Skip to content

[FrameworkBundle] Simplify testing of protected resources #28065

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
geoffrey-brier wants to merge 1 commit into from
Closed

[FrameworkBundle] Simplify testing of protected resources #28065

geoffrey-brier wants to merge 1 commit into from

Conversation

@geoffrey-brier
Copy link
Contributor

@geoffrey-brier geoffrey-brier commented Jul 26, 2018
edited
Loading

Q A
Branch? master
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass?
Fixed tickets #26839
License MIT
Doc PR

I added two new shortcut methods to simplify testing of protected resources.

->login($user, $roles = array(), $firewallName = 'main')
The login method helps to login users and has 1 mandatory parameters $user which can either be an
object or a string. There are also 2 optionnal parameters in case you'd like to use a custom firewall or add extra roles. If the user implements UserInterface we'll merge the roles.

->logout()
The logout method simply invalidates the session

@geoffrey-brier geoffrey-brier force-pushed the simplify-testing-protected-resources branch from 07bb9c9 to 9c21266 Compare July 26, 2018 13:14
javiereguiluz
javiereguiluz reviewed Jul 26, 2018
View reviewed changes
@nicolas-grekas nicolas-grekas added this to the next milestone Jul 26, 2018
@geoffrey-brier geoffrey-brier force-pushed the simplify-testing-protected-resources branch from 9c21266 to 7e0dce0 Compare July 26, 2018 13:53
chalasr
chalasr reviewed Jul 26, 2018
View reviewed changes
stof
stof reviewed Jul 26, 2018
View reviewed changes
@geoffrey-brier geoffrey-brier force-pushed the simplify-testing-protected-resources branch from 7e0dce0 to 47d95ab Compare July 26, 2018 14:29
@geoffrey-brier
Copy link
Contributor Author

geoffrey-brier commented Jul 26, 2018

@stof @chalasr I now throw a RuntimeException if the security component is not installed.

Pierstoval
Pierstoval reviewed Jul 26, 2018
View reviewed changes
src/Symfony/Bundle/FrameworkBundle/Client.php Outdated
$context = $firewallContext ?? $firewallName;
$session = $this->getContainer()->get('session');

$token = new UsernamePasswordToken($user, $credentials, $firewallName, $roles);
Copy link
Contributor

@Pierstoval Pierstoval Jul 26, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think creating the token should be put in a private method so we can override it, in case one needs to check different types of authentication modes that create different kinds of tokens.

Copy link
Member

@stof stof Jul 26, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you do realize that a private method cannot be overridden, right ?

Copy link
Contributor

@Pierstoval Pierstoval Jul 26, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I meant protected, I should be a bit tired 😅

Copy link
Member

@stof stof Jul 26, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but then, it should not be in the Client class either (which is not as easy to replace than a method in the TestCase).
And I'm not sure we really need to make it extendable, as everything it does here can be done from outside the client if you have different need.

Copy link
Contributor Author

@geoffrey-brier geoffrey-brier Jul 27, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Pierstoval I believe that if people need a more advanced way to login, they should not rely on this method. IMO, that's a reasonable limitation considering that it will ease most "login" use cases. WDYT ?

stof
stof requested changes Jul 26, 2018
View reviewed changes
Pierstoval
Pierstoval reviewed Jul 26, 2018
View reviewed changes
@Pierstoval
Copy link
Contributor

Pierstoval commented Jul 26, 2018

That's a method I've been using for years in my custom TestCase, but if it's present in the framework directly, I think it should be more customizable to cover more use cases 🤔

@geoffrey-brier geoffrey-brier force-pushed the simplify-testing-protected-resources branch from 47d95ab to d81cdd4 Compare July 27, 2018 08:05
rpkamp
rpkamp reviewed Sep 26, 2018
View reviewed changes
sstok
sstok reviewed Nov 12, 2018
View reviewed changes
@geoffrey-brier geoffrey-brier force-pushed the simplify-testing-protected-resources branch from d81cdd4 to 8a41561 Compare December 14, 2018 16:12
@geoffrey-brier geoffrey-brier force-pushed the simplify-testing-protected-resources branch from 8a41561 to 9ca23a4 Compare December 14, 2018 16:17
@Simperfit
Copy link
Contributor

Simperfit commented Apr 17, 2019

@geoffrey-brier could you rebase ? @stof what is missing ?

@Pierstoval
Copy link
Contributor

Pierstoval commented Apr 17, 2019

About this... After the insertion of the new WebTestCase assertions, I'm starting to think that this method should be in the WebTestCase or in a WebTestCaseLoginTrait-ish trait, and renamed clientLogin(Client $client, ...).

The login process is dependent on the app and should be customizable (token-based login, no User object, etc.), and the Client shouldn't be aware of this IMO. Especially considering the complexity of the overriding process (that is mostly based on copy/pasting the code and adding it to our test cases, since now it's in the Client class).

In my projects I'm using something like this: https://github.com/Pierstoval/PHPUnitWebTestCase, and it allows me to use static::setToken($client, $user), and I would need to improve this to change how the token is created (which I manually do in a few test cases in my project), so having this in core would be a nice optimization.

WDYT?

@nicolas-grekas
Copy link
Member

nicolas-grekas commented Feb 3, 2020

@Pierstoval would you like to take over this PR?
It looks like it misses some test cases also.

@Pierstoval
Copy link
Contributor

Pierstoval commented Feb 5, 2020
edited
Loading

If @geoffrey-brier is okay for me to take the PR, I'll be glad to attempt to finish it :)

@geoffrey-brier
Copy link
Contributor Author

geoffrey-brier commented Feb 5, 2020

Sure, go ahead ;)

@Pierstoval
Copy link
Contributor

Pierstoval commented Feb 7, 2020

@nicolas-grekas I started working on it, rebased everything, moved the methods to the WebTestCase, made some modifications, and pushed on a personal branch: master...Pierstoval:simplify-testing-protected-resources

Should I make a new PR?

@nicolas-grekas
Copy link
Member

nicolas-grekas commented Feb 7, 2020

Sure, please open another PR.

@Pierstoval Pierstoval mentioned this pull request Feb 7, 2020
Closed
@nicolas-grekas
Copy link
Member

nicolas-grekas commented Feb 7, 2020

Continued in #35644
Thank you @geoffrey-brier

@nicolas-grekas nicolas-grekas modified the milestones: next, 5.1 May 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@javiereguiluz javiereguiluz javiereguiluz left review comments

@stof stof stof requested changes

@chalasr chalasr chalasr left review comments

+3 more reviewers

@sstok sstok sstok left review comments

@rpkamp rpkamp rpkamp left review comments

@Pierstoval Pierstoval Pierstoval left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Feature FrameworkBundle Status: Needs Work

Projects

None yet

Milestone

5.1

Development

Successfully merging this pull request may close these issues.

10 participants

@geoffrey-brier @Pierstoval @Simperfit @nicolas-grekas @javiereguiluz @stof @sstok @rpkamp @chalasr @carsonbot