public function deleteObjectAce(int $index); /** * Deletes an object-field-based ACE. - * - * @param int $index - * @param string $field */ - public function deleteObjectFieldAce($index, $field); + public function deleteObjectFieldAce(int $index, string $field); /** * Returns the primary key of this ACL. @@ -60,93 +50,59 @@ /** * Inserts a class-based ACE. - * - * @param int $mask - * @param int $index - * @param bool $granting - * @param string $strategy */ - public function insertClassAce(SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null); + public function insertClassAce(SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null); /** * Inserts a class-field-based ACE. - * - * @param string $field - * @param int $mask - * @param int $index - * @param bool $granting - * @param string $strategy */ - public function insertClassFieldAce($field, SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null); + public function insertClassFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null); /** * Inserts an object-based ACE. - * - * @param int $mask - * @param int $index - * @param bool $granting - * @param string $strategy */ - public function insertObjectAce(SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null); + public function insertObjectAce(SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null); /** * Inserts an object-field-based ACE. - * - * @param string $field - * @param int $mask - * @param int $index - * @param bool $granting - * @param string $strategy */ - public function insertObjectFieldAce($field, SecurityIdentityInterface $sid, $mask, $index = 0, $granting = true, $strategy = null); + public function insertObjectFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index = 0, bool $granting = true, ?string $strategy = null); /** * Sets whether entries are inherited. - * - * @param bool $boolean */ - public function setEntriesInheriting($boolean); + public function setEntriesInheriting(bool $boolean); /** * Sets the parent ACL. */ - public function setParentAcl(AclInterface $acl = null); + public function setParentAcl(?AclInterface $acl = null); /** * Updates a class-based ACE. * - * @param int $index - * @param int $mask - * @param string $strategy if null the strategy should not be changed + * @param string|null $strategy if null the strategy should not be changed */ - public function updateClassAce($index, $mask, $strategy = null); + public function updateClassAce(int $index, int $mask, ?string $strategy = null); /** * Updates a class-field-based ACE. * - * @param int $index - * @param string $field - * @param int $mask - * @param string $strategy if null the strategy should not be changed + * @param string|null $strategy if null the strategy should not be changed */ - public function updateClassFieldAce($index, $field, $mask, $strategy = null); + public function updateClassFieldAce(int $index, string $field, int $mask, ?string $strategy = null); /** * Updates an object-based ACE. * - * @param int $index - * @param int $mask - * @param string $strategy if null the strategy should not be changed + * @param string|null $strategy if null the strategy should not be changed */ - public function updateObjectAce($index, $mask, $strategy = null); + public function updateObjectAce(int $index, int $mask, ?string $strategy = null); /** * Updates an object-field-based ACE. * - * @param int $index - * @param string $field - * @param int $mask - * @param string $strategy if null the strategy should not be changed + * @param string|null $strategy if null the strategy should not be changed */ - public function updateObjectFieldAce($index, $field, $mask, $strategy = null); + public function updateObjectFieldAce(int $index, string $field, int $mask, ?string $strategy = null); } diff -Nru php-symfony-security-acl-3.1.1/Model/MutableAclProviderInterface.php php-symfony-security-acl-3.3.1/Model/MutableAclProviderInterface.php --- php-symfony-security-acl-3.1.1/Model/MutableAclProviderInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/MutableAclProviderInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -21,6 +21,20 @@ interface MutableAclProviderInterface extends AclProviderInterface { /** + * {@inheritdoc} + * + * @return MutableAclInterface + */ + public function findAcl(ObjectIdentityInterface $oid, array $sids = []); + + /** + * {@inheritdoc} + * + * @return \SplObjectStorage mapping the passed object identities to ACLs + */ + public function findAcls(array $oids, array $sids = []); + + /** * Creates a new ACL for the given object identity. * * @throws AclAlreadyExistsException when there already is an ACL for the given diff -Nru php-symfony-security-acl-3.1.1/Model/SecurityIdentityInterface.php php-symfony-security-acl-3.3.1/Model/SecurityIdentityInterface.php --- php-symfony-security-acl-3.1.1/Model/SecurityIdentityInterface.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Model/SecurityIdentityInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -24,5 +24,5 @@ * This method is used to compare two security identities in order to * not rely on referential equality. */ - public function equals(self $identity); + public function equals(self $sid); } diff -Nru php-symfony-security-acl-3.1.1/Permission/BasicPermissionMap.php php-symfony-security-acl-3.3.1/Permission/BasicPermissionMap.php --- php-symfony-security-acl-3.1.1/Permission/BasicPermissionMap.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Permission/BasicPermissionMap.php 2022-02-15 18:20:11.000000000 +0000 @@ -19,14 +19,14 @@ */ class BasicPermissionMap implements PermissionMapInterface, MaskBuilderRetrievalInterface { - const PERMISSION_VIEW = 'VIEW'; - const PERMISSION_EDIT = 'EDIT'; - const PERMISSION_CREATE = 'CREATE'; - const PERMISSION_DELETE = 'DELETE'; - const PERMISSION_UNDELETE = 'UNDELETE'; - const PERMISSION_OPERATOR = 'OPERATOR'; - const PERMISSION_MASTER = 'MASTER'; - const PERMISSION_OWNER = 'OWNER'; + public const PERMISSION_VIEW = 'VIEW'; + public const PERMISSION_EDIT = 'EDIT'; + public const PERMISSION_CREATE = 'CREATE'; + public const PERMISSION_DELETE = 'DELETE'; + public const PERMISSION_UNDELETE = 'UNDELETE'; + public const PERMISSION_OPERATOR = 'OPERATOR'; + public const PERMISSION_MASTER = 'MASTER'; + public const PERMISSION_OWNER = 'OWNER'; protected $map; diff -Nru php-symfony-security-acl-3.1.1/Permission/MaskBuilder.php php-symfony-security-acl-3.3.1/Permission/MaskBuilder.php --- php-symfony-security-acl-3.1.1/Permission/MaskBuilder.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Permission/MaskBuilder.php 2022-02-15 18:20:11.000000000 +0000 @@ -44,28 +44,28 @@ */ class MaskBuilder extends AbstractMaskBuilder { - const MASK_VIEW = 1; // 1 << 0 - const MASK_CREATE = 2; // 1 << 1 - const MASK_EDIT = 4; // 1 << 2 - const MASK_DELETE = 8; // 1 << 3 - const MASK_UNDELETE = 16; // 1 << 4 - const MASK_OPERATOR = 32; // 1 << 5 - const MASK_MASTER = 64; // 1 << 6 - const MASK_OWNER = 128; // 1 << 7 - const MASK_IDDQD = 1073741823; // 1 << 0 | 1 << 1 | ... | 1 << 30 + public const MASK_VIEW = 1; // 1 << 0 + public const MASK_CREATE = 2; // 1 << 1 + public const MASK_EDIT = 4; // 1 << 2 + public const MASK_DELETE = 8; // 1 << 3 + public const MASK_UNDELETE = 16; // 1 << 4 + public const MASK_OPERATOR = 32; // 1 << 5 + public const MASK_MASTER = 64; // 1 << 6 + public const MASK_OWNER = 128; // 1 << 7 + public const MASK_IDDQD = 1073741823; // 1 << 0 | 1 << 1 | ... | 1 << 30 - const CODE_VIEW = 'V'; - const CODE_CREATE = 'C'; - const CODE_EDIT = 'E'; - const CODE_DELETE = 'D'; - const CODE_UNDELETE = 'U'; - const CODE_OPERATOR = 'O'; - const CODE_MASTER = 'M'; - const CODE_OWNER = 'N'; + public const CODE_VIEW = 'V'; + public const CODE_CREATE = 'C'; + public const CODE_EDIT = 'E'; + public const CODE_DELETE = 'D'; + public const CODE_UNDELETE = 'U'; + public const CODE_OPERATOR = 'O'; + public const CODE_MASTER = 'M'; + public const CODE_OWNER = 'N'; - const ALL_OFF = '................................'; - const OFF = '.'; - const ON = '*'; + public const ALL_OFF = '................................'; + public const OFF = '.'; + public const ON = '*'; /** * Returns a human-readable representation of the permission. @@ -76,7 +76,7 @@ { $pattern = self::ALL_OFF; $length = \strlen($pattern); - $bitmask = str_pad(decbin($this->mask), $length, '0', STR_PAD_LEFT); + $bitmask = str_pad(decbin($this->mask), $length, '0', \STR_PAD_LEFT); for ($i = $length - 1; $i >= 0; --$i) { if ('1' === $bitmask[$i]) { diff -Nru php-symfony-security-acl-3.1.1/.php_cs.dist php-symfony-security-acl-3.3.1/.php_cs.dist --- php-symfony-security-acl-3.1.1/.php_cs.dist 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.php_cs.dist 1970-01-01 00:00:00.000000000 +0000 @@ -1,20 +0,0 @@ -setRules([ - '@Symfony' => true, - '@Symfony:risky' => true, - '@PHPUnit75Migration:risky' => true, - 'php_unit_dedicate_assert' => ['target' => '5.6'], - 'array_syntax' => ['syntax' => 'short'], - 'php_unit_fqcn_annotation' => true, - 'no_unreachable_default_argument_value' => false, - 'braces' => ['allow_single_line_closure' => true], - 'heredoc_to_nowdoc' => false, - 'ordered_imports' => true, - 'phpdoc_types_order' => ['null_adjustment' => 'always_last', 'sort_algorithm' => 'none'], - 'native_function_invocation' => ['include' => ['@compiler_optimized'], 'scope' => 'all'], - ]) - ->setRiskyAllowed(true) - ->setFinder(PhpCsFixer\Finder::create()->in(__DIR__)) -; diff -Nru php-symfony-security-acl-3.1.1/.php-cs-fixer.dist.php php-symfony-security-acl-3.3.1/.php-cs-fixer.dist.php --- php-symfony-security-acl-3.1.1/.php-cs-fixer.dist.php 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/.php-cs-fixer.dist.php 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,17 @@ +setRules([ + '@PHP71Migration' => true, + '@PHPUnit75Migration:risky' => true, + '@Symfony' => true, + '@Symfony:risky' => true, + 'protected_to_private' => false, + ]) + ->setRiskyAllowed(true) + ->setFinder( + (new PhpCsFixer\Finder()) + ->in(__DIR__) + ->append([__FILE__]) + ) +; diff -Nru php-symfony-security-acl-3.1.1/phpunit.xml.dist php-symfony-security-acl-3.3.1/phpunit.xml.dist --- php-symfony-security-acl-3.1.1/phpunit.xml.dist 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/phpunit.xml.dist 2022-02-15 18:20:11.000000000 +0000 @@ -1,15 +1,10 @@ @@ -31,4 +26,12 @@ + + + benchmark + + + + + diff -Nru php-symfony-security-acl-3.1.1/psalm.xml php-symfony-security-acl-3.3.1/psalm.xml --- php-symfony-security-acl-3.1.1/psalm.xml 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/psalm.xml 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,21 @@ + + + + + + + + + + + + + diff -Nru php-symfony-security-acl-3.1.1/README.md php-symfony-security-acl-3.3.1/README.md --- php-symfony-security-acl-3.1.1/README.md 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/README.md 2022-02-15 18:20:11.000000000 +0000 @@ -11,7 +11,7 @@ Documentation: -https://symfony.com/doc/3.0/book/security.html +https://github.com/symfony/acl-bundle/blob/main/src/Resources/doc/index.rst Tests ----- diff -Nru php-symfony-security-acl-3.1.1/Resources/bin/generateSql.php php-symfony-security-acl-3.3.1/Resources/bin/generateSql.php --- php-symfony-security-acl-3.1.1/Resources/bin/generateSql.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Resources/bin/generateSql.php 2022-02-15 18:20:11.000000000 +0000 @@ -9,22 +9,11 @@ * file that was distributed with this source code. */ -require_once __DIR__.'/../../../../ClassLoader/ClassLoader.php'; +require_once __DIR__.'/../../vendor/autoload.php'; -use Symfony\Component\ClassLoader\ClassLoader; use Symfony\Component\Finder\Finder; use Symfony\Component\Security\Acl\Dbal\Schema; -$loader = new ClassLoader(); -$loader->addPrefixes([ - 'Symfony' => __DIR__.'/../../../../../..', - 'Doctrine\\Common' => __DIR__.'/../../../../../../../vendor/doctrine-common/lib', - 'Doctrine\\DBAL\\Migrations' => __DIR__.'/../../../../../../../vendor/doctrine-migrations/lib', - 'Doctrine\\DBAL' => __DIR__.'/../../../../../../../vendor/doctrine/dbal/lib', - 'Doctrine' => __DIR__.'/../../../../../../../vendor/doctrine/lib', -]); -$loader->register(); - $schema = new Schema([ 'class_table_name' => 'acl_classes', 'entry_table_name' => 'acl_entries', @@ -35,9 +24,8 @@ $reflection = new ReflectionClass('Doctrine\\DBAL\\Platforms\\AbstractPlatform'); $finder = new Finder(); -$finder->name('*Platform.php')->in(\dirname($reflection->getFileName())); +$finder->name('*Platform.php')->in(dirname($reflection->getFileName())); foreach ($finder as $file) { - require_once $file->getPathName(); $className = 'Doctrine\\DBAL\\Platforms\\'.$file->getBasename('.php'); $reflection = new ReflectionClass($className); diff -Nru php-symfony-security-acl-3.1.1/Resources/schema/db2.sql php-symfony-security-acl-3.3.1/Resources/schema/db2.sql --- php-symfony-security-acl-3.1.1/Resources/schema/db2.sql 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Resources/schema/db2.sql 2022-02-15 18:20:11.000000000 +0000 @@ -6,12 +6,16 @@ CREATE UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 ON acl_security_identities (identifier, username) +COMMENT ON COLUMN acl_security_identities.username IS '(DC2Type:boolean)' + CREATE TABLE acl_object_identities (id INTEGER GENERATED BY DEFAULT AS IDENTITY NOT NULL, parent_object_identity_id INTEGER DEFAULT NULL, class_id INTEGER NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting SMALLINT NOT NULL, PRIMARY KEY(id)) CREATE UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 ON acl_object_identities (object_identifier, class_id) CREATE INDEX IDX_9407E54977FA751A ON acl_object_identities (parent_object_identity_id) +COMMENT ON COLUMN acl_object_identities.entries_inheriting IS '(DC2Type:boolean)' + CREATE TABLE acl_object_identity_ancestors (object_identity_id INTEGER NOT NULL, ancestor_id INTEGER NOT NULL, PRIMARY KEY(object_identity_id, ancestor_id)) CREATE INDEX IDX_825DE2993D9AB4A6 ON acl_object_identity_ancestors (object_identity_id) @@ -30,6 +34,12 @@ CREATE INDEX IDX_46C8B806DF9183C9 ON acl_entries (security_identity_id) +COMMENT ON COLUMN acl_entries.granting IS '(DC2Type:boolean)' + +COMMENT ON COLUMN acl_entries.audit_success IS '(DC2Type:boolean)' + +COMMENT ON COLUMN acl_entries.audit_failure IS '(DC2Type:boolean)' + ALTER TABLE acl_object_identities ADD CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) ALTER TABLE acl_object_identity_ancestors ADD CONSTRAINT FK_825DE2993D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE diff -Nru php-symfony-security-acl-3.1.1/Resources/schema/mysql.sql php-symfony-security-acl-3.3.1/Resources/schema/mysql.sql --- php-symfony-security-acl-3.1.1/Resources/schema/mysql.sql 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Resources/schema/mysql.sql 2022-02-15 18:20:11.000000000 +0000 @@ -1,12 +1,12 @@ -CREATE TABLE acl_classes (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL, UNIQUE INDEX UNIQ_69DD750638A36066 (class_type), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB +CREATE TABLE acl_classes (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL, UNIQUE INDEX UNIQ_69DD750638A36066 (class_type), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE `utf8_unicode_ci` ENGINE = InnoDB -CREATE TABLE acl_security_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 (identifier, username), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB +CREATE TABLE acl_security_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 (identifier, username), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE `utf8_unicode_ci` ENGINE = InnoDB -CREATE TABLE acl_object_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, parent_object_identity_id INT UNSIGNED DEFAULT NULL, class_id INT UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 (object_identifier, class_id), INDEX IDX_9407E54977FA751A (parent_object_identity_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB +CREATE TABLE acl_object_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, parent_object_identity_id INT UNSIGNED DEFAULT NULL, class_id INT UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 (object_identifier, class_id), INDEX IDX_9407E54977FA751A (parent_object_identity_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE `utf8_unicode_ci` ENGINE = InnoDB -CREATE TABLE acl_object_identity_ancestors (object_identity_id INT UNSIGNED NOT NULL, ancestor_id INT UNSIGNED NOT NULL, INDEX IDX_825DE2993D9AB4A6 (object_identity_id), INDEX IDX_825DE299C671CEA1 (ancestor_id), PRIMARY KEY(object_identity_id, ancestor_id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB +CREATE TABLE acl_object_identity_ancestors (object_identity_id INT UNSIGNED NOT NULL, ancestor_id INT UNSIGNED NOT NULL, INDEX IDX_825DE2993D9AB4A6 (object_identity_id), INDEX IDX_825DE299C671CEA1 (ancestor_id), PRIMARY KEY(object_identity_id, ancestor_id)) DEFAULT CHARACTER SET utf8 COLLATE `utf8_unicode_ci` ENGINE = InnoDB -CREATE TABLE acl_entries (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_id INT UNSIGNED NOT NULL, object_identity_id INT UNSIGNED DEFAULT NULL, security_identity_id INT UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INT NOT NULL, granting TINYINT(1) NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success TINYINT(1) NOT NULL, audit_failure TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 (class_id, object_identity_id, field_name, ace_order), INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 (class_id, object_identity_id, security_identity_id), INDEX IDX_46C8B806EA000B10 (class_id), INDEX IDX_46C8B8063D9AB4A6 (object_identity_id), INDEX IDX_46C8B806DF9183C9 (security_identity_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB +CREATE TABLE acl_entries (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_id INT UNSIGNED NOT NULL, object_identity_id INT UNSIGNED DEFAULT NULL, security_identity_id INT UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INT NOT NULL, granting TINYINT(1) NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success TINYINT(1) NOT NULL, audit_failure TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 (class_id, object_identity_id, field_name, ace_order), INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 (class_id, object_identity_id, security_identity_id), INDEX IDX_46C8B806EA000B10 (class_id), INDEX IDX_46C8B8063D9AB4A6 (object_identity_id), INDEX IDX_46C8B806DF9183C9 (security_identity_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE `utf8_unicode_ci` ENGINE = InnoDB ALTER TABLE acl_object_identities ADD CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) diff -Nru php-symfony-security-acl-3.1.1/Resources/schema/sqlite.sql php-symfony-security-acl-3.3.1/Resources/schema/sqlite.sql --- php-symfony-security-acl-3.1.1/Resources/schema/sqlite.sql 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Resources/schema/sqlite.sql 2022-02-15 18:20:11.000000000 +0000 @@ -1,24 +1,24 @@ -CREATE TABLE acl_classes (id INTEGER NOT NULL, class_type VARCHAR(200) NOT NULL, PRIMARY KEY(id)) +CREATE TABLE acl_classes (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL) CREATE UNIQUE INDEX UNIQ_69DD750638A36066 ON acl_classes (class_type) -CREATE TABLE acl_security_identities (id INTEGER NOT NULL, identifier VARCHAR(200) NOT NULL, username BOOLEAN NOT NULL, PRIMARY KEY(id)) +CREATE TABLE acl_security_identities (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username BOOLEAN NOT NULL) CREATE UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 ON acl_security_identities (identifier, username) -CREATE TABLE acl_object_identities (id INTEGER NOT NULL, parent_object_identity_id INTEGER UNSIGNED DEFAULT NULL, class_id INTEGER UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BOOLEAN NOT NULL, PRIMARY KEY(id), CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) NOT DEFERRABLE INITIALLY IMMEDIATE) +CREATE TABLE acl_object_identities (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, parent_object_identity_id INTEGER UNSIGNED DEFAULT NULL, class_id INTEGER UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BOOLEAN NOT NULL, CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) NOT DEFERRABLE INITIALLY IMMEDIATE) CREATE UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 ON acl_object_identities (object_identifier, class_id) CREATE INDEX IDX_9407E54977FA751A ON acl_object_identities (parent_object_identity_id) -CREATE TABLE acl_object_identity_ancestors (object_identity_id INTEGER UNSIGNED NOT NULL, ancestor_id INTEGER UNSIGNED NOT NULL, PRIMARY KEY(object_identity_id, ancestor_id), CONSTRAINT FK_825DE2993D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_825DE299C671CEA1 FOREIGN KEY (ancestor_id) REFERENCES acl_object_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE) +CREATE TABLE acl_object_identity_ancestors (object_identity_id INTEGER UNSIGNED NOT NULL, ancestor_id INTEGER UNSIGNED NOT NULL, PRIMARY KEY(object_identity_id, ancestor_id), CONSTRAINT FK_825DE2993D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_825DE299C671CEA1 FOREIGN KEY (ancestor_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE) CREATE INDEX IDX_825DE2993D9AB4A6 ON acl_object_identity_ancestors (object_identity_id) CREATE INDEX IDX_825DE299C671CEA1 ON acl_object_identity_ancestors (ancestor_id) -CREATE TABLE acl_entries (id INTEGER NOT NULL, class_id INTEGER UNSIGNED NOT NULL, object_identity_id INTEGER UNSIGNED DEFAULT NULL, security_identity_id INTEGER UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INTEGER NOT NULL, granting BOOLEAN NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BOOLEAN NOT NULL, audit_failure BOOLEAN NOT NULL, PRIMARY KEY(id), CONSTRAINT FK_46C8B806EA000B10 FOREIGN KEY (class_id) REFERENCES acl_classes (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_46C8B8063D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_46C8B806DF9183C9 FOREIGN KEY (security_identity_id) REFERENCES acl_security_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE) +CREATE TABLE acl_entries (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, class_id INTEGER UNSIGNED NOT NULL, object_identity_id INTEGER UNSIGNED DEFAULT NULL, security_identity_id INTEGER UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INTEGER NOT NULL, granting BOOLEAN NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BOOLEAN NOT NULL, audit_failure BOOLEAN NOT NULL, CONSTRAINT FK_46C8B806EA000B10 FOREIGN KEY (class_id) REFERENCES acl_classes (id) ON UPDATE CASCADE ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_46C8B8063D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_46C8B806DF9183C9 FOREIGN KEY (security_identity_id) REFERENCES acl_security_identities (id) ON UPDATE CASCADE ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE) CREATE UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 ON acl_entries (class_id, object_identity_id, field_name, ace_order) diff -Nru php-symfony-security-acl-3.1.1/Tests/Dbal/AclProviderBenchmarkTest.php php-symfony-security-acl-3.3.1/Tests/Dbal/AclProviderBenchmarkTest.php --- php-symfony-security-acl-3.1.1/Tests/Dbal/AclProviderBenchmarkTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Dbal/AclProviderBenchmarkTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,7 +11,9 @@ namespace Symfony\Component\Security\Acl\Tests\Dbal; +use Doctrine\DBAL\Connection; use Doctrine\DBAL\DriverManager; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Dbal\AclProvider; use Symfony\Component\Security\Acl\Dbal\Schema; use Symfony\Component\Security\Acl\Domain\ObjectIdentity; @@ -20,10 +22,10 @@ /** * @group benchmark */ -class AclProviderBenchmarkTest extends \PHPUnit\Framework\TestCase +class AclProviderBenchmarkTest extends TestCase { - /** @var \Doctrine\DBAL\Connection */ - protected $con; + /** @var Connection */ + protected $connection; protected $insertClassStmt; protected $insertSidStmt; protected $insertOidAncestorStmt; @@ -33,13 +35,13 @@ protected function setUp(): void { try { - $this->con = DriverManager::getConnection([ + $this->connection = DriverManager::getConnection([ 'driver' => 'pdo_mysql', 'host' => 'localhost', 'user' => 'root', 'dbname' => 'testdb', ]); - $this->con->connect(); + $this->connection->connect(); } catch (\Exception $e) { $this->markTestSkipped('Unable to connect to the database: '.$e->getMessage()); } @@ -47,7 +49,7 @@ protected function tearDown(): void { - $this->con = null; + $this->connection = null; } public function testFindAcls() @@ -56,8 +58,8 @@ // get some random test object identities from the database $oids = []; - $stmt = $this->con->executeQuery('SELECT object_identifier, class_type FROM acl_object_identities o INNER JOIN acl_classes c ON c.id = o.class_id ORDER BY RAND() LIMIT 25'); - foreach ($stmt->fetchAll() as $oid) { + $stmt = $this->connection->executeQuery('SELECT object_identifier, class_type FROM acl_object_identities o INNER JOIN acl_classes c ON c.id = o.class_id ORDER BY RAND() LIMIT 25'); + foreach ($stmt->fetchAllAssociative() as $oid) { $oids[] = new ObjectIdentity($oid['object_identifier'], $oid['class_type']); } @@ -75,22 +77,23 @@ */ protected function generateTestData() { - $sm = $this->con->getSchemaManager(); - $sm->dropAndCreateDatabase('testdb'); - $this->con->exec('USE testdb'); + $sm = $this->connection->createSchemaManager(); + $sm->dropDatabase('testdb'); + $sm->createDatabase('testdb'); + $this->connection->executeStatement('USE testdb'); // import the schema $schema = new Schema($options = $this->getOptions()); - foreach ($schema->toSql($this->con->getDatabasePlatform()) as $sql) { - $this->con->exec($sql); + foreach ($schema->toSql($this->connection->getDatabasePlatform()) as $sql) { + $this->connection->executeStatement($sql); } // setup prepared statements - $this->insertClassStmt = $this->con->prepare('INSERT INTO acl_classes (id, class_type) VALUES (?, ?)'); - $this->insertSidStmt = $this->con->prepare('INSERT INTO acl_security_identities (id, identifier, username) VALUES (?, ?, ?)'); - $this->insertOidStmt = $this->con->prepare('INSERT INTO acl_object_identities (id, class_id, object_identifier, parent_object_identity_id, entries_inheriting) VALUES (?, ?, ?, ?, ?)'); - $this->insertEntryStmt = $this->con->prepare('INSERT INTO acl_entries (id, class_id, object_identity_id, field_name, ace_order, security_identity_id, mask, granting, granting_strategy, audit_success, audit_failure) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); - $this->insertOidAncestorStmt = $this->con->prepare('INSERT INTO acl_object_identity_ancestors (object_identity_id, ancestor_id) VALUES (?, ?)'); + $this->insertClassStmt = $this->connection->prepare('INSERT INTO acl_classes (id, class_type) VALUES (?, ?)'); + $this->insertSidStmt = $this->connection->prepare('INSERT INTO acl_security_identities (id, identifier, username) VALUES (?, ?, ?)'); + $this->insertOidStmt = $this->connection->prepare('INSERT INTO acl_object_identities (id, class_id, object_identifier, parent_object_identity_id, entries_inheriting) VALUES (?, ?, ?, ?, ?)'); + $this->insertEntryStmt = $this->connection->prepare('INSERT INTO acl_entries (id, class_id, object_identity_id, field_name, ace_order, security_identity_id, mask, granting, granting_strategy, audit_success, audit_failure) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); + $this->insertOidAncestorStmt = $this->connection->prepare('INSERT INTO acl_object_identity_ancestors (object_identity_id, ancestor_id) VALUES (?, ?)'); for ($i = 0; $i < 40000; ++$i) { $this->generateAclHierarchy(); @@ -121,7 +124,7 @@ static $id = 1000; if (1000 === $id || ($id < 1500 && rand(0, 1))) { - $this->insertClassStmt->execute([$id, $this->getRandomString(rand(20, 100), 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789\\_')]); + $this->insertClassStmt->executeStatement([$id, $this->getRandomString(rand(20, 100), 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789\\_')]); ++$id; return $id - 1; @@ -134,7 +137,7 @@ { static $id = 1000; - $this->insertOidStmt->execute([ + $this->insertOidStmt->executeStatement([ $id, $classId, $this->getRandomString(rand(20, 50)), @@ -142,9 +145,9 @@ rand(0, 1), ]); - $this->insertOidAncestorStmt->execute([$id, $id]); + $this->insertOidAncestorStmt->executeStatement([$id, $id]); foreach ($ancestors as $ancestor) { - $this->insertOidAncestorStmt->execute([$id, $ancestor]); + $this->insertOidAncestorStmt->executeStatement([$id, $ancestor]); } $this->generateAces($classId, $id); @@ -158,7 +161,7 @@ static $id = 1000; if (1000 === $id || ($id < 11000 && rand(0, 1))) { - $this->insertSidStmt->execute([ + $this->insertSidStmt->executeStatement([ $id, $this->getRandomString(rand(5, 30)), rand(0, 1), @@ -201,7 +204,7 @@ } // id, cid, oid, field, order, sid, mask, granting, strategy, a success, a failure - $this->insertEntryStmt->execute([ + $this->insertEntryStmt->executeStatement([ $id, $classId, rand(0, 5) ? $objectId : null, @@ -262,6 +265,6 @@ protected function getProvider() { - return new AclProvider($this->con, $this->getStrategy(), $this->getOptions()); + return new AclProvider($this->connection, $this->getStrategy(), $this->getOptions()); } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Dbal/AclProviderTest.php php-symfony-security-acl-3.3.1/Tests/Dbal/AclProviderTest.php --- php-symfony-security-acl-3.1.1/Tests/Dbal/AclProviderTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Dbal/AclProviderTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -12,29 +12,30 @@ namespace Symfony\Component\Security\Acl\Tests\Dbal; use Doctrine\DBAL\DriverManager; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Dbal\AclProvider; use Symfony\Component\Security\Acl\Dbal\Schema; +use Symfony\Component\Security\Acl\Domain\Acl; +use Symfony\Component\Security\Acl\Domain\Entry; use Symfony\Component\Security\Acl\Domain\ObjectIdentity; use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy; +use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; +use Symfony\Component\Security\Acl\Exception\AclNotFoundException; +use Symfony\Component\Security\Acl\Exception\NotAllAclsFoundException; /** * @requires extension pdo_sqlite */ -class AclProviderTest extends \PHPUnit\Framework\TestCase +class AclProviderTest extends TestCase { - protected $con; - protected $insertClassStmt; - protected $insertEntryStmt; - protected $insertOidStmt; - protected $insertOidAncestorStmt; - protected $insertSidStmt; + private $connection; /** * @expectedMessage There is no ACL for the given object identity. */ public function testFindAclThrowsExceptionWhenNoAclExists() { - $this->expectException(\Symfony\Component\Security\Acl\Exception\AclNotFoundException::class); + $this->expectException(AclNotFoundException::class); $this->getProvider()->findAcl(new ObjectIdentity('foo', 'foo')); } @@ -50,8 +51,8 @@ $this->fail('Provider did not throw an expected exception.'); } catch (\Exception $e) { - $this->assertInstanceOf('Symfony\Component\Security\Acl\Exception\AclNotFoundException', $e); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Exception\NotAllAclsFoundException', $e); + $this->assertInstanceOf(AclNotFoundException::class, $e); + $this->assertInstanceOf(NotAllAclsFoundException::class, $e); $partialResult = $e->getPartialResult(); $this->assertTrue($partialResult->contains($oids[0])); @@ -70,8 +71,8 @@ $acls = $provider->findAcls($oids); $this->assertInstanceOf('SplObjectStorage', $acls); $this->assertCount(2, $acls); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl0 = $acls->offsetGet($oids[0])); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl1 = $acls->offsetGet($oids[1])); + $this->assertInstanceOf(Acl::class, $acl0 = $acls->offsetGet($oids[0])); + $this->assertInstanceOf(Acl::class, $acl1 = $acls->offsetGet($oids[1])); $this->assertTrue($oids[0]->equals($acl0->getObjectIdentity())); $this->assertTrue($oids[1]->equals($acl1->getObjectIdentity())); } @@ -87,8 +88,8 @@ $acls = $provider->findAcls($oids); $this->assertInstanceOf('SplObjectStorage', $acls); $this->assertCount(2, $acls); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl0 = $acls->offsetGet($oids[0])); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl1 = $acls->offsetGet($oids[1])); + $this->assertInstanceOf(Acl::class, $acl0 = $acls->offsetGet($oids[0])); + $this->assertInstanceOf(Acl::class, $acl1 = $acls->offsetGet($oids[1])); $this->assertTrue($oids[0]->equals($acl0->getObjectIdentity())); $this->assertTrue($oids[1]->equals($acl1->getObjectIdentity())); } @@ -114,7 +115,7 @@ $acl = $provider->findAcl($oid); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl); + $this->assertInstanceOf(Acl::class, $acl); $this->assertTrue($oid->equals($acl->getObjectIdentity())); $this->assertEquals(4, $acl->getId()); $this->assertCount(0, $acl->getClassAces()); @@ -123,7 +124,7 @@ $this->assertCount(0, $this->getField($acl, 'objectFieldAces')); $aces = $acl->getObjectAces(); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Entry', $aces[0]); + $this->assertInstanceOf(Entry::class, $aces[0]); $this->assertTrue($aces[0]->isGranting()); $this->assertTrue($aces[0]->isAuditSuccess()); $this->assertTrue($aces[0]->isAuditFailure()); @@ -138,54 +139,54 @@ } $sid = $aces[0]->getSecurityIdentity(); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\UserSecurityIdentity', $sid); + $this->assertInstanceOf(UserSecurityIdentity::class, $sid); $this->assertEquals('john.doe', $sid->getUsername()); $this->assertEquals('SomeClass', $sid->getClass()); } protected function setUp(): void { - $this->con = DriverManager::getConnection([ + $this->connection = DriverManager::getConnection([ 'driver' => 'pdo_sqlite', 'memory' => true, ]); // import the schema - $schema = new Schema($options = $this->getOptions()); - foreach ($schema->toSql($this->con->getDatabasePlatform()) as $sql) { - $this->con->exec($sql); + $schema = new Schema($this->getOptions()); + foreach ($schema->toSql($this->connection->getDatabasePlatform()) as $sql) { + $this->connection->executeStatement($sql); } // populate the schema with some test data - $this->insertClassStmt = $this->con->prepare('INSERT INTO acl_classes (id, class_type) VALUES (?, ?)'); + $insertClassStmt = $this->connection->prepare('INSERT INTO acl_classes (id, class_type) VALUES (?, ?)'); foreach ($this->getClassData() as $data) { - $this->insertClassStmt->execute($data); + $insertClassStmt->executeStatement($data); } - $this->insertSidStmt = $this->con->prepare('INSERT INTO acl_security_identities (id, identifier, username) VALUES (?, ?, ?)'); + $insertSidStmt = $this->connection->prepare('INSERT INTO acl_security_identities (id, identifier, username) VALUES (?, ?, ?)'); foreach ($this->getSidData() as $data) { - $this->insertSidStmt->execute($data); + $insertSidStmt->executeStatement($data); } - $this->insertOidStmt = $this->con->prepare('INSERT INTO acl_object_identities (id, class_id, object_identifier, parent_object_identity_id, entries_inheriting) VALUES (?, ?, ?, ?, ?)'); + $insertOidStmt = $this->connection->prepare('INSERT INTO acl_object_identities (id, class_id, object_identifier, parent_object_identity_id, entries_inheriting) VALUES (?, ?, ?, ?, ?)'); foreach ($this->getOidData() as $data) { - $this->insertOidStmt->execute($data); + $insertOidStmt->executeStatement($data); } - $this->insertEntryStmt = $this->con->prepare('INSERT INTO acl_entries (id, class_id, object_identity_id, field_name, ace_order, security_identity_id, mask, granting, granting_strategy, audit_success, audit_failure) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); + $insertEntryStmt = $this->connection->prepare('INSERT INTO acl_entries (id, class_id, object_identity_id, field_name, ace_order, security_identity_id, mask, granting, granting_strategy, audit_success, audit_failure) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); foreach ($this->getEntryData() as $data) { - $this->insertEntryStmt->execute($data); + $insertEntryStmt->executeStatement($data); } - $this->insertOidAncestorStmt = $this->con->prepare('INSERT INTO acl_object_identity_ancestors (object_identity_id, ancestor_id) VALUES (?, ?)'); + $insertOidAncestorStmt = $this->connection->prepare('INSERT INTO acl_object_identity_ancestors (object_identity_id, ancestor_id) VALUES (?, ?)'); foreach ($this->getOidAncestorData() as $data) { - $this->insertOidAncestorStmt->execute($data); + $insertOidAncestorStmt->executeStatement($data); } } protected function tearDown(): void { - $this->con = null; + $this->connection = null; } protected function getField($object, $field) @@ -269,13 +270,13 @@ ]; } - protected function getStrategy() + protected function getStrategy(): PermissionGrantingStrategy { return new PermissionGrantingStrategy(); } - protected function getProvider() + protected function getProvider(): AclProvider { - return new AclProvider($this->con, $this->getStrategy(), $this->getOptions()); + return new AclProvider($this->connection, $this->getStrategy(), $this->getOptions()); } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Dbal/MutableAclProviderTest.php php-symfony-security-acl-3.3.1/Tests/Dbal/MutableAclProviderTest.php --- php-symfony-security-acl-3.1.1/Tests/Dbal/MutableAclProviderTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Dbal/MutableAclProviderTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,7 +11,9 @@ namespace Symfony\Component\Security\Acl\Tests\Dbal; +use Doctrine\DBAL\Connection; use Doctrine\DBAL\DriverManager; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Dbal\AclProvider; use Symfony\Component\Security\Acl\Dbal\MutableAclProvider; use Symfony\Component\Security\Acl\Dbal\Schema; @@ -30,9 +32,9 @@ /** * @requires extension pdo_sqlite */ -class MutableAclProviderTest extends \PHPUnit\Framework\TestCase +class MutableAclProviderTest extends TestCase { - protected $con; + protected $connection; public static function assertAceEquals(EntryInterface $a, EntryInterface $b) { @@ -72,7 +74,7 @@ $acl = $provider->createAcl($oid); $cachedAcl = $provider->findAcl($oid); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl); + $this->assertInstanceOf(Acl::class, $acl); $this->assertSame($acl, $cachedAcl); $this->assertTrue($acl->getObjectIdentity()->equals($oid)); } @@ -103,11 +105,10 @@ $provider->updateAcl($acl); $provider->deleteAcl($parentAcl->getObjectIdentity()); - try { - $provider->findAcl(new ObjectIdentity(1, 'Foo')); - $this->fail('Child-ACLs have not been deleted.'); - } catch (AclNotFoundException $e) { - } + $this->expectException(AclNotFoundException::class); + $this->expectExceptionMessage('There is no ACL for the given object identity.'); + + $provider->findAcl(new ObjectIdentity(1, 'Foo')); } public function testFindAclsAddsPropertyListener() @@ -252,7 +253,8 @@ public function testUpdateDoesNothingWhenThereAreNoChanges() { - $con = $this->getMock('Doctrine\DBAL\Connection', [], [], '', false); + $con = $this->createMock(Connection::class); + $con ->expects($this->never()) ->method('beginTransaction') @@ -287,11 +289,11 @@ $acl1->insertClassAce($sid, 3); $acl2->insertClassAce($sid, 5); - try { - $provider->updateAcl($acl1); - $this->fail('Provider failed to detect a concurrent modification.'); - } catch (ConcurrentModificationException $e) { - } + + $this->expectException(ConcurrentModificationException::class); + $this->expectExceptionMessage('The "classAces" property has been modified concurrently.'); + + $provider->updateAcl($acl1); } public function testUpdateAcl() @@ -382,6 +384,9 @@ $acl = $provider->findAcl($oid); $acl->insertObjectFieldAce($fieldName, $sid3, 4); $provider->updateAcl($acl); + + $acls = $provider->findAcl($oid); + $this->assertCount(3, $acls->getObjectFieldAces($fieldName)); } public function testUpdateAclDeletingObjectFieldAcesThrowsDBConstraintViolations() @@ -408,6 +413,9 @@ $acl = $provider->findAcl($oid); $acl->insertObjectFieldAce($fieldName, $sid3, 4); $provider->updateAcl($acl); + + $acls = $provider->findAcl($oid); + $this->assertCount(2, $acls->getObjectFieldAces($fieldName)); } public function testUpdateUserSecurityIdentity() @@ -471,12 +479,12 @@ $aclIds[$name] = $aclId; $sql = $this->callMethod($provider, 'getInsertObjectIdentityRelationSql', [$aclId, $aclId]); - $con->executeUpdate($sql); + $con->executeStatement($sql); if (isset($aclData['parent_acl'])) { if (isset($aclIds[$aclData['parent_acl']])) { - $con->executeUpdate('UPDATE acl_object_identities SET parent_object_identity_id = '.$aclIds[$aclData['parent_acl']].' WHERE id = '.$aclId); - $con->executeUpdate($this->callMethod($provider, 'getInsertObjectIdentityRelationSql', [$aclId, $aclIds[$aclData['parent_acl']]])); + $con->executeStatement('UPDATE acl_object_identities SET parent_object_identity_id = '.$aclIds[$aclData['parent_acl']].' WHERE id = '.$aclId); + $con->executeStatement($this->callMethod($provider, 'getInsertObjectIdentityRelationSql', [$aclId, $aclIds[$aclData['parent_acl']]])); } else { $parentAcls[$aclId] = $aclData['parent_acl']; } @@ -488,8 +496,8 @@ throw new \InvalidArgumentException(sprintf('"%s" does not exist.', $name)); } - $con->executeUpdate(sprintf('UPDATE acl_object_identities SET parent_object_identity_id = %d WHERE id = %d', $aclIds[$name], $aclId)); - $con->executeUpdate($this->callMethod($provider, 'getInsertObjectIdentityRelationSql', [$aclId, $aclIds[$name]])); + $con->executeStatement(sprintf('UPDATE acl_object_identities SET parent_object_identity_id = %d WHERE id = %d', $aclIds[$name], $aclId)); + $con->executeStatement($this->callMethod($provider, 'getInsertObjectIdentityRelationSql', [$aclId, $aclIds[$name]])); } $con->commit(); @@ -510,21 +518,21 @@ protected function setUp(): void { - $this->con = DriverManager::getConnection([ + $this->connection = DriverManager::getConnection([ 'driver' => 'pdo_sqlite', 'memory' => true, ]); // import the schema $schema = new Schema($this->getOptions()); - foreach ($schema->toSql($this->con->getDatabasePlatform()) as $sql) { - $this->con->exec($sql); + foreach ($schema->toSql($this->connection->getDatabasePlatform()) as $sql) { + $this->connection->executeStatement($sql); } } protected function tearDown(): void { - $this->con = null; + $this->connection = null; } protected function getField($object, $field) @@ -561,6 +569,6 @@ protected function getProvider($cache = null) { - return new MutableAclProvider($this->con, $this->getStrategy(), $this->getOptions(), $cache); + return new MutableAclProvider($this->connection, $this->getStrategy(), $this->getOptions(), $cache); } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/AclTest.php php-symfony-security-acl-3.3.1/Tests/Domain/AclTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/AclTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/AclTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,13 +11,17 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; +use Doctrine\Persistence\PropertyChangedListener; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Domain\Acl; +use Symfony\Component\Security\Acl\Domain\Entry; use Symfony\Component\Security\Acl\Domain\ObjectIdentity; use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy; use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; +use Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface; -class AclTest extends \PHPUnit\Framework\TestCase +class AclTest extends TestCase { public function testConstructor() { @@ -34,9 +38,9 @@ */ public function testDeleteAceThrowsExceptionOnInvalidIndex($type) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); + + $this->expectException(\OutOfBoundsException::class); $acl->{'delete'.$type.'Ace'}(0); } @@ -80,10 +84,10 @@ */ public function testDeleteFieldAceThrowsExceptionOnInvalidIndex($type) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); - $acl->{'delete'.$type.'Ace'}('foo', 0); + + $this->expectException(\OutOfBoundsException::class); + $acl->{'delete'.$type.'Ace'}(0, 'foo'); } /** @@ -149,9 +153,9 @@ */ public function testInsertClassAceThrowsExceptionOnInvalidIndex($property, $method) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); + + $this->expectException(\OutOfBoundsException::class); $acl->$method(new RoleSecurityIdentity('foo'), 1, 1); } @@ -194,9 +198,9 @@ */ public function testInsertClassFieldAceThrowsExceptionOnInvalidIndex($property, $method) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); + + $this->expectException(\OutOfBoundsException::class); $acl->$method('foo', new RoleSecurityIdentity('foo'), 1, 1); } @@ -212,7 +216,7 @@ { $sids = [new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('ROLE_IDDQD')]; $masks = [1, 2, 4]; - $strategy = $this->createMock('Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface'); + $strategy = $this->createMock(PermissionGrantingStrategyInterface::class); $acl = new Acl(1, new ObjectIdentity(1, 'foo'), $strategy, [], true); $strategy @@ -229,7 +233,7 @@ { $sids = [new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('ROLE_IDDQD')]; $masks = [1, 2, 4]; - $strategy = $this->createMock('Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface'); + $strategy = $this->createMock(PermissionGrantingStrategyInterface::class); $acl = new Acl(1, new ObjectIdentity(1, 'foo'), $strategy, [], true); $strategy @@ -302,9 +306,9 @@ */ public function testUpdateAceThrowsOutOfBoundsExceptionOnInvalidIndex($type) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); + + $this->expectException(\OutOfBoundsException::class); $acl->{'update'.$type}(0, 1); } @@ -348,9 +352,9 @@ */ public function testUpdateFieldAceThrowsExceptionOnInvalidIndex($type) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); + + $this->expectException(\OutOfBoundsException::class); $acl->{'update'.$type}(0, 'foo', 1); } @@ -394,9 +398,9 @@ */ public function testUpdateAuditingThrowsExceptionOnInvalidIndex($type) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); + + $this->expectException(\OutOfBoundsException::class); $acl->{'update'.$type.'Auditing'}(0, true, false); } @@ -440,9 +444,9 @@ */ public function testUpdateFieldAuditingThrowsExceptionOnInvalidField($type) { - $this->expectException(\InvalidArgumentException::class); - $acl = $this->getAcl(); + + $this->expectException(\InvalidArgumentException::class); $acl->{'update'.$type.'Auditing'}(0, 'foo', true, true); } @@ -451,10 +455,10 @@ */ public function testUpdateFieldAuditingThrowsExceptionOnInvalidIndex($type) { - $this->expectException(\OutOfBoundsException::class); - $acl = $this->getAcl(); $acl->{'insert'.$type.'Ace'}('foo', new RoleSecurityIdentity('foo'), 1); + + $this->expectException(\OutOfBoundsException::class); $acl->{'update'.$type.'Auditing'}(1, 'foo', true, false); } @@ -497,20 +501,21 @@ { $aceProperties = ['aceOrder', 'mask', 'strategy', 'auditSuccess', 'auditFailure']; - $listener = $this->createMock('Doctrine\Persistence\PropertyChangedListener;'); + $arguments = []; + $listener = $this->createMock(PropertyChangedListener::class); foreach ($expectedChanges as $index => $property) { if (\in_array($property, $aceProperties)) { - $class = 'Symfony\Component\Security\Acl\Domain\Entry'; + $class = Entry::class; } else { - $class = 'Symfony\Component\Security\Acl\Domain\Acl'; + $class = Acl::class; } - $listener - ->expects($this->at($index)) - ->method('propertyChanged') - ->with($this->isInstanceOf($class), $this->equalTo($property)) - ; + $arguments[] = [$this->isInstanceOf($class), $this->equalTo($property)]; } + $listener + ->method('propertyChanged') + ->withConsecutive(...$arguments) + ; return $listener; } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/AuditLoggerTest.php php-symfony-security-acl-3.3.1/Tests/Domain/AuditLoggerTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/AuditLoggerTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/AuditLoggerTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,7 +11,11 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; -class AuditLoggerTest extends \PHPUnit\Framework\TestCase +use PHPUnit\Framework\TestCase; +use Symfony\Component\Security\Acl\Domain\AuditLogger; +use Symfony\Component\Security\Acl\Tests\Fixtures\SerializableAuditableEntryInterface; + +class AuditLoggerTest extends TestCase { /** * @dataProvider getTestLogData @@ -73,11 +77,11 @@ protected function getEntry() { - return $this->createMock('Symfony\Component\Security\Acl\Model\AuditableEntryInterface'); + return $this->createMock(SerializableAuditableEntryInterface::class); } protected function getLogger() { - return $this->getMockForAbstractClass('Symfony\Component\Security\Acl\Domain\AuditLogger'); + return $this->getMockForAbstractClass(AuditLogger::class); } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/DoctrineAclCacheTest.php php-symfony-security-acl-3.3.1/Tests/Domain/DoctrineAclCacheTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/DoctrineAclCacheTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/DoctrineAclCacheTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,14 +11,16 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; -use Doctrine\Common\Cache\ArrayCache; +use Doctrine\Common\Cache\Psr6\DoctrineProvider; +use PHPUnit\Framework\TestCase; +use Symfony\Component\Cache\Adapter\ArrayAdapter; use Symfony\Component\Security\Acl\Domain\Acl; use Symfony\Component\Security\Acl\Domain\DoctrineAclCache; use Symfony\Component\Security\Acl\Domain\ObjectIdentity; use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; -class DoctrineAclCacheTest extends \PHPUnit\Framework\TestCase +class DoctrineAclCacheTest extends TestCase { protected $permissionGrantingStrategy; @@ -29,7 +31,7 @@ { $this->expectException(\InvalidArgumentException::class); - new DoctrineAclCache(new ArrayCache(), $this->getPermissionGrantingStrategy(), $empty); + new DoctrineAclCache(DoctrineProvider::wrap(new ArrayAdapter()), $this->getPermissionGrantingStrategy(), $empty); } public function getEmptyValue() @@ -94,7 +96,7 @@ protected function getCache($cacheDriver = null, $prefix = DoctrineAclCache::PREFIX) { if (null === $cacheDriver) { - $cacheDriver = new ArrayCache(); + $cacheDriver = DoctrineProvider::wrap(new ArrayAdapter()); } return new DoctrineAclCache($cacheDriver, $this->getPermissionGrantingStrategy(), $prefix); diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/EntryTest.php php-symfony-security-acl-3.3.1/Tests/Domain/EntryTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/EntryTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/EntryTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,9 +11,12 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Domain\Entry; +use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; +use Symfony\Component\Security\Acl\Tests\Fixtures\SerializableAclInterface; -class EntryTest extends \PHPUnit\Framework\TestCase +class EntryTest extends TestCase { public function testConstructor() { @@ -77,7 +80,7 @@ $uAce = unserialize($serialized); $this->assertNull($uAce->getAcl()); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Model\SecurityIdentityInterface', $uAce->getSecurityIdentity()); + $this->assertInstanceOf(SecurityIdentityInterface::class, $uAce->getSecurityIdentity()); $this->assertEquals($ace->getId(), $uAce->getId()); $this->assertEquals($ace->getMask(), $uAce->getMask()); $this->assertEquals($ace->getStrategy(), $uAce->getStrategy()); @@ -109,11 +112,11 @@ protected function getAcl() { - return $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface'); + return $this->createMock(SerializableAclInterface::class); } protected function getSid() { - return $this->createMock('Symfony\Component\Security\Acl\Model\SecurityIdentityInterface'); + return $this->createMock(SecurityIdentityInterface::class); } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/FieldEntryTest.php php-symfony-security-acl-3.3.1/Tests/Domain/FieldEntryTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/FieldEntryTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/FieldEntryTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,9 +11,12 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Domain\FieldEntry; +use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; +use Symfony\Component\Security\Acl\Tests\Fixtures\SerializableAclInterface; -class FieldEntryTest extends \PHPUnit\Framework\TestCase +class FieldEntryTest extends TestCase { public function testConstructor() { @@ -30,7 +33,7 @@ $uAce = unserialize($serialized); $this->assertNull($uAce->getAcl()); - $this->assertInstanceOf('Symfony\Component\Security\Acl\Model\SecurityIdentityInterface', $uAce->getSecurityIdentity()); + $this->assertInstanceOf(SecurityIdentityInterface::class, $uAce->getSecurityIdentity()); $this->assertEquals($ace->getId(), $uAce->getId()); $this->assertEquals($ace->getField(), $uAce->getField()); $this->assertEquals($ace->getMask(), $uAce->getMask()); @@ -40,6 +43,27 @@ $this->assertEquals($ace->isAuditFailure(), $uAce->isAuditFailure()); } + public function testSerializeUnserializeMoreAceWithSameSecurityIdentity() + { + $sid = $this->getSid(); + + $aceFirst = $this->getAce(null, $sid); + $aceSecond = $this->getAce(null, $sid); + + // as used in DoctrineAclCache::putInCache (line 142) + $serialized = serialize([[ + 'fieldOne' => [$aceFirst], + 'fieldTwo' => [$aceSecond], + ]]); + + $unserialized = unserialize($serialized); + $uAceFirst = $unserialized[0]['fieldOne'][0]; + $uAceSecond = $unserialized[0]['fieldTwo'][0]; + + $this->assertInstanceOf(SecurityIdentityInterface::class, $uAceFirst->getSecurityIdentity()); + $this->assertInstanceOf(SecurityIdentityInterface::class, $uAceSecond->getSecurityIdentity()); + } + protected function getAce($acl = null, $sid = null) { if (null === $acl) { @@ -64,11 +88,11 @@ protected function getAcl() { - return $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface'); + return $this->createMock(SerializableAclInterface::class); } protected function getSid() { - return $this->createMock('Symfony\Component\Security\Acl\Model\SecurityIdentityInterface'); + return $this->createMock(SecurityIdentityInterface::class); } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/ObjectIdentityTest.php php-symfony-security-acl-3.3.1/Tests/Domain/ObjectIdentityTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/ObjectIdentityTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/ObjectIdentityTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -12,6 +12,7 @@ namespace Symfony\Component\Security\Acl\Tests\Domain { use Symfony\Component\Security\Acl\Domain\ObjectIdentity; + use Symfony\Component\Security\Acl\Model\DomainObjectInterface; class ObjectIdentityTest extends \PHPUnit\Framework\TestCase { @@ -34,17 +35,17 @@ public function testFromDomainObjectPrefersInterfaceOverGetId() { - $domainObject = $this->createMock('Symfony\Component\Security\Acl\Model\DomainObjectInterface'); - $domainObject - ->expects($this->once()) - ->method('getObjectIdentifier') - ->willReturn('getObjectIdentifier()') - ; - $domainObject - ->expects($this->never()) - ->method('getId') - ->willReturn('getId()') - ; + $domainObject = new class() implements DomainObjectInterface { + public function getObjectIdentifier() + { + return 'getObjectIdentifier()'; + } + + public function getId() + { + return 'getId()'; + } + }; $id = ObjectIdentity::fromDomainObject($domainObject); $this->assertEquals('getObjectIdentifier()', $id->getIdentifier()); @@ -54,14 +55,14 @@ { $id = ObjectIdentity::fromDomainObject(new TestDomainObject()); $this->assertEquals('getId()', $id->getIdentifier()); - $this->assertEquals('Symfony\Component\Security\Acl\Tests\Domain\TestDomainObject', $id->getType()); + $this->assertEquals(TestDomainObject::class, $id->getType()); } public function testFromDomainObjectWithProxy() { $id = ObjectIdentity::fromDomainObject(new \Acme\DemoBundle\Proxy\__CG__\Symfony\Component\Security\Acl\Tests\Domain\TestDomainObject()); $this->assertEquals('getId()', $id->getIdentifier()); - $this->assertEquals('Symfony\Component\Security\Acl\Tests\Domain\TestDomainObject', $id->getType()); + $this->assertEquals(TestDomainObject::class, $id->getType()); } public function testFromDomainObjectWithoutInterfaceEnforcesStringIdentifier() @@ -71,7 +72,7 @@ $id = ObjectIdentity::fromDomainObject($domainObject); $this->assertSame('1', $id->getIdentifier()); - $this->assertEquals('Symfony\Component\Security\Acl\Tests\Domain\TestDomainObject', $id->getType()); + $this->assertEquals(TestDomainObject::class, $id->getType()); } public function testFromDomainObjectWithoutInterfaceAllowsZeroAsIdentifier() @@ -81,7 +82,7 @@ $id = ObjectIdentity::fromDomainObject($domainObject); $this->assertSame('0', $id->getIdentifier()); - $this->assertEquals('Symfony\Component\Security\Acl\Tests\Domain\TestDomainObject', $id->getType()); + $this->assertEquals(TestDomainObject::class, $id->getType()); } /** diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/PermissionGrantingStrategyTest.php php-symfony-security-acl-3.3.1/Tests/Domain/PermissionGrantingStrategyTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/PermissionGrantingStrategyTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/PermissionGrantingStrategyTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,14 +11,16 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Domain\Acl; use Symfony\Component\Security\Acl\Domain\ObjectIdentity; use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy; use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; use Symfony\Component\Security\Acl\Exception\NoAceFoundException; +use Symfony\Component\Security\Acl\Model\AuditLoggerInterface; -class PermissionGrantingStrategyTest extends \PHPUnit\Framework\TestCase +class PermissionGrantingStrategyTest extends TestCase { public function testIsGrantedObjectAcesHavePriority() { @@ -74,12 +76,11 @@ public function testIsGrantedReturnsExceptionIfNoAceIsFound() { - $this->expectException(\Symfony\Component\Security\Acl\Exception\NoAceFoundException::class); - $strategy = new PermissionGrantingStrategy(); $acl = $this->getAcl($strategy); $sid = new UserSecurityIdentity('johannes', 'Foo'); + $this->expectException(NoAceFoundException::class); $strategy->isGranted($acl, [1], [$sid]); } @@ -106,7 +107,7 @@ $acl = $this->getAcl($strategy); $sid = new UserSecurityIdentity('johannes', 'Foo'); - $logger = $this->createMock('Symfony\Component\Security\Acl\Model\AuditLoggerInterface'); + $logger = $this->createMock(AuditLoggerInterface::class); $logger ->expects($this->once()) ->method('logIfNeeded') @@ -125,7 +126,7 @@ $acl = $this->getAcl($strategy); $sid = new UserSecurityIdentity('johannes', 'Foo'); - $logger = $this->createMock('Symfony\Component\Security\Acl\Model\AuditLoggerInterface'); + $logger = $this->createMock(AuditLoggerInterface::class); $logger ->expects($this->once()) ->method('logIfNeeded') @@ -150,11 +151,10 @@ $acl->insertObjectAce($sid, $aceMask, 0, true, $maskStrategy); if (false === $result) { - try { - $strategy->isGranted($acl, [$requiredMask], [$sid]); - $this->fail('The ACE is not supposed to match.'); - } catch (NoAceFoundException $e) { - } + $this->expectException(NoAceFoundException::class); + $this->expectExceptionMessage('No applicable ACE was found.'); + + $strategy->isGranted($acl, [$requiredMask], [$sid]); } else { $this->assertTrue($strategy->isGranted($acl, [$requiredMask], [$sid])); } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/PsrAclCacheTest.php php-symfony-security-acl-3.3.1/Tests/Domain/PsrAclCacheTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/PsrAclCacheTest.php 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/PsrAclCacheTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,91 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Acl\Tests\Domain; + +use PHPUnit\Framework\TestCase; +use Symfony\Component\Cache\Adapter\ArrayAdapter; +use Symfony\Component\Security\Acl\Domain\Acl; +use Symfony\Component\Security\Acl\Domain\ObjectIdentity; +use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy; +use Symfony\Component\Security\Acl\Domain\PsrAclCache; +use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; + +class PsrAclCacheTest extends TestCase +{ + protected $permissionGrantingStrategy; + + public function testConstructorDoesNotAcceptEmptyPrefix() + { + $this->expectException(\InvalidArgumentException::class); + + new PsrAclCache(new ArrayAdapter(), $this->getPermissionGrantingStrategy(), ''); + } + + public function test() + { + $cache = $this->getCache(); + + $aclWithParent = $this->getAcl(1); + $acl = $this->getAcl(); + + $cache->putInCache($aclWithParent); + $cache->putInCache($acl); + + $cachedAcl = $cache->getFromCacheByIdentity($acl->getObjectIdentity()); + $this->assertEquals($acl->getId(), $cachedAcl->getId()); + $this->assertNull($acl->getParentAcl()); + + $cachedAclWithParent = $cache->getFromCacheByIdentity($aclWithParent->getObjectIdentity()); + $this->assertEquals($aclWithParent->getId(), $cachedAclWithParent->getId()); + $this->assertNotNull($cachedParentAcl = $cachedAclWithParent->getParentAcl()); + $this->assertEquals($aclWithParent->getParentAcl()->getId(), $cachedParentAcl->getId()); + } + + protected function getAcl($depth = 0) + { + static $id = 1; + + $acl = new Acl($id, new ObjectIdentity($id, 'foo'), $this->getPermissionGrantingStrategy(), [], $depth > 0); + + // insert some ACEs + $sid = new UserSecurityIdentity('johannes', 'Foo'); + $acl->insertClassAce($sid, 1); + $acl->insertClassFieldAce('foo', $sid, 1); + $acl->insertObjectAce($sid, 1); + $acl->insertObjectFieldAce('foo', $sid, 1); + ++$id; + + if ($depth > 0) { + $acl->setParentAcl($this->getAcl($depth - 1)); + } + + return $acl; + } + + protected function getPermissionGrantingStrategy() + { + if (null === $this->permissionGrantingStrategy) { + $this->permissionGrantingStrategy = new PermissionGrantingStrategy(); + } + + return $this->permissionGrantingStrategy; + } + + protected function getCache($cacheDriver = null, $prefix = PsrAclCache::PREFIX) + { + if (null === $cacheDriver) { + $cacheDriver = new ArrayAdapter(); + } + + return new PsrAclCache($cacheDriver, $this->getPermissionGrantingStrategy(), $prefix); + } +} diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/RoleSecurityIdentityTest.php php-symfony-security-acl-3.3.1/Tests/Domain/RoleSecurityIdentityTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/RoleSecurityIdentityTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/RoleSecurityIdentityTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,11 +11,12 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; -use Symfony\Component\Security\Core\Role\Role; +use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; -class RoleSecurityIdentityTest extends \PHPUnit\Framework\TestCase +class RoleSecurityIdentityTest extends TestCase { public function testConstructor() { @@ -24,17 +25,10 @@ $this->assertEquals('ROLE_FOO', $id->getRole()); } - public function testConstructorWithRoleInstance() - { - $id = new RoleSecurityIdentity(new Role('ROLE_FOO')); - - $this->assertEquals('ROLE_FOO', $id->getRole()); - } - /** * @dataProvider getCompareData */ - public function testEquals($id1, $id2, $equal) + public function testEquals(RoleSecurityIdentity $id1, SecurityIdentityInterface $id2, bool $equal) { if ($equal) { $this->assertTrue($id1->equals($id2)); @@ -43,11 +37,10 @@ } } - public function getCompareData() + public function getCompareData(): array { return [ [new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('ROLE_FOO'), true], - [new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity(new Role('ROLE_FOO')), true], [new RoleSecurityIdentity('ROLE_USER'), new RoleSecurityIdentity('ROLE_FOO'), false], [new RoleSecurityIdentity('ROLE_FOO'), new UserSecurityIdentity('ROLE_FOO', 'Foo'), false], ]; diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php php-symfony-security-acl-3.3.1/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -11,51 +11,97 @@ namespace Symfony\Component\Security\Acl\Tests\Domain; +use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; use Symfony\Component\Security\Acl\Domain\SecurityIdentityRetrievalStrategy; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; -use Symfony\Component\Security\Core\Role\Role; +use Symfony\Component\Security\Acl\Tests\Fixtures\Account; +use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; +use Symfony\Component\Security\Core\Authentication\Token\AbstractToken; +use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; +use Symfony\Component\Security\Core\Authentication\Token\NullToken; +use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter; +use Symfony\Component\Security\Core\Role\RoleHierarchyInterface; +use Symfony\Component\Security\Core\User\UserInterface; -class SecurityIdentityRetrievalStrategyTest extends \PHPUnit\Framework\TestCase +class SecurityIdentityRetrievalStrategyTest extends TestCase { /** * @dataProvider getSecurityIdentityRetrievalTests */ - public function testGetSecurityIdentities($user, array $roles, $authenticationStatus, array $sids) + public function testGetSecurityIdentities($user, array $roles, string $authenticationStatus, array $sids) { - if ('anonymous' === $authenticationStatus) { - $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken') - ->disableOriginalConstructor() - ->getMock(); - } else { + $token = class_exists(NullToken::class) ? new NullToken() : new AnonymousToken('', ''); + if ('anonymous' !== $authenticationStatus) { $class = ''; if (\is_string($user)) { $class = 'MyCustomTokenImpl'; } - $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface') - ->setMockClassName($class) - ->getMock(); - } - - if (method_exists($token, 'getRoleNames')) { - $strategy = $this->getStrategy($roles, $authenticationStatus, false); + $token = $this->getMockBuilder(AbstractToken::class) + ->setMockClassName($class) + ->getMock(); $token ->expects($this->once()) ->method('getRoleNames') ->willReturn(['foo']) ; - } else { - $strategy = $this->getStrategy($roles, $authenticationStatus, true); $token ->expects($this->once()) - ->method('getRoles') - ->willReturn([new Role('foo')]) + ->method('getUser') + ->willReturn($user) ; } + $strategy = $this->getStrategy($roles, $authenticationStatus); + $extractedSids = $strategy->getSecurityIdentities($token); + + foreach ($extractedSids as $index => $extractedSid) { + if (!isset($sids[$index])) { + $this->fail(sprintf('Expected SID at index %d, but there was none.', $index)); + } + + if (false === $sids[$index]->equals($extractedSid)) { + $this->fail(sprintf('Index: %d, expected SID "%s", but got "%s".', $index, $sids[$index], (string) $extractedSid)); + } + } + } + + /** + * @group legacy + * @dataProvider getDeprecatedSecurityIdentityRetrievalTests + */ + public function testDeprecatedGetSecurityIdentities($user, array $roles, string $authenticationStatus, array $sids) + { + if (method_exists(AuthenticationTrustResolverInterface::class, 'isAuthenticated')) { + $this->markTestSkipped(); + } + + if ('anonymous' === $authenticationStatus) { + $token = $this->getMockBuilder(AnonymousToken::class) + ->disableOriginalConstructor() + ->getMock(); + } else { + $class = ''; + if (\is_string($user)) { + $class = 'MyCustomTokenImpl'; + } + + $token = $this->getMockBuilder(AbstractToken::class) + ->setMockClassName($class) + ->getMock(); + } + + $strategy = $this->getStrategy($roles, $authenticationStatus); + + $token + ->expects($this->once()) + ->method('getRoleNames') + ->willReturn(['foo']) + ; + if ('anonymous' === $authenticationStatus) { $token ->expects($this->never()) @@ -73,98 +119,101 @@ foreach ($extractedSids as $index => $extractedSid) { if (!isset($sids[$index])) { - $this->fail(sprintf('Expected SID at index %d, but there was none.', true)); + $this->fail(sprintf('Expected SID at index %d, but there was none.', $index)); } if (false === $sids[$index]->equals($extractedSid)) { - $this->fail(sprintf('Index: %d, expected SID "%s", but got "%s".', $index, $sids[$index], $extractedSid)); + $this->fail(sprintf('Index: %d, expected SID "%s", but got "%s".', $index, $sids[$index], (string) $extractedSid)); } } } - public function getSecurityIdentityRetrievalTests() + public function getSecurityIdentityRetrievalTests(): array { + $anonymousRoles = [new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY')]; + if (\defined('\Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter::PUBLIC_ACCESS')) { + $anonymousRoles[] = new RoleSecurityIdentity(AuthenticatedVoter::PUBLIC_ACCESS); + } + return [ - [$this->getAccount('johannes', 'FooUser'), ['ROLE_USER', 'ROLE_SUPERADMIN'], 'fullFledged', [ - new UserSecurityIdentity('johannes', 'FooUser'), + [new Account('johannes'), ['ROLE_USER', 'ROLE_SUPERADMIN'], 'fullFledged', array_merge([ + new UserSecurityIdentity('johannes', Account::class), new RoleSecurityIdentity('ROLE_USER'), new RoleSecurityIdentity('ROLE_SUPERADMIN'), new RoleSecurityIdentity('IS_AUTHENTICATED_FULLY'), new RoleSecurityIdentity('IS_AUTHENTICATED_REMEMBERED'), - new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'), - ]], - ['johannes', ['ROLE_FOO'], 'fullFledged', [ - new UserSecurityIdentity('johannes', 'MyCustomTokenImpl'), - new RoleSecurityIdentity('ROLE_FOO'), - new RoleSecurityIdentity('IS_AUTHENTICATED_FULLY'), - new RoleSecurityIdentity('IS_AUTHENTICATED_REMEMBERED'), - new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'), - ]], - [new CustomUserImpl('johannes'), ['ROLE_FOO'], 'fullFledged', [ - new UserSecurityIdentity('johannes', 'Symfony\Component\Security\Acl\Tests\Domain\CustomUserImpl'), + ], $anonymousRoles)], + [new CustomUserImpl('johannes'), ['ROLE_FOO'], 'fullFledged', array_merge([ + new UserSecurityIdentity('johannes', CustomUserImpl::class), new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('IS_AUTHENTICATED_FULLY'), new RoleSecurityIdentity('IS_AUTHENTICATED_REMEMBERED'), - new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'), - ]], - [$this->getAccount('foo', 'FooBarUser'), ['ROLE_FOO'], 'rememberMe', [ - new UserSecurityIdentity('foo', 'FooBarUser'), + ], $anonymousRoles)], + [new Account('foo'), ['ROLE_FOO'], 'rememberMe', array_merge([ + new UserSecurityIdentity('foo', Account::class), new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('IS_AUTHENTICATED_REMEMBERED'), - new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'), - ]], - ['guest', ['ROLE_FOO'], 'anonymous', [ - new RoleSecurityIdentity('ROLE_FOO'), - new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'), - ]], + ], $anonymousRoles)], + ['guest', [], 'anonymous', $anonymousRoles], ]; } - protected function getAccount($username, $class) + public function getDeprecatedSecurityIdentityRetrievalTests() { - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface', [], [], $class); - $account - ->expects($this->any()) - ->method('getUsername') - ->willReturn($username) - ; + $anonymousRoles = [new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY')]; + if (\defined('\Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter::PUBLIC_ACCESS')) { + $anonymousRoles[] = new RoleSecurityIdentity(AuthenticatedVoter::PUBLIC_ACCESS); + } - return $account; + return [ + ['johannes', ['ROLE_FOO'], 'fullFledged', array_merge([ + new UserSecurityIdentity('johannes', 'MyCustomTokenImpl'), + new RoleSecurityIdentity('ROLE_FOO'), + new RoleSecurityIdentity('IS_AUTHENTICATED_FULLY'), + new RoleSecurityIdentity('IS_AUTHENTICATED_REMEMBERED'), + ], $anonymousRoles)], + ['guest', ['ROLE_FOO'], 'anonymous', array_merge([ + new RoleSecurityIdentity('ROLE_FOO'), + ], $anonymousRoles)], + ]; } - protected function getStrategy(array $roles = [], $authenticationStatus = 'fullFledged', $isBC = false) + private function getStrategy(array $roles, string $authenticationStatus): SecurityIdentityRetrievalStrategy { - $roleHierarchyBuilder = $this->getMockBuilder('Symfony\Component\Security\Core\Role\RoleHierarchyInterface') - ->disableProxyingToOriginalMethods() - ->disableOriginalConstructor(); + $roleHierarchy = new class($roles) implements RoleHierarchyInterface { + private $roles; - if ($isBC) { - $roleHierarchy = $roleHierarchyBuilder->setMethods(['getReachableRoles']) - ->getMockForAbstractClass(); + public function __construct(array $roles) + { + $this->roles = $roles; + } - $roleHierarchy - ->expects($this->any()) - ->method('getReachableRoles') - ->with($this->equalTo([new Role('foo')])) - ->willReturn($roles); - } else { - $roleHierarchy = $roleHierarchyBuilder->setMethods(['getReachableRoleNames']) - ->getMockForAbstractClass(); + public function getReachableRoleNames(array $roles): array + { + return $this->roles; + } + }; - $roleHierarchy - ->expects($this->any()) - ->method('getReachableRoleNames') - ->with($this->equalTo(['foo'])) - ->willReturn($roles); - } - - $trustResolver = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface', [], ['', '']); - - $trustResolver - ->expects($this->at(0)) - ->method('isAnonymous') - ->willReturn('anonymous' === $authenticationStatus) - ; + $trustResolverMockBuild = $this->getMockBuilder(AuthenticationTrustResolverInterface::class); + if (\defined('\Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter::PUBLIC_ACCESS')) { + if (method_exists(AuthenticationTrustResolverInterface::class, 'isAuthenticated')) { + $trustResolver = $trustResolverMockBuild->getMock(); + } else { + $trustResolver = $trustResolverMockBuild + ->onlyMethods(['isAnonymous', 'isRememberMe', 'isFullFledged']) + ->addMethods(['isAuthenticated']) + ->getMock() + ; + } + $trustResolver + ->method('isAuthenticated') + ->willReturn('anonymous' !== $authenticationStatus); + } else { + $trustResolver = $trustResolverMockBuild->getMock(); + $trustResolver + ->method('isAnonymous') + ->willReturn('anonymous' === $authenticationStatus); + } if ('fullFledged' === $authenticationStatus) { $trustResolver @@ -188,11 +237,17 @@ ->willReturn(true) ; } else { - $trustResolver - ->expects($this->at(1)) - ->method('isAnonymous') - ->willReturn(true) - ; + if (method_exists(AuthenticationTrustResolverInterface::class, 'isAuthenticated')) { + $trustResolver + ->method('isAuthenticated') + ->willReturn(false) + ; + } else { + $trustResolver + ->method('isAnonymous') + ->willReturn(true); + } + $trustResolver ->expects($this->once()) ->method('isFullFledged') @@ -209,7 +264,7 @@ } } -class CustomUserImpl +class CustomUserImpl implements UserInterface { protected $name; @@ -222,4 +277,33 @@ { return $this->name; } + + public function getRoles(): array + { + return []; + } + + public function eraseCredentials() + { + } + + public function getUserIdentifier(): string + { + return $this->name; + } + + public function getPassword() + { + return null; + } + + public function getSalt() + { + return null; + } + + public function getUsername(): string + { + return $this->getUserIdentifier(); + } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Domain/UserSecurityIdentityTest.php php-symfony-security-acl-3.3.1/Tests/Domain/UserSecurityIdentityTest.php --- php-symfony-security-acl-3.1.1/Tests/Domain/UserSecurityIdentityTest.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Domain/UserSecurityIdentityTest.php 2022-02-15 18:20:11.000000000 +0000 @@ -13,6 +13,9 @@ use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; +use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; +use Symfony\Component\Security\Acl\Tests\Fixtures\Account; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; class UserSecurityIdentityTest extends \PHPUnit\Framework\TestCase { @@ -36,23 +39,16 @@ /** * @dataProvider getCompareData */ - public function testEquals($id1, $id2, $equal) + public function testEquals(UserSecurityIdentity $id1, SecurityIdentityInterface $id2, bool $equal) { $this->assertSame($equal, $id1->equals($id2)); } - public function getCompareData() + public function getCompareData(): array { - $account = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface') - ->setMockClassName('USI_AccountImpl') - ->getMock(); - $account - ->expects($this->any()) - ->method('getUsername') - ->willReturn('foo') - ; + $account = new Account('foo'); - $token = $this->createMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + $token = $this->createMock(TokenInterface::class); $token ->expects($this->any()) ->method('getUser') @@ -67,7 +63,7 @@ [new UserSecurityIdentity('bla', 'Foo'), new UserSecurityIdentity('blub', 'Foo'), false], [new UserSecurityIdentity('foo', 'Foo'), new RoleSecurityIdentity('foo'), false], [new UserSecurityIdentity('foo', 'Foo'), UserSecurityIdentity::fromToken($token), false], - [new UserSecurityIdentity('foo', 'USI_AccountImpl'), UserSecurityIdentity::fromToken($token), true], + [new UserSecurityIdentity('foo', Account::class), UserSecurityIdentity::fromToken($token), true], ]; } } diff -Nru php-symfony-security-acl-3.1.1/Tests/Fixtures/Account.php php-symfony-security-acl-3.3.1/Tests/Fixtures/Account.php --- php-symfony-security-acl-3.1.1/Tests/Fixtures/Account.php 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Fixtures/Account.php 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,45 @@ +identifier = $identifier; + } + + public function getUserIdentifier(): string + { + return $this->identifier; + } + + public function getUsername(): string + { + return $this->getUserIdentifier(); + } + + public function getRoles(): array + { + return ['ROLE_USER']; + } + + public function getPassword(): ?string + { + return null; + } + + public function getSalt(): ?string + { + return null; + } + + public function eraseCredentials(): void + { + } +} diff -Nru php-symfony-security-acl-3.1.1/Tests/Fixtures/SerializableAclInterface.php php-symfony-security-acl-3.3.1/Tests/Fixtures/SerializableAclInterface.php --- php-symfony-security-acl-3.1.1/Tests/Fixtures/SerializableAclInterface.php 1970-01-01 00:00:00.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Tests/Fixtures/SerializableAclInterface.php 2022-02-15 18:20:11.000000000 +0000 @@ -0,0 +1,12 @@ +getVoter(true, false); + [$voter, , $permissionMap] = $this->getVoter(true, false); $permissionMap ->expects($this->once()) @@ -44,7 +51,7 @@ */ public function testSupportsAttributeNonString($attribute) { - list($voter) = $this->getVoter(true, false); + [$voter] = $this->getVoter(true, false); $this->assertFalse($voter->supportsAttribute($attribute)); } @@ -72,7 +79,7 @@ */ public function testSupportsClass($class) { - list($voter) = $this->getVoter(); + [$voter] = $this->getVoter(); $this->assertTrue($voter->supportsClass($class)); } @@ -88,7 +95,7 @@ public function testVote() { - list($voter, , $permissionMap) = $this->getVoter(); + [$voter, , $permissionMap] = $this->getVoter(); $permissionMap ->expects($this->atLeastOnce()) ->method('getMasks') @@ -103,7 +110,7 @@ */ public function testVoteWhenNoObjectIsPassed($allowIfObjectIdentityUnavailable) { - list($voter, , $permissionMap) = $this->getVoter($allowIfObjectIdentityUnavailable); + [$voter, , $permissionMap] = $this->getVoter($allowIfObjectIdentityUnavailable); $permissionMap ->expects($this->once()) ->method('getMasks') @@ -124,7 +131,7 @@ */ public function testVoteWhenOidStrategyReturnsNull($allowIfUnavailable) { - list($voter, , $permissionMap, $oidStrategy) = $this->getVoter($allowIfUnavailable); + [$voter, , $permissionMap, $oidStrategy] = $this->getVoter($allowIfUnavailable); $permissionMap ->expects($this->once()) ->method('getMasks') @@ -153,7 +160,7 @@ public function testVoteNoAclFound() { - list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter(); + [$voter, $provider, $permissionMap, $oidStrategy, $sidStrategy] = $this->getVoter(); $permissionMap ->expects($this->once()) @@ -188,7 +195,7 @@ */ public function testVoteGrantsAccess($grant) { - list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter(); + [$voter, $provider, $permissionMap, $oidStrategy, $sidStrategy] = $this->getVoter(); $permissionMap ->expects($this->once()) @@ -213,7 +220,7 @@ ->expects($this->once()) ->method('findAcl') ->with($this->equalTo($oid), $this->equalTo($sids)) - ->willReturn($acl = $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface')) + ->willReturn($acl = $this->createMock(SerializableAclInterface::class)) ; $acl @@ -234,7 +241,7 @@ public function testVoteNoAceFound() { - list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter(); + [$voter, $provider, $permissionMap, $oidStrategy, $sidStrategy] = $this->getVoter(); $permissionMap ->expects($this->once()) @@ -259,7 +266,7 @@ ->expects($this->once()) ->method('findAcl') ->with($this->equalTo($oid), $this->equalTo($sids)) - ->willReturn($acl = $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface')) + ->willReturn($acl = $this->createMock(SerializableAclInterface::class)) ; $acl @@ -277,7 +284,7 @@ */ public function testVoteGrantsFieldAccess($grant) { - list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter(); + [$voter, $provider, $permissionMap, $oidStrategy, $sidStrategy] = $this->getVoter(); $permissionMap ->expects($this->once()) @@ -302,7 +309,7 @@ ->expects($this->once()) ->method('findAcl') ->with($this->equalTo($oid), $this->equalTo($sids)) - ->willReturn($acl = $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface')) + ->willReturn($acl = $this->createMock(SerializableAclInterface::class)) ; $acl @@ -323,7 +330,7 @@ public function testVoteNoFieldAceFound() { - list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter(); + [$voter, $provider, $permissionMap, $oidStrategy, $sidStrategy] = $this->getVoter(); $permissionMap ->expects($this->once()) @@ -348,7 +355,7 @@ ->expects($this->once()) ->method('findAcl') ->with($this->equalTo($oid), $this->equalTo($sids)) - ->willReturn($acl = $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface')) + ->willReturn($acl = $this->createMock(SerializableAclInterface::class)) ; $acl @@ -363,7 +370,7 @@ public function testWhenReceivingAnObjectIdentityInterfaceWeDontRetrieveANewObjectIdentity() { - list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter(); + [$voter, $provider, $permissionMap, $oidStrategy, $sidStrategy] = $this->getVoter(); $oid = new ObjectIdentity('someID', 'someType'); @@ -389,7 +396,7 @@ ->expects($this->once()) ->method('findAcl') ->with($this->equalTo($oid), $this->equalTo($sids)) - ->willReturn($acl = $this->createMock('Symfony\Component\Security\Acl\Model\AclInterface')) + ->willReturn($acl = $this->createMock(SerializableAclInterface::class)) ; $acl @@ -404,15 +411,15 @@ protected function getToken() { - return $this->createMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + return $this->createMock(TokenInterface::class); } protected function getVoter($allowIfObjectIdentityUnavailable = true, $alwaysContains = true) { - $provider = $this->createMock('Symfony\Component\Security\Acl\Model\AclProviderInterface'); - $permissionMap = $this->createMock('Symfony\Component\Security\Acl\Permission\PermissionMapInterface'); - $oidStrategy = $this->createMock('Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface'); - $sidStrategy = $this->createMock('Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface'); + $provider = $this->createMock(AclProviderInterface::class); + $permissionMap = $this->createMock(PermissionMapInterface::class); + $oidStrategy = $this->createMock(ObjectIdentityRetrievalStrategyInterface::class); + $sidStrategy = $this->createMock(SecurityIdentityRetrievalStrategyInterface::class); if ($alwaysContains) { $permissionMap diff -Nru php-symfony-security-acl-3.1.1/Util/ClassUtils.php php-symfony-security-acl-3.3.1/Util/ClassUtils.php --- php-symfony-security-acl-3.1.1/Util/ClassUtils.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Util/ClassUtils.php 2022-02-15 18:20:11.000000000 +0000 @@ -29,14 +29,14 @@ * * @var string */ - const MARKER = '__CG__'; + public const MARKER = '__CG__'; /** * Length of the proxy marker. * * @var int */ - const MARKER_LENGTH = 6; + public const MARKER_LENGTH = 6; /** * This class should not be instantiated. @@ -56,7 +56,7 @@ { $class = \is_object($object) ? \get_class($object) : $object; - if (class_exists('Doctrine\Common\Util\ClassUtils')) { + if (class_exists(DoctrineClassUtils::class)) { return DoctrineClassUtils::getRealClass($class); } diff -Nru php-symfony-security-acl-3.1.1/Voter/AclVoter.php php-symfony-security-acl-3.3.1/Voter/AclVoter.php --- php-symfony-security-acl-3.1.1/Voter/AclVoter.php 2021-01-12 09:10:27.000000000 +0000 +++ php-symfony-security-acl-3.3.1/Voter/AclVoter.php 2022-02-15 18:20:11.000000000 +0000 @@ -51,33 +51,33 @@ return \is_string($attribute) && $this->permissionMap->contains($attribute); } - public function vote(TokenInterface $token, $object, array $attributes) + public function vote(TokenInterface $token, $subject, array $attributes) { foreach ($attributes as $attribute) { if (!$this->supportsAttribute($attribute)) { continue; } - if (null === $masks = $this->permissionMap->getMasks($attribute, $object)) { + if (null === $masks = $this->permissionMap->getMasks($attribute, $subject)) { continue; } - if (null === $object) { + if (null === $subject) { if (null !== $this->logger) { $this->logger->debug(sprintf('Object identity unavailable. Voting to %s.', $this->allowIfObjectIdentityUnavailable ? 'grant access' : 'abstain')); } return $this->allowIfObjectIdentityUnavailable ? self::ACCESS_GRANTED : self::ACCESS_ABSTAIN; - } elseif ($object instanceof FieldVote) { - $field = $object->getField(); - $object = $object->getDomainObject(); + } elseif ($subject instanceof FieldVote) { + $field = $subject->getField(); + $subject = $subject->getDomainObject(); } else { $field = null; } - if ($object instanceof ObjectIdentityInterface) { - $oid = $object; - } elseif (null === $oid = $this->objectIdentityRetrievalStrategy->getObjectIdentity($object)) { + if ($subject instanceof ObjectIdentityInterface) { + $oid = $subject; + } elseif (null === $oid = $this->objectIdentityRetrievalStrategy->getObjectIdentity($subject)) { if (null !== $this->logger) { $this->logger->debug(sprintf('Object identity unavailable. Voting to %s.', $this->allowIfObjectIdentityUnavailable ? 'grant access' : 'abstain')); }