[DX][SecurityBundle] UserPasswordEncoderCommand: ask user class choice question #20677
Conversation
| @@ -24,7 +24,7 @@ | |||
| "require-dev": { | |||
| "symfony/asset": "~2.8|~3.0", | |||
| "symfony/browser-kit": "~2.8|~3.0", | |||
| "symfony/console": "~2.8|~3.0", | |||
| "symfony/console": "~3.2", | |||
There was a problem hiding this comment.
Required for using CommandTester::setInputs (see https://travis-ci.org/symfony/symfony/jobs/179580451#L3500)
|
|
||
| if (empty($this->userClasses)) { | ||
| if (null === $this->encoderFactory) { | ||
| // BC to be remove and simply keep the exception whenever there is no configured user classes in 4.0 |
| throw new \RuntimeException('There are no configured encoders for the "security" extension.'); | ||
| } | ||
|
|
||
| if (!$input->isInteractive() || count($this->userClasses) === 1) { |
There was a problem hiding this comment.
1 === count($this->userClasses)
|
I'm sorry that the title of my e99cbe7 commit is so ugly. I just used GitHub interface to test the new feature to resolve conflicts. |
|
👍 Status: reviewed. @ogizanagi thanks for this DX improvement. |
|
This PR should be rebased as we don't merge PR with merge commits. |
|
Sorry @javiereguiluz , I don't know what I should have done eventually in order to keep authorship for the conflict resolution. But anyway, thank you for that. PR rebased on master. |
|
The changelog file of the SecurityBundle must be updated too. |
|
@xabbuh : Thanks. I've updated it. Let me know how it can possibly be enhanced. :) |
UPGRADE-4.0.md
Outdated
| SecurityBundle | ||
| -------------- | ||
|
|
||
| * The `UserPasswordEncoderCommand` class does not allow `null` as first argument anymore. |
| public function __construct(EncoderFactoryInterface $encoderFactory = null, array $userClasses = array()) | ||
| { | ||
| if (null === $encoderFactory) { | ||
| @trigger_error(sprintf('Passing null as first argument of "%s" is deprecated since version 3.3 and will be removed in 4.0. If the command was registered by convention, make it a service instead.', __METHOD__), E_USER_DEPRECATED); |
UPGRADE-4.0.md
Outdated
|
|
||
| * The `UserPasswordEncoderCommand` class does not allow `null` as first argument anymore. | ||
|
|
||
| * `UserPasswordEncoderCommand` does not extend `ContainerAwareCommand` nor implement |
There was a problem hiding this comment.
Not sure we need to talk about the class. Not implementing the interface implies that the command cannot be an instance of ContainerAwareCommand anymore.
| 3.3.0 | ||
| ----- | ||
|
|
||
| * Deprecated registering by convention the `UserPasswordEncoderCommand` command |
There was a problem hiding this comment.
Is this deprecation necessary? The command will be registered by the SecurityBundle anyway, won't it?
There was a problem hiding this comment.
It's more about extending the command and registering it from another bundle actually. Can be rephrased I guess.
|
I think this one is ready :) |
|
@ogizanagi I've tested this and it works nice! Thanks. I'm not sure this idea belongs to this PR, but the list of user classes maybe could be sorted alphabetically to make it easier to find them. At the moment the are displayed in the same order as defined in the security file:
|
|
@javiereguiluz : That's a nice suggestion indeed. I've updated the code to use |
| return reset($this->userClasses); | ||
| } | ||
|
|
||
| $userClasses = $this->userClasses; |
There was a problem hiding this comment.
$userClasses = array_values($this->userClasses);
natcasesort($userClasses);?
There was a problem hiding this comment.
natcasesort preserves keys. Hence the array_values call afterwards :)
| /** | ||
| * {@inheritdoc} | ||
| */ | ||
| protected function configure() | ||
| { | ||
| $this | ||
| ->setName('security:encode-password') |
There was a problem hiding this comment.
Should be kept and the call in __construct changed to: parent::__construct(null);
| If you execute the command non-interactively, the default Symfony User class | ||
| is used and a random salt is generated to encode the password: | ||
| If you execute the command non-interactively, the first available configured user class under | ||
| the security.encoders key is used and a random salt is generated to encode the password: |
There was a problem hiding this comment.
security.encoders could be wrapped with a <comment> tag
| If you execute the command non-interactively, the default Symfony User class | ||
| is used and a random salt is generated to encode the password: | ||
| If you execute the command non-interactively, the first available configured | ||
| user class under the <comment>security.encoders</comment> key is used and a |
There was a problem hiding this comment.
You should split lines at 80 chars (excluding the tags)
|
Thank you @ogizanagi. |
…ser class choice question (ogizanagi) This PR was merged into the 3.3-dev branch. Discussion ---------- [DX][SecurityBundle] UserPasswordEncoderCommand: ask user class choice question | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | N/A | License | MIT | Doc PR | N/A Typing the user class is quite annoying so I'd suggest to ask the user to select it using a choice question. This changes however requires to inject configured encoders' user classes. Making the command a service and providing it in the constructor from the extension is probably the cleanest way, but it deprecates: - registering the command by convention (registered as a service now, so potential commands extending this one should do the same) - relying on the fact the command extends `ContainerAwareCommand` and implements `ContainerAwareInterface` (will not extends/implements it anymore in 4.0 because it's not required anymore) Commits ------- 366aefd [SecurityBundle] UserPasswordEncoderCommand: ask user class choice question
Typing the user class is quite annoying so I'd suggest to ask the user to select it using a choice question.
This changes however requires to inject configured encoders' user classes. Making the command a service and providing it in the constructor from the extension is probably the cleanest way, but it deprecates:
ContainerAwareCommandand implementsContainerAwareInterface(will not extends/implements it anymore in 4.0 because it's not required anymore)