codeconsortium · reecefowell · Sep 21, 2015 · Aug 6, 2015
diff --git a/Component/Authorisation/SecurityManager.php b/Component/Authorisation/SecurityManager.php
@@ -27,7 +27,7 @@
  * @link     https://github.com/codeconsortium/CCDNUserSecurityBundle
  *
  */
-class SecurityManager
+class SecurityManager implements SecurityManagerInterface
 {
     /**
      *
@@ -64,15 +64,10 @@ class SecurityManager
      */
     protected $blockPages;
 
-    const ACCESS_ALLOWED = 0;
-    const ACCESS_DENIED_DEFER = 1;
-    const ACCESS_DENIED_BLOCK = 2;
-
     /**
      *
      * @access public
      * @param \Symfony\Component\HttpFoundation\RequestStack                                $requestStack
-     * @param \Symfony\Bundle\FrameworkBundle\Routing\Router                                $router
      * @param \CCDNUser\SecurityBundle\Component\Authentication\Tracker\LoginFailureTracker $loginFailureTracker
      * @param array                                                                         $routeLogin
      * @param array                                                                         $forceAccountRecovery

diff --git a/Component/Authorisation/SecurityManagerInterface.php b/Component/Authorisation/SecurityManagerInterface.php
@@ -0,0 +1,42 @@
+<?php
+
+/*
+ * This file is part of the CCDNUser SecurityBundle
+ *
+ * (c) CCDN (c) CodeConsortium <http://www.codeconsortium.com/>
+ *
+ * Available on github <http://www.github.com/codeconsortium/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace CCDNUser\SecurityBundle\Component\Authorisation;
+
+use Symfony\Component\HttpFoundation\RequestStack;
+use CCDNUser\SecurityBundle\Component\Authentication\Tracker\LoginFailureTracker;
+
+interface SecurityManagerInterface
+{
+    const ACCESS_ALLOWED = 0;
+    const ACCESS_DENIED_DEFER = 1;
+    const ACCESS_DENIED_BLOCK = 2;
+
+    /**
+     * Constructor
+     *
+     * @access public
+     * @param \Symfony\Component\HttpFoundation\RequestStack                                $requestStack
+     * @param \CCDNUser\SecurityBundle\Component\Authentication\Tracker\LoginFailureTracker $loginFailureTracker
+     * @param array                                                                         $routeLogin
+     * @param array                                                                         $forceAccountRecovery
+     * @param array                                                                         $blockPages
+     */
+    public function __construct(RequestStack $requestStack, LoginFailureTracker $loginFailureTracker, $routeLogin, $forceAccountRecovery, $blockPages);
+
+    /**
+     * @access public
+     * @return int
+     */
+    public function vote();
+}
diff --git a/Component/Authorisation/Voter/ClientLoginVoter.php b/Component/Authorisation/Voter/ClientLoginVoter.php
@@ -13,6 +13,7 @@
 
 namespace CCDNUser\SecurityBundle\Component\Authorisation\Voter;
 
+use CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 
@@ -32,16 +33,16 @@ class ClientLoginVoter implements VoterInterface
     /**
      *
      * @access protected
-     * @var \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager $securityManager
+     * @var \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface $securityManager
      */
     protected $securityManager;
 
     /**
      *
      * @access public
-     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager $loginFailureTracker
+     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface $securityManager
      */
-    public function __construct($securityManager)
+    public function __construct(SecurityManagerInterface $securityManager)
     {
         $this->securityManager = $securityManager;
     }

diff --git a/Component/Listener/BlockingLoginListener.php b/Component/Listener/BlockingLoginListener.php
@@ -13,9 +13,8 @@
 
 namespace CCDNUser\SecurityBundle\Component\Listener;
 
-use CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager;
+use CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
-use Symfony\Component\HttpFoundation\RedirectResponse;
 
 /**
  *
@@ -33,7 +32,7 @@ class BlockingLoginListener
     /**
      *
      * @access protected
-     * @var \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager $securityManager
+     * @var \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface $securityManager
      */
     protected $securityManager;
 
@@ -45,11 +44,10 @@ class BlockingLoginListener
     /**
      *
      * @access public
-     * @param \Symfony\Component\Routing\RouterInterface                                              $router
-     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager                        $loginFailureTracker
+     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface         $securityManager
      * @param \CCDNUser\SecurityBundle\Component\Listener\AccessDeniedExceptionFactoryInterface $exceptionFactory
      */
-    public function __construct(SecurityManager $securityManager, AccessDeniedExceptionFactoryInterface $exceptionFactory)
+    public function __construct(SecurityManagerInterface $securityManager, AccessDeniedExceptionFactoryInterface $exceptionFactory)
     {
         $this->securityManager = $securityManager;
         $this->exceptionFactory = $exceptionFactory;

diff --git a/Component/Listener/DeferLoginListener.php b/Component/Listener/DeferLoginListener.php
@@ -2,7 +2,7 @@
 
 namespace CCDNUser\SecurityBundle\Component\Listener;
 
-use CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager;
+use CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
@@ -27,19 +27,19 @@ class DeferLoginListener
     /**
      *
      * @access protected
-     * @var \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager $securityManager
+     * @var \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface $securityManager
      */
     protected $securityManager;
 
     /**
      *
      * @access public
-     * @param \Symfony\Component\Routing\RouterInterface                        $router
-     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager  $securityManager
-     * @param array                                                             $forceAccountRecovery
+     * @param \Symfony\Component\Routing\RouterInterface                                $router
+     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManagerInterface $securityManager
+     * @param array                                                                     $forceAccountRecovery
      *
      */
-    public function __construct(RouterInterface $router, SecurityManager $securityManager, array $forceAccountRecovery)
+    public function __construct(RouterInterface $router, SecurityManagerInterface $securityManager, array $forceAccountRecovery)
     {
         $this->router               = $router;
         $this->securityManager      = $securityManager;
@@ -52,9 +52,10 @@ public function onKernelRequest(GetResponseEvent $event)
             return;
         }
 
-        $result = $this->securityManager->vote();
+        $securityManager = $this->securityManager; // Avoid the silly cryptic error 'T_PAAMAYIM_NEKUDOTAYIM'
+        $result = $securityManager->vote();
 
-        if ($result === SecurityManager::ACCESS_DENIED_DEFER) {
+        if ($result === $securityManager::ACCESS_DENIED_DEFER) {
             $event->stopPropagation();
 
             $redirectUrl = $this->router->generate(

diff --git a/DependencyInjection/CCDNUserSecurityExtension.php b/DependencyInjection/CCDNUserSecurityExtension.php
@@ -160,6 +160,7 @@ private function getComponentSection(ContainerBuilder $container, $config)
         $container->setParameter('ccdn_user_security.component.authentication.handler.login_failure_handler.class', $config['component']['authentication']['handler']['login_failure_handler']['class']);
         $container->setParameter('ccdn_user_security.component.authentication.tracker.login_failure_tracker.class', $config['component']['authentication']['tracker']['login_failure_tracker']['class']);
 
+        $container->setParameter('ccdn_user_security.component.authorisation.security_manager.class', $config['component']['authorisation']['security_manager']['class']);
         $container->setParameter('ccdn_user_security.component.authorisation.voter.client_login_voter.class', $config['component']['authorisation']['voter']['client_login_voter']['class']);
 
         $container->setParameter('ccdn_user_security.component.listener.blocking_login_listener.class', $config['component']['listener']['blocking_login_listener']['class']);

diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
@@ -305,6 +305,13 @@ private function addComponentSection(ArrayNodeDefinition $node)
                             ->addDefaultsIfNotSet()
                             ->canBeUnset()
                             ->children()
+                                ->arrayNode('security_manager')
+                                    ->addDefaultsIfNotSet()
+                                    ->canBeUnset()
+                                    ->children()
+                                        ->scalarNode('class')->defaultValue('CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager')->end()
+                                    ->end()
+                                ->end()
                                 ->arrayNode('voter')
                                     ->addDefaultsIfNotSet()
                                     ->canBeUnset()

diff --git a/Resources/config/services/components.yml b/Resources/config/services/components.yml
@@ -22,7 +22,7 @@ services:
     # Access Decision Manager
     #
     ccdn_user_security.component.authorisation.security_manager:
-        class: 'CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager'
+        class: %ccdn_user_security.component.authorisation.security_manager.class%
         arguments:
             - @request_stack
             - @ccdn_user_security.component.authentication.tracker.login_failure_tracker