Add symfony 5.3 build matrix and refactor tests to test against real implementations

acrobat · acrobat · commit 50f1abe64b84 · 2022-02-13T11:34:52.000+01:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -7,17 +7,21 @@ on:
 
 jobs:
     test:
-        name: 'Test ${{ matrix.deps }} on PHP ${{ matrix.php }}'
+        name: 'Test ${{ matrix.deps }}${{ matrix.symfony }} on PHP ${{ matrix.php }}'
         runs-on: ubuntu-latest
 
         strategy:
             fail-fast: false
             matrix:
                 php: ['7.2.5', '7.3', '7.4', '8.0', '8.1']
+                symfony: ['']
                 include:
                     - php: '7.4'
                       deps: lowest
                       deprecations: max[self]=0
+                      composer-flags: '--prefer-lowest'
+                    - php: '7.4'
+                      symfony: '5.3.*'
                     - php: '8.0'
                       deps: highest
 
@@ -29,16 +33,27 @@ jobs:
               uses: shivammathur/setup-php@v2
               with:
                   php-version: '${{ matrix.php }}'
+                  tools: 'flex'
                   coverage: none
 
+            - name: Get Composer Cache Directory
+              id: composer-cache
+              run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+            - uses: actions/cache@v2
+              with:
+                path: ${{ steps.composer-cache.outputs.dir }}
+                key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+                restore-keys: ${{ runner.os }}-composer-
+
             - name: Configure composer
               if: "${{ matrix.deps == 'highest' }}"
               run: composer config minimum-stability dev
 
-            - name: Composer install
-              uses: ramsey/composer-install@v1
-              with:
-                  dependency-versions: '${{ matrix.deps }}'
+            - name: Install Composer Dependencies
+              run: composer update --prefer-dist --no-progress ${{ matrix.composer-flags }}
+              env:
+                  SYMFONY_REQUIRE: '${{ matrix.symfony }}'
 
             - name: Install PHPUnit
               run: vendor/bin/simple-phpunit install
diff --git a/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php b/Tests/Domain/SecurityIdentityRetrievalStrategyTest.php
@@ -16,11 +16,16 @@
 use Symfony\Component\Security\Acl\Domain\SecurityIdentityRetrievalStrategy;
 use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
 use Symfony\Component\Security\Acl\Tests\Fixtures\Account;
+use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
 use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
 use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Authentication\Token\NullToken;
+use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
+use Symfony\Component\Security\Core\Authorization\Voter\CacheableVoterInterface;
 use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
@@ -31,33 +36,12 @@ class SecurityIdentityRetrievalStrategyTest extends TestCase
      */
     public function testGetSecurityIdentities($user, array $roles, string $authenticationStatus, array $sids)
     {
-        $token = class_exists(NullToken::class) ? new NullToken() : new AnonymousToken('', '');
-        if ('anonymous' !== $authenticationStatus) {
-            $class = '';
-            if (\is_string($user)) {
-                $class = 'MyCustomTokenImpl';
-            }
-
-            $token = $this->getMockBuilder(AbstractToken::class)
-                ->setMockClassName($class)
-                ->getMock();
-
-            $token
-                ->expects($this->once())
-                ->method('getRoleNames')
-                ->willReturn(['foo'])
-            ;
-
-            $token
-                ->expects($this->once())
-                ->method('getUser')
-                ->willReturn($user)
-            ;
-        }
-
+        $token = $this->getToken($user, $authenticationStatus, $roles);
         $strategy = $this->getStrategy($roles, $authenticationStatus);
         $extractedSids = $strategy->getSecurityIdentities($token);
 
+        $this->assertEquals($sids, $extractedSids);
+
         foreach ($extractedSids as $index => $extractedSid) {
             if (!isset($sids[$index])) {
                 $this->fail(sprintf('Expected SID at index %d, but there was none.', $index));
@@ -97,26 +81,25 @@ public function testDeprecatedGetSecurityIdentities($user, array $roles, string
         $strategy = $this->getStrategy($roles, $authenticationStatus);
 
         $token
-            ->expects($this->once())
             ->method('getRoleNames')
             ->willReturn(['foo'])
         ;
 
         if ('anonymous' === $authenticationStatus) {
             $token
-                ->expects($this->never())
                 ->method('getUser')
             ;
         } else {
             $token
-                ->expects($this->once())
                 ->method('getUser')
                 ->willReturn($user)
             ;
         }
 
         $extractedSids = $strategy->getSecurityIdentities($token);
 
+        $this->assertEquals($sids, $extractedSids);
+
         foreach ($extractedSids as $index => $extractedSid) {
             if (!isset($sids[$index])) {
                 $this->fail(sprintf('Expected SID at index %d, but there was none.', $index));
@@ -143,7 +126,7 @@ public function getSecurityIdentityRetrievalTests(): array
                 new RoleSecurityIdentity('IS_AUTHENTICATED_FULLY'),
                 new RoleSecurityIdentity('IS_AUTHENTICATED_REMEMBERED'),
             ], $anonymousRoles)],
-            [new CustomUserImpl('johannes'), ['ROLE_FOO'], 'fullFledged', array_merge([
+            [new CustomUserImpl('johannes', ['ROLE_FOO']), ['ROLE_FOO'], 'fullFledged', array_merge([
                 new UserSecurityIdentity('johannes', CustomUserImpl::class),
                 new RoleSecurityIdentity('ROLE_FOO'),
                 new RoleSecurityIdentity('IS_AUTHENTICATED_FULLY'),
@@ -194,83 +177,34 @@ public function getReachableRoleNames(array $roles): array
             }
         };
 
-        $trustResolverMockBuild = $this->getMockBuilder(AuthenticationTrustResolverInterface::class);
-        if (\defined('\Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter::PUBLIC_ACCESS')) {
-            if (method_exists(AuthenticationTrustResolverInterface::class, 'isAuthenticated')) {
-                $trustResolver = $trustResolverMockBuild->getMock();
-            } else {
-                $trustResolver = $trustResolverMockBuild
-                    ->onlyMethods(['isAnonymous', 'isRememberMe', 'isFullFledged'])
-                    ->addMethods(['isAuthenticated'])
-                    ->getMock()
-                ;
-            }
-            $trustResolver
-                ->method('isAuthenticated')
-                ->willReturn('anonymous' !== $authenticationStatus);
-        } else {
-            $trustResolver = $trustResolverMockBuild->getMock();
-            $trustResolver
-                ->method('isAnonymous')
-                ->willReturn('anonymous' === $authenticationStatus);
-        }
+        return new SecurityIdentityRetrievalStrategy($roleHierarchy, new AuthenticationTrustResolver());
+    }
 
-        if ('fullFledged' === $authenticationStatus) {
-            $trustResolver
-                ->expects($this->once())
-                ->method('isFullFledged')
-                ->willReturn(true)
-            ;
-            $trustResolver
-                ->expects($this->never())
-                ->method('isRememberMe')
-            ;
-        } elseif ('rememberMe' === $authenticationStatus) {
-            $trustResolver
-                ->expects($this->once())
-                ->method('isFullFledged')
-                ->willReturn(false)
-            ;
-            $trustResolver
-                ->expects($this->once())
-                ->method('isRememberMe')
-                ->willReturn(true)
-            ;
-        } else {
-            if (method_exists(AuthenticationTrustResolverInterface::class, 'isAuthenticated')) {
-                $trustResolver
-                    ->method('isAuthenticated')
-                    ->willReturn(false)
-                ;
-            } else {
-                $trustResolver
-                    ->method('isAnonymous')
-                    ->willReturn(true);
-            }
+    private function getToken($user, string $authenticationStatus, array $roles): TokenInterface
+    {
+        if ('anonymous' === $authenticationStatus) {
+            return class_exists(NullToken::class) ? new NullToken() : new AnonymousToken('', '');
+        }
 
-            $trustResolver
-                ->expects($this->once())
-                ->method('isFullFledged')
-                ->willReturn(false)
-            ;
-            $trustResolver
-                ->expects($this->once())
-                ->method('isRememberMe')
-                ->willReturn(false)
-            ;
+        if ('rememberMe' === $authenticationStatus) {
+            return new RememberMeToken($user, 'main', 'secret');
         }
 
-        return new SecurityIdentityRetrievalStrategy($roleHierarchy, $trustResolver);
+        $args = interface_exists(CacheableVoterInterface::class) ? [$user, 'main', $roles] : [$user, 'password', 'main', $roles];
+
+        return new UsernamePasswordToken(...$args);
     }
 }
 
 class CustomUserImpl implements UserInterface
 {
     protected $name;
+    protected $roles = [];
 
-    public function __construct($name)
+    public function __construct($name, $roles)
     {
         $this->name = $name;
+        $this->roles = $roles;
     }
 
     public function __toString()
@@ -280,7 +214,7 @@ public function __toString()
 
     public function getRoles(): array
     {
-        return [];
+        return $this->roles;
     }
 
     public function eraseCredentials()
