Added UserLoaderInterface for loading users through Doctrine. #15947
Conversation
| } | ||
|
|
||
| if ($this->repository instanceof UserProviderInterface) { | ||
| @trigger_error('Implementing loadUserByUsername from Symfony\Component\Security\Core\User\UserProviderInterface is deprecated since version 2.7 and will be removed in 3.0. Use the Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface instead.', E_USER_DEPRECATED); |
There was a problem hiding this comment.
I am not sure if the deprecation message is right here. Also what should be the Symfony version stated in this message? And if this behaviour will in fact be deprecated should I add a phpdoc comment with deprecation notice next to the loadUserByUsername method in UserProviderInterface?
There was a problem hiding this comment.
This should be triggered only if the class does not implement UserLoaderInterface, to be able to implement both interfaces in case you need to keep BC with older versions
|
There's also logic down in |
|
Maybe we can bring up this issue as a discussion again: #5678 |
|
@weaverryan the whole point is that you should not change the way the user is refreshed. Refreshing is done by primary key on purpose, to avoid a security issue in case your username is mutable. this is precisely why we provide a dedicated new way |
|
This should go in the 2.8 branch when merging though. It is a new feature. |
| * method is asked to load the UserInterface object for the given username | ||
| * (via loadUserByUsername) so that the rest of the process can continue. | ||
| * | ||
| * Internally, a user provider can load users from any source (databases, |
There was a problem hiding this comment.
this description is wrong. The UserLoaderInterface is meant to load objects from Doctrine
There was a problem hiding this comment.
I changed the description of the interface. I hope now it's more appropriate.
36ac3e4 to
e2cc24d
Compare
| @@ -54,8 +54,15 @@ public function loadUserByUsername($username) | |||
| if (null !== $this->property) { | |||
| $user = $this->repository->findOneBy(array($this->property => $username)); | |||
| } else { | |||
| if (!$this->repository instanceof UserProviderInterface) { | |||
| throw new \InvalidArgumentException(sprintf('The Doctrine repository "%s" must implement UserProviderInterface.', get_class($this->repository))); | |||
| if (!$this->repository instanceof UserLoaderInterface) { | |||
There was a problem hiding this comment.
I rephrased the clause a bit as the deprecation warning should be thrown if the UserLoaderInterface is not being implemented.
|
@stof If it's not a problem I will close this PR and open another one for the |
|
@mtrojanowski not really needed as we can switch branch with our merging tool |
65b9708 to
e32fcc0
Compare
|
@stof Great :) Do you think anything else need to be fixed here? |
| throw new \InvalidArgumentException(sprintf( | ||
| 'The Doctrine repository "%s" must implement UserLoaderInterface.', | ||
| get_class($this->repository) | ||
| )); |
| throw new \InvalidArgumentException(sprintf('The Doctrine repository "%s" must implement UserProviderInterface.', get_class($this->repository))); | ||
| if (!$this->repository instanceof UserLoaderInterface) { | ||
| if (!$this->repository instanceof UserProviderInterface) { | ||
| throw new \InvalidArgumentException(sprintf('The Doctrine repository "%s" must implement UserLoaderInterface.', get_class($this->repository))); |
There was a problem hiding this comment.
I think you should include the namespace in the interface name.
|
👍 ping @symfony/deciders |
| * | ||
| * @see UsernameNotFoundException | ||
| * | ||
| * @throws UsernameNotFoundException if the user is not found |
There was a problem hiding this comment.
I'm wondering whether we should ask people to throw this exception themselves, or just return UserInterface|null. the EntityUserProvider already handles the case of null anyway, and this would be more in line with the way Doctrine return values work (this would allow to implement it as a findOneBy() call for instance)
|
@mtrojanowski Can you add some tests? |
| * | ||
| * @param string $username The username | ||
| * | ||
| * @return UserInterface |
There was a problem hiding this comment.
Should be @return UserInterface|null
|
@mtrojanowski Looks good now, can you add some tests for this new feature? |
|
You should also add a note in the CHANGELOG file of the Doctrine Bridge. |
|
@fabpot I added some tests for the EntityUserProvider that check if proper interface is being used. I will also add a note to CHANGELOG. |
|
Thank you @mtrojanowski. |
…ctrine. (mtrojanowski) This PR was submitted for the 2.7 branch but it was merged into the 2.8 branch instead (closes #15947). Discussion ---------- Added UserLoaderInterface for loading users through Doctrine. | Q | A | ------------- | --- | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | #11157 | License | MIT | Doc PR | symfony/symfony-docs#4543 Based on the @weaverryan and @stof propositions from [this](#12733 (comment)) discussion I created a new interface in the Doctrine Bridge which can be used to more easily implement a repository capable of returning a User. Commits ------- a8d3d12 Added UserLoaderInterface for loading users through Doctrine.
Based on the @weaverryan and @stof propositions from this discussion I created a new interface in the Doctrine Bridge which can be used to more easily implement a repository capable of returning a User.