adjust security to symfony 7

symfony-cmf · Feb 17, 2024 · debbd77 · debbd77
1 parent b3c82ff
commit debbd77
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 13 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,10 +1,11 @@
 Changelog
 =========
 
-4.5.0 (unreleased)
+5.0.0 (unreleased)
 
 * Support Symfony 7, drop support for Symfony < 5.4
-* The default framework configuration does not enable validation attributes. No CMF bundle used annotations, we also won't use attributes.
+* The default framework configuration no longer enables validation attributes.
+* The phpcr-odm additional namespace is expected to use attributes rather than annotations.
 
 4.4.2
 -----

diff --git a/resources/config/dist/phpcr_odm.php b/resources/config/dist/phpcr_odm.php
@@ -39,7 +39,7 @@
 
 if (file_exists($phpcrOdmDocDir)) {
     $config['odm']['mappings']['test_additional'] = [
-        'type' => 'annotation',
+        'type' => 'attribute',
         'prefix' => $phpcrOdmDocPrefix,
         'dir' => $phpcrOdmDocDir,
         'is_bundle' => false,

diff --git a/resources/config/dist/security.php b/resources/config/dist/security.php
@@ -10,9 +10,6 @@
  */
 
 $config = [
-    'encoders' => [
-        'Symfony\Component\Security\Core\User\User' => 'plaintext',
-    ],
     'role_hierarchy' => [
         'ROLE_ADMIN' => 'ROLE_USER',
         'ROLE_SUPER_ADMIN' => ['ROLE_USER', 'ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'],
@@ -42,15 +39,15 @@
 
 if (class_exists(\Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider::class)) {
     // Symfony <=5.4
-    $config = array_merge($config, ['firewall' => ['main' => ['anonymous' => null]]]);
-}
-
-if (interface_exists(\Symfony\Component\PasswordHasher\PasswordHasherInterface::class)) {
-    unset($config['encoders']);
     $config = array_merge($config, [
-        'enable_authenticator_manager' => true,
-        'password_hashers' => ['Symfony\Component\Security\Core\User\User' => 'plaintext'],
+        'firewall' => ['main' => ['anonymous' => null]],
+        'encoders' => ['Symfony\Component\Security\Core\User\User' => 'plaintext'],
     ]);
+} elseif (class_exists(\Symfony\Component\Security\Core\Security::class)) {
+        $config = array_merge($config, [
+            'enable_authenticator_manager' => true,
+            'password_hashers' => ['Symfony\Component\Security\Core\User\User' => 'plaintext'],
+        ]);
 }
 
 $container->loadFromExtension('security', $config);