[SecurityBundle][Profiler] Give info about called security listeners in profiler #23105
Conversation
f633d9e to
eb6f6b8
Compare
eb6f6b8 to
0450bd4
Compare
| @@ -56,4 +56,12 @@ public function onKernelFinishRequest(FinishRequestEvent $event) | |||
|
|
|||
| parent::onKernelFinishRequest($event); | |||
| } | |||
|
|
|||
| /** | |||
| * @internal | |||
There was a problem hiding this comment.
I think it's OK to not atg this as internal (same below)
493097e to
813ce0a
Compare
| */ | ||
| public function __construct(TokenStorageInterface $tokenStorage = null, RoleHierarchyInterface $roleHierarchy = null, LogoutUrlGenerator $logoutUrlGenerator = null, AccessDecisionManagerInterface $accessDecisionManager = null, FirewallMapInterface $firewallMap = null) | ||
| public function __construct(TokenStorageInterface $tokenStorage = null, RoleHierarchyInterface $roleHierarchy = null, LogoutUrlGenerator $logoutUrlGenerator = null, AccessDecisionManagerInterface $accessDecisionManager = null, TraceableFirewallListener $firewall = null) |
There was a problem hiding this comment.
This is a BC break, right? What about removing the typehint for now with proper deprecation and BC support, and re-add it on 4.0?
There was a problem hiding this comment.
Seems like. We could also inject both FirewallMap and TraceableFirewallListener distinctively, removing the getter added here. WDYT?
There was a problem hiding this comment.
Looks good to me to inject both and remove the getter, yes.
|
|
||
| public function getInfo() | ||
| { | ||
| $pretty = get_class($this->listener); |
There was a problem hiding this comment.
- $pretty
+ $class? (I spotted this comes from Symfony\Component\EventDispatcher\Debug\WrappedListener, but there isn't the same treatment here. Let's be more explicit). Do you even need it ?
There was a problem hiding this comment.
I started suffixing by ::handle() for finally removing it, ok for $class
There was a problem hiding this comment.
I don't need it :) good catch
48f5e96 to
1f36aa8
Compare
|
Comments addressed. Build failure on deps=high is normal because the security component is updated here. |
| @@ -14,6 +14,7 @@ | |||
| <argument type="service" id="security.logout_url_generator" /> | |||
| <argument type="service" id="security.access.decision_manager" /> | |||
| <argument type="service" id="security.firewall.map" /> | |||
| <argument type="service" id="security.firewall" /> | |||
There was a problem hiding this comment.
If you don't inject explicitly debug.security.firewall here, you can't typehint TraceableFirewallListener, but should add an instanceof check in the collector, otherwise it'll break in non debug mode when the TraceableFirewallListener does not decorates security.firewall (I still don't get why we would have collectors in non-debug mode though...).
IMHO, it's better to keep your collector as you did, but inject debug.security.firewall with on-invalid="null" here.
There was a problem hiding this comment.
updated to inject debug.security.firewall or null as suggested
b549295 to
6065367
Compare
|
This is ready. |
f4be835 to
aef1b6f
Compare
| * | ||
| * @author Robin Chalas <robin.chalas@gmail.com> | ||
| * | ||
| * @final since version 3.4 |
There was a problem hiding this comment.
Why are you using the tag here instead of marking the class as being final directly?
There was a problem hiding this comment.
To ease maintenance while keeping extensibility: one could add more info per listener and if a day we don't need this method for dumping the object, the breaking change would be free
There was a problem hiding this comment.
I don't get it. This class could even be marked as being internal. I would definitely mark it as final.
| * | ||
| * @author Robin Chalas <robin.chalas@gmail.com> | ||
| * | ||
| * @final since version 3.4 |
| */ | ||
| class WrappedListener implements ListenerInterface | ||
| { | ||
| public $response; |
aef1b6f to
a7514fc
Compare
| @@ -10,5 +10,11 @@ | |||
| <service id="debug.security.access.decision_manager" class="Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager" decorates="security.access.decision_manager"> | |||
| <argument type="service" id="debug.security.access.decision_manager.inner" /> | |||
| </service> | |||
|
|
|||
| <service id="debug.security.firewall" class="Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener" decorates="security.firewall" public="true"> | |||
There was a problem hiding this comment.
this service should not be public. There is no reason to do a `$container->get('debug.security.firewall')
There was a problem hiding this comment.
done but that means the bundle needs a conflict for the dispatcher as event subscribers must be public before 3.3
| @@ -10,5 +10,11 @@ | |||
| <service id="debug.security.access.decision_manager" class="Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager" decorates="security.access.decision_manager"> | |||
| <argument type="service" id="debug.security.access.decision_manager.inner" /> | |||
| </service> | |||
|
|
|||
| <service id="debug.security.firewall" class="Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener" decorates="security.firewall" public="true"> | |||
There was a problem hiding this comment.
Using a decorator is weird here, as it does not perform decoration actually (it never uses the inner service).
c72a273 to
3ff46f1
Compare
3ff46f1 to
e767231
Compare
e767231 to
369f19f
Compare
|
rebased |
|
Thank you @chalasr. |
…rity listeners in profiler (chalasr) This PR was merged into the 3.4 branch. Discussion ---------- [SecurityBundle][Profiler] Give info about called security listeners in profiler | Q | A | ------------- | --- | Branch? | 3.4 | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #11134 | License | MIT | Doc PR | n/a Currently the profiler gives no info about security listeners (see fixed ticket), this displays each called listener with the time spent at calling it and its response if any.  Commits ------- 369f19f Give info about called security listeners in profiler
Currently the profiler gives no info about security listeners (see fixed ticket), this displays each called listener with the time spent at calling it and its response if any.