Fix false firewall name and validate webspace in community admin

.travis.yml

@@ -30,6 +30,7 @@ install:
 script:
   - ./vendor/bin/phpunit --coverage-clover=coverage.clover
   - ./Tests/app/console lint:twig Resources/views --env test
+  - ./Tests/app/console sulu:community:init -vvv --env test
   - if [[ $PHPSTAN == 'true' ]]; then ./vendor/bin/phpstan analyse ./ --level 2 -c phpstan.neon ; fi
 
 after_script:

Admin/CommunityAdmin.php

@@ -84,9 +84,35 @@ public function getSecurityContexts()
     {
         $systems = [];
 
+        $webspaceCollection = $this->webspaceManager->getWebspaceCollection();
+
+        $webspaceKeys = array_keys($webspaceCollection->getWebspaces());
+
         foreach ($this->webspacesConfiguration as $webspaceKey => $webspaceConfig) {
-            $webspace = $this->webspaceManager->getWebspaceCollection()->getWebspace($webspaceKey);
-            $system = $webspace->getSecurity()->getSystem();
+            $webspace = $webspaceCollection->getWebspace($webspaceKey);
+
+            if (!$webspace) {
+                throw new \InvalidArgumentException(
+                    sprintf(
+                        'Webspace "%s" not found for "sulu_community" expected one of %s.',
+                        $webspaceKey,
+                        '"' . implode('", "', $webspaceKeys) . '"'
+                    )
+                );
+            }
+
+            $security = $webspace->getSecurity();
+
+            if (!$security) {
+                throw new \InvalidArgumentException(
+                    sprintf(
+                        'Missing "<security><system>Website</system><security>" configuration in webspace "%s" for "sulu_community".',
+                        $webspaceKey
+                    )
+                );
+            }
+
+            $system = $security->getSystem();
             $systems[$system] = [];
         }
 

Command/InitCommand.php

@@ -12,6 +12,7 @@
 namespace Sulu\Bundle\CommunityBundle\Command;
 
 use Doctrine\ORM\EntityManagerInterface;
+use Sulu\Bundle\CommunityBundle\DependencyInjection\CompilerPass\Normalizer;
 use Sulu\Bundle\CommunityBundle\DependencyInjection\Configuration;
 use Sulu\Bundle\CommunityBundle\Manager\CommunityManagerInterface;
 use Sulu\Bundle\SecurityBundle\Entity\Role;
@@ -78,7 +79,7 @@ protected function initWebspace($webspace, OutputInterface $output)
     {
         $webspaceKey = $webspace->getKey();
 
-        $communityServiceName = sprintf('sulu_community.%s.community_manager', $webspaceKey);
+        $communityServiceName = sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey));
 
         if (!$webspace->getSecurity() || !$this->getContainer()->has($communityServiceName)) {
             return;

Controller/AbstractController.php

@@ -11,6 +11,7 @@
 
 namespace Sulu\Bundle\CommunityBundle\Controller;
 
+use Sulu\Bundle\CommunityBundle\DependencyInjection\CompilerPass\Normalizer;
 use Sulu\Bundle\CommunityBundle\DependencyInjection\Configuration;
 use Sulu\Bundle\CommunityBundle\Manager\CommunityManagerInterface;
 use Sulu\Bundle\SecurityBundle\Entity\User;
@@ -44,7 +45,7 @@ protected function getCommunityManager($webspaceKey)
     {
         if (!isset($this->communityManagers[$webspaceKey])) {
             $this->communityManagers[$webspaceKey] = $this->get(
-                sprintf('sulu_community.%s.community_manager', $webspaceKey)
+                sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey))
             );
         }
 

DependencyInjection/CompilerPass/CommunityManagerCompilerPass.php

@@ -37,9 +37,16 @@ public function process(ContainerBuilder $container)
             $definition->replaceArgument(1, $webspaceKey);
 
             $container->setDefinition(
-                sprintf('sulu_community.%s.community_manager', $webspaceKey),
+                sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey)),
                 $definition
             );
+
+            if (false !== strpos($webspaceKey, '-')) {
+                $container->setAlias(
+                    sprintf('sulu_community.%s.community_manager', $webspaceKey),
+                    sprintf('sulu_community.%s.community_manager', Normalizer::normalize($webspaceKey))
+                );
+            }
         }
 
         $container->setParameter('sulu_community.webspaces_config', $webspacesConfig);
@@ -60,6 +67,9 @@ private function updateWebspaceConfig($webspaceKey, array $webspaceConfig)
             $webspaceConfig[Configuration::FIREWALL] = $webspaceKey;
         }
 
+        // TODO currently symfony normalize the security firewalls key which will replace "-" with "_".
+        $webspaceConfig[Configuration::FIREWALL] = Normalizer::normalize($webspaceConfig[Configuration::FIREWALL]);
+
         // Set role by webspace key
         if (null === $webspaceConfig[Configuration::ROLE]) {
             $webspaceConfig[Configuration::ROLE] = ucfirst($webspaceKey) . 'User';

DependencyInjection/CompilerPass/Normalizer.php

@@ -0,0 +1,25 @@
+<?php
+
+/*
+ * This file is part of Sulu.
+ *
+ * (c) MASSIVE ART WebServices GmbH
+ *
+ * This source file is subject to the MIT license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+namespace Sulu\Bundle\CommunityBundle\DependencyInjection\CompilerPass;
+
+/**
+ * Only used for internal usages.
+ *
+ * @internal
+ */
+class Normalizer
+{
+    public static function normalize($text)
+    {
+        return str_replace('-', '_', $text);
+    }
+}

Resources/config/routing_website.xml

@@ -36,10 +36,6 @@
         <default key="_controller">SuluCommunityBundle:Login:index</default>
     </route>
 
-    <route id="sulu_community.login" path="/login">
-        <default key="_controller">SuluCommunityBundle:Login:index</default>
-    </route>
-
     <route id="sulu_community.profile" path="/profile">
         <default key="_controller">SuluCommunityBundle:Profile:index</default>
     </route>

Tests/Functional/Controller/RegistrationTest.php

@@ -37,8 +37,8 @@ protected function setUp()
         $entityManager = $this->getEntityManager();
 
         $role = new Role();
-        $role->setName('Sulu_ioUser');
-        $role->setSystem('Sulu');
+        $role->setName('Sulu-ioUser');
+        $role->setSystem('Website');
 
         $emailType = new EmailType();
         $emailType->setName('private');

Tests/Unit/Listener/BlacklistListenerTest.php

@@ -76,7 +76,7 @@ public function testValidateEmail()
         $user->getEmail()->willReturn('[email protected]');
 
         $event = $this->prophesize(CommunityEvent::class);
-        $event->getConfigProperty(Configuration::WEBSPACE_KEY)->willReturn('sulu_io');
+        $event->getConfigProperty(Configuration::WEBSPACE_KEY)->willReturn('sulu-io');
         $event->getConfigProperty(Configuration::EMAIL_TO)->willReturn(['[email protected]' => '[email protected]']);
         $event->getConfigProperty(Configuration::EMAIL_FROM)->willReturn(['[email protected]' => '[email protected]']);
         $event->getConfigTypeProperty(Configuration::TYPE_BLACKLISTED, Configuration::EMAIL)->willReturn(
@@ -92,7 +92,7 @@ public function testValidateEmail()
             Argument::that(
                 function (BlacklistUser $item) use ($user) {
                     return '123-123-123' === $item->getToken()
-                    && 'sulu_io' === $item->getWebspaceKey()
+                    && 'sulu-io' === $item->getWebspaceKey()
                     && $item->getUser() === $user->reveal();
                 }
             )

Tests/app/Resources/webspaces/sulu.io.xml

@@ -4,7 +4,11 @@
            xsi:schemaLocation="http://schemas.sulu.io/webspace/webspace http://schemas.sulu.io/webspace/webspace-1.1.xsd">
 
     <name>Sulu CMF</name>
-    <key>sulu_io</key>
+    <key>sulu-io</key>
+
+    <security>
+        <system>Website</system>
+    </security>
 
     <localizations>
         <localization language="de" default="true"/>

Tests/app/config/config_admin.yml

@@ -3,3 +3,8 @@ parameters:
 
 framework:
     router: { resource: "%kernel.root_dir%/config/routing_admin.yml" }
+
+sulu_community:
+    webspaces:
+        sulu-io:
+            from: '[email protected]'

Tests/app/config/config_website.yml

@@ -7,8 +7,8 @@ framework:
 
 sulu_community:
     webspaces:
-        sulu_io:
-            to: '[email protected]'
+        sulu-io:
+            from: '[email protected]'
 
 sulu_security:
     checker:

Tests/app/config/config_website_prod.yml

@@ -2,8 +2,7 @@ imports:
     - { resource: config_website.yml }
 
 security:
-    acl:
-        connection: default
+    session_fixation_strategy: none
 
     access_decision_manager:
         strategy: affirmative
@@ -16,14 +15,25 @@ security:
             id: sulu_security.user_provider
 
     access_control:
-       - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /profile, roles: ROLE_USER }
+       - { path: /completion, roles: ROLE_USER }
 
     firewalls:
-        test:
+        sulu-io:
+            pattern: ^/
+            anonymous: ~
             form_login:
-                login_path: /login
-                check_path: /login
+                login_path: sulu_community.login
+                check_path: sulu_community.login
                 default_target_path: sulu_community.profile
-            http_basic: ~
-            anonymous: ~
+            logout:
+                path: sulu_community.logout
+                target: /
+            remember_me:
+                secret:   "%secret%"
+                lifetime: 604800 # 1 week in seconds
+                path:     /
+
+sulu_security:
+    checker:
+        enabled: true