[SecurityBundle] Prevent to login/logout without a request context #53172
Conversation
|
Hey! Oh no, it looks like you have made this PR towards a branch that is not maintained anymore. :/ Cheers! Carsonbot |
|
Hey! Thanks for your PR. You are targeting branch "6.2" but it seems your PR description refers to branch "6.2, 6.3, 6.4, 7.0". Cheers! Carsonbot |
Nyholm
left a comment
Nyholm
left a comment
There was a problem hiding this comment.
Thank you.
I appreciate this change. Can you fix the CS so it is more similar to the rest of the code? I made a comment on the login() but I want you to do the same thing on the logout().
Could I also ask you to write a test for this?
Nyholm
left a comment
Nyholm
left a comment
There was a problem hiding this comment.
Im happy with this PR.
The two new tests is written in the same style like other tests in this class.
I aslo think it is a "bugfix" and not a feature because it solves a hard TypeError.
@xabbuh Let us know if we should update the PR and use a real container instead of the mocked one.
xabbuh
left a comment
xabbuh
left a comment
There was a problem hiding this comment.
Fine for me then. We can change tests in a separate PR.
|
I ended here somehow. And since here I wanted to be useful so i ran the code and the tests, I hope an extra pair of hands doesn't hurt. It all works and the code is clean. I really prefer the explicit $request === null comparison. Sorry for intruding but since I'm here wanted to support the solution. |
|
Thank you. Congratulations to your first Symfony contribution!! And also thank you for all the reviews |
|
It's an honour, thank you very much ! |
|
Dear maintainers, case: question: thanks! |
|
Can you please open a new issue ? Thanks |
9 participants
Using
Security::login()in a context without request throws a type errorSee all details in the issue #53170
In this PR, we prevent to use
Security::login()andSecurity::logout()without a request context, to avoid a fatal error.