From f64759b5b53e3814a3577a8e06f074a2049f8d1b Mon Sep 17 00:00:00 2001 From: Alexander Schranz Date: Mon, 5 Mar 2018 14:10:08 +0100 Subject: [PATCH 1/4] fix problems iwth firewall with dash symbol and validate webspace in community admin --- Admin/CommunityAdmin.php | 30 +++++++++++++++++-- .../CommunityManagerCompilerPass.php | 3 ++ Resources/config/routing_website.xml | 4 --- .../Controller/RegistrationTest.php | 2 +- Tests/Unit/Listener/BlacklistListenerTest.php | 4 +-- Tests/app/Resources/webspaces/sulu.io.xml | 6 +++- Tests/app/config/config_website.yml | 2 +- 7 files changed, 40 insertions(+), 11 deletions(-) diff --git a/Admin/CommunityAdmin.php b/Admin/CommunityAdmin.php index b5098093..8cef111e 100644 --- a/Admin/CommunityAdmin.php +++ b/Admin/CommunityAdmin.php @@ -84,9 +84,35 @@ public function getSecurityContexts() { $systems = []; + $webspaceCollection = $this->webspaceManager->getWebspaceCollection(); + + $webspaceKeys = array_keys($webspaceCollection->getWebspaces()); + foreach ($this->webspacesConfiguration as $webspaceKey => $webspaceConfig) { - $webspace = $this->webspaceManager->getWebspaceCollection()->getWebspace($webspaceKey); - $system = $webspace->getSecurity()->getSystem(); + $webspace = $webspaceCollection->getWebspace($webspaceKey); + + if (!$webspace) { + throw new \InvalidArgumentException( + sprintf( + 'Webspace "%s" not found for "sulu_community" expected one of %s.', + $webspaceKey, + '"' . implode('", "', $webspaceKeys) . '"' + ) + ); + } + + $security = $webspace->getSecurity(); + + if (!$security) { + throw new \InvalidArgumentException( + sprintf( + 'Missing "Website" configuration in webspace "%s" for "sulu_community".', + $webspaceKey + ) + ); + } + + $system = $security->getSystem(); $systems[$system] = []; } diff --git a/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php b/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php index 6f337ab0..14b7003b 100644 --- a/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php +++ b/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php @@ -60,6 +60,9 @@ private function updateWebspaceConfig($webspaceKey, array $webspaceConfig) $webspaceConfig[Configuration::FIREWALL] = $webspaceKey; } + // TODO currently symfony normalize the security firewalls key which will replace "-" with "_". + $webspaceConfig[Configuration::FIREWALL] = str_replace('-', '_', $webspaceConfig[Configuration::FIREWALL]); + // Set role by webspace key if (null === $webspaceConfig[Configuration::ROLE]) { $webspaceConfig[Configuration::ROLE] = ucfirst($webspaceKey) . 'User'; diff --git a/Resources/config/routing_website.xml b/Resources/config/routing_website.xml index fa7f0f77..125f9277 100644 --- a/Resources/config/routing_website.xml +++ b/Resources/config/routing_website.xml @@ -36,10 +36,6 @@ SuluCommunityBundle:Login:index - - SuluCommunityBundle:Login:index - - SuluCommunityBundle:Profile:index diff --git a/Tests/Functional/Controller/RegistrationTest.php b/Tests/Functional/Controller/RegistrationTest.php index f10887ad..83d80b6b 100644 --- a/Tests/Functional/Controller/RegistrationTest.php +++ b/Tests/Functional/Controller/RegistrationTest.php @@ -37,7 +37,7 @@ protected function setUp() $entityManager = $this->getEntityManager(); $role = new Role(); - $role->setName('Sulu_ioUser'); + $role->setName('Sulu-ioUser'); $role->setSystem('Sulu'); $emailType = new EmailType(); diff --git a/Tests/Unit/Listener/BlacklistListenerTest.php b/Tests/Unit/Listener/BlacklistListenerTest.php index 9c1b5b31..02e25bcd 100644 --- a/Tests/Unit/Listener/BlacklistListenerTest.php +++ b/Tests/Unit/Listener/BlacklistListenerTest.php @@ -76,7 +76,7 @@ public function testValidateEmail() $user->getEmail()->willReturn('test@sulu.io'); $event = $this->prophesize(CommunityEvent::class); - $event->getConfigProperty(Configuration::WEBSPACE_KEY)->willReturn('sulu_io'); + $event->getConfigProperty(Configuration::WEBSPACE_KEY)->willReturn('sulu-io'); $event->getConfigProperty(Configuration::EMAIL_TO)->willReturn(['admin@sulu.io' => 'admin@sulu.io']); $event->getConfigProperty(Configuration::EMAIL_FROM)->willReturn(['from@sulu.io' => 'from@sulu.io']); $event->getConfigTypeProperty(Configuration::TYPE_BLACKLISTED, Configuration::EMAIL)->willReturn( @@ -92,7 +92,7 @@ public function testValidateEmail() Argument::that( function (BlacklistUser $item) use ($user) { return '123-123-123' === $item->getToken() - && 'sulu_io' === $item->getWebspaceKey() + && 'sulu-io' === $item->getWebspaceKey() && $item->getUser() === $user->reveal(); } ) diff --git a/Tests/app/Resources/webspaces/sulu.io.xml b/Tests/app/Resources/webspaces/sulu.io.xml index 0305afef..3a13c4ab 100644 --- a/Tests/app/Resources/webspaces/sulu.io.xml +++ b/Tests/app/Resources/webspaces/sulu.io.xml @@ -4,7 +4,11 @@ xsi:schemaLocation="http://schemas.sulu.io/webspace/webspace http://schemas.sulu.io/webspace/webspace-1.1.xsd"> Sulu CMF - sulu_io + sulu-io + + + Website + diff --git a/Tests/app/config/config_website.yml b/Tests/app/config/config_website.yml index 3bbe319b..1a80117a 100644 --- a/Tests/app/config/config_website.yml +++ b/Tests/app/config/config_website.yml @@ -7,7 +7,7 @@ framework: sulu_community: webspaces: - sulu_io: + sulu-io: to: 'admin@sulu.io' sulu_security: From ab504f043964829a063e0ce3cd0dc91a3be83875 Mon Sep 17 00:00:00 2001 From: Alexander Schranz Date: Wed, 7 Mar 2018 16:31:18 +0100 Subject: [PATCH 2/4] using config from documentation --- .../Controller/RegistrationTest.php | 2 +- Tests/app/config/config_website_prod.yml | 26 +++++++++++++------ 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/Tests/Functional/Controller/RegistrationTest.php b/Tests/Functional/Controller/RegistrationTest.php index 83d80b6b..7a7c1778 100644 --- a/Tests/Functional/Controller/RegistrationTest.php +++ b/Tests/Functional/Controller/RegistrationTest.php @@ -38,7 +38,7 @@ protected function setUp() $role = new Role(); $role->setName('Sulu-ioUser'); - $role->setSystem('Sulu'); + $role->setSystem('Website'); $emailType = new EmailType(); $emailType->setName('private'); diff --git a/Tests/app/config/config_website_prod.yml b/Tests/app/config/config_website_prod.yml index afdb8c3b..4dfa29a6 100644 --- a/Tests/app/config/config_website_prod.yml +++ b/Tests/app/config/config_website_prod.yml @@ -2,8 +2,7 @@ imports: - { resource: config_website.yml } security: - acl: - connection: default + session_fixation_strategy: none access_decision_manager: strategy: affirmative @@ -16,14 +15,25 @@ security: id: sulu_security.user_provider access_control: - - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: /profile, roles: ROLE_USER } + - { path: /completion, roles: ROLE_USER } firewalls: - test: + sulu-io: + pattern: ^/ + anonymous: ~ form_login: - login_path: /login - check_path: /login + login_path: sulu_community.login + check_path: sulu_community.login default_target_path: sulu_community.profile - http_basic: ~ - anonymous: ~ + logout: + path: sulu_community.logout + target: / + remember_me: + secret: "%secret%" + lifetime: 604800 # 1 week in seconds + path: / + +sulu_security: + checker: + enabled: true From 906068d2fe66054a04816bf93c5eca9303ac69de Mon Sep 17 00:00:00 2001 From: Alexander Schranz Date: Wed, 7 Mar 2018 16:57:49 +0100 Subject: [PATCH 3/4] validate init command over travis --- .travis.yml | 1 + Tests/app/config/config_admin.yml | 5 +++++ Tests/app/config/config_website.yml | 2 +- 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index e8a631c9..685d7cc4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,6 +30,7 @@ install: script: - ./vendor/bin/phpunit --coverage-clover=coverage.clover - ./Tests/app/console lint:twig Resources/views --env test + - ./Tests/app/console sulu:community:init -vvv --env test - if [[ $PHPSTAN == 'true' ]]; then ./vendor/bin/phpstan analyse ./ --level 2 -c phpstan.neon ; fi after_script: diff --git a/Tests/app/config/config_admin.yml b/Tests/app/config/config_admin.yml index 447a9f3c..98cd331e 100644 --- a/Tests/app/config/config_admin.yml +++ b/Tests/app/config/config_admin.yml @@ -3,3 +3,8 @@ parameters: framework: router: { resource: "%kernel.root_dir%/config/routing_admin.yml" } + +sulu_community: + webspaces: + sulu-io: + from: 'admin@sulu.io' diff --git a/Tests/app/config/config_website.yml b/Tests/app/config/config_website.yml index 1a80117a..584140bb 100644 --- a/Tests/app/config/config_website.yml +++ b/Tests/app/config/config_website.yml @@ -8,7 +8,7 @@ framework: sulu_community: webspaces: sulu-io: - to: 'admin@sulu.io' + from: 'admin@sulu.io' sulu_security: checker: From d3b3b076d24dd26d5ad4ced3398962833bf6efc0 Mon Sep 17 00:00:00 2001 From: Alexander Schranz Date: Wed, 7 Mar 2018 17:33:54 +0100 Subject: [PATCH 4/4] normalize webspace key everywhere --- Command/InitCommand.php | 3 ++- Controller/AbstractController.php | 3 ++- .../CommunityManagerCompilerPass.php | 11 ++++++-- .../CompilerPass/Normalizer.php | 25 +++++++++++++++++++ 4 files changed, 38 insertions(+), 4 deletions(-) create mode 100644 DependencyInjection/CompilerPass/Normalizer.php diff --git a/Command/InitCommand.php b/Command/InitCommand.php index 33756c78..481bb268 100644 --- a/Command/InitCommand.php +++ b/Command/InitCommand.php @@ -12,6 +12,7 @@ namespace Sulu\Bundle\CommunityBundle\Command; use Doctrine\ORM\EntityManagerInterface; +use Sulu\Bundle\CommunityBundle\DependencyInjection\CompilerPass\Normalizer; use Sulu\Bundle\CommunityBundle\DependencyInjection\Configuration; use Sulu\Bundle\CommunityBundle\Manager\CommunityManagerInterface; use Sulu\Bundle\SecurityBundle\Entity\Role; @@ -78,7 +79,7 @@ protected function initWebspace($webspace, OutputInterface $output) { $webspaceKey = $webspace->getKey(); - $communityServiceName = sprintf('sulu_community.%s.community_manager', $webspaceKey); + $communityServiceName = sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey)); if (!$webspace->getSecurity() || !$this->getContainer()->has($communityServiceName)) { return; diff --git a/Controller/AbstractController.php b/Controller/AbstractController.php index 84b3e9f9..cfd5aeb6 100644 --- a/Controller/AbstractController.php +++ b/Controller/AbstractController.php @@ -11,6 +11,7 @@ namespace Sulu\Bundle\CommunityBundle\Controller; +use Sulu\Bundle\CommunityBundle\DependencyInjection\CompilerPass\Normalizer; use Sulu\Bundle\CommunityBundle\DependencyInjection\Configuration; use Sulu\Bundle\CommunityBundle\Manager\CommunityManagerInterface; use Sulu\Bundle\SecurityBundle\Entity\User; @@ -44,7 +45,7 @@ protected function getCommunityManager($webspaceKey) { if (!isset($this->communityManagers[$webspaceKey])) { $this->communityManagers[$webspaceKey] = $this->get( - sprintf('sulu_community.%s.community_manager', $webspaceKey) + sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey)) ); } diff --git a/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php b/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php index 14b7003b..79955e46 100644 --- a/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php +++ b/DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php @@ -37,9 +37,16 @@ public function process(ContainerBuilder $container) $definition->replaceArgument(1, $webspaceKey); $container->setDefinition( - sprintf('sulu_community.%s.community_manager', $webspaceKey), + sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey)), $definition ); + + if (false !== strpos($webspaceKey, '-')) { + $container->setAlias( + sprintf('sulu_community.%s.community_manager', $webspaceKey), + sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey)) + ); + } } $container->setParameter('sulu_community.webspaces_config', $webspacesConfig); @@ -61,7 +68,7 @@ private function updateWebspaceConfig($webspaceKey, array $webspaceConfig) } // TODO currently symfony normalize the security firewalls key which will replace "-" with "_". - $webspaceConfig[Configuration::FIREWALL] = str_replace('-', '_', $webspaceConfig[Configuration::FIREWALL]); + $webspaceConfig[Configuration::FIREWALL] = Normalizer::normalize($webspaceConfig[Configuration::FIREWALL]); // Set role by webspace key if (null === $webspaceConfig[Configuration::ROLE]) { diff --git a/DependencyInjection/CompilerPass/Normalizer.php b/DependencyInjection/CompilerPass/Normalizer.php new file mode 100644 index 00000000..9d55ec65 --- /dev/null +++ b/DependencyInjection/CompilerPass/Normalizer.php @@ -0,0 +1,25 @@ +