Skip to content

S
Silex
Commit 9c614f5a authored by tomaszsobczak's avatar tomaszsobczak Committed by Fabien Potencier
Browse files
Options

Added "security.hide_user_not_found" support in SecurityServiceProvider

parent e7d4a2fd
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 2 deletions
doc/providers/security.rst
View file @ 9c614f5a
...@@ -7,7 +7,8 @@ your applications. ...@@ -7,7 +7,8 @@ your applications.
Parameters Parameters
---------- ----------
n/a * **security.hide_user_not_found** (optional): Defines whether to hide user not
found exception or not. Defaults to ``true``.
Services Services
-------- --------
......
src/Silex/Provider/SecurityServiceProvider.php
View file @ 9c614f5a
...@@ -71,6 +71,7 @@ class SecurityServiceProvider implements ServiceProviderInterface ...@@ -71,6 +71,7 @@ class SecurityServiceProvider implements ServiceProviderInterface
$app['security.role_hierarchy'] = array(); $app['security.role_hierarchy'] = array();
$app['security.access_rules'] = array(); $app['security.access_rules'] = array();
$app['security.hide_user_not_found'] = true;
$app['security'] = $app->share(function ($app) { $app['security'] = $app->share(function ($app) {
return new SecurityContext($app['security.authentication_manager'], $app['security.access_manager']); return new SecurityContext($app['security.authentication_manager'], $app['security.access_manager']);
...@@ -510,7 +511,8 @@ class SecurityServiceProvider implements ServiceProviderInterface ...@@ -510,7 +511,8 @@ class SecurityServiceProvider implements ServiceProviderInterface
$app['security.user_provider.'.$name], $app['security.user_provider.'.$name],
$app['security.user_checker'], $app['security.user_checker'],
$name, $name,
$app['security.encoder_factory'] $app['security.encoder_factory'],
$app['security.hide_user_not_found']
); );
}); });
}); });
......
tests/Silex/Tests/Provider/SecurityServiceProviderTest.php
View file @ 9c614f5a
...@@ -145,6 +145,25 @@ class SecurityServiceProviderTest extends WebTestCase ...@@ -145,6 +145,25 @@ class SecurityServiceProviderTest extends WebTestCase
$this->assertInstanceOf('Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator', $app['security.validator.user_password_validator']); $this->assertInstanceOf('Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator', $app['security.validator.user_password_validator']);
} }
public function testExposedExceptions()
{
$app = $this->createApplication('form');
$app['security.hide_user_not_found'] = false;
$client = new Client($app);
$client->request('get', '/');
$this->assertEquals('ANONYMOUS', $client->getResponse()->getContent());
$client->request('post', '/login_check', array('_username' => 'fabien', '_password' => 'bar'));
$this->assertEquals('The presented password is invalid.', $app['security.last_error']($client->getRequest()));
$client->getRequest()->getSession()->save();
$client->request('post', '/login_check', array('_username' => 'unknown', '_password' => 'bar'));
$this->assertEquals('Username "unknown" does not exist.', $app['security.last_error']($client->getRequest()));
$client->getRequest()->getSession()->save();
}
public function createApplication($authenticationMethod = 'form') public function createApplication($authenticationMethod = 'form')
{ {
$app = new Application(); $app = new Application();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment