From edb7fbba6b27f779a7de62f2460fdd574c0cb16e Mon Sep 17 00:00:00 2001 From: Yann-BUTSCHER-EIRL Date: Sun, 11 Jun 2023 00:14:32 +0200 Subject: [PATCH] Ref #320: replaced all PasswordEncoder with passwordHasher --- config/packages/framework.yaml | 5 ++- src/Controller/MemberController.php | 59 +++++++++++-------------- src/Controller/PeopleController.php | 10 ++--- src/Controller/ProfileController.php | 8 ++-- src/Controller/UserController.php | 8 ++-- src/DataFixtures/DonationFixtures.php | 2 +- src/DataFixtures/MembershipFixtures.php | 2 +- tests/DataFixtures/ORM/UserFixtures.php | 36 +++++++-------- 8 files changed, 62 insertions(+), 68 deletions(-) diff --git a/config/packages/framework.yaml b/config/packages/framework.yaml index 5e25aa4b..c78003e7 100644 --- a/config/packages/framework.yaml +++ b/config/packages/framework.yaml @@ -1,14 +1,15 @@ framework: secret: '%env(APP_SECRET)%' #csrf_protection: true - #http_method_override: true + http_method_override: false # Enables session support. Note that the session will ONLY be started if you read or write from it. # Remove or comment this section to explicitly disable session support. session: - handler_id: ~ + handler_id: null cookie_secure: auto cookie_samesite: lax + storage_factory_id: session.storage.factory.native #esi: true #fragments: true diff --git a/src/Controller/MemberController.php b/src/Controller/MemberController.php index 2842cee6..a894cfe6 100644 --- a/src/Controller/MemberController.php +++ b/src/Controller/MemberController.php @@ -6,23 +6,22 @@ namespace App\Controller; -use App\Entity\User; use App\Entity\People; use App\Entity\PeopleType; use App\Entity\Address; -use App\Entity\Receipt; use App\Form\MemberType; use App\Form\GenerateTaxReceiptFromYearType; use App\FormDataObject\GenerateTaxReceiptFromYearFDO; -use App\Service\ReceiptService; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Annotation\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; -use Symfony\Component\Form\FormError; use App\FormDataObject\UpdateMemberDataFDO; +use App\Repository\PeopleRepository; +use App\Repository\PeopleTypeRepository; +use App\Repository\ReceiptRepository; +use Doctrine\ORM\EntityManagerInterface; use Symfony\Contracts\Translation\TranslatorInterface; @@ -39,10 +38,9 @@ class MemberController extends AbstractController { * @Route(path="/", name="member_list", methods={"GET"}) * @Security("is_granted('ROLE_GESTION')") */ - public function listAction() { - $em = $this->getDoctrine()->getManager(); + public function list(PeopleRepository $peopleRepository) { - $people = $em->getRepository(People::class)->findWithActiveMembership(); + $people = $peopleRepository->findWithActiveMembership(); $deleteForms = []; foreach ($people as $individual) { @@ -60,15 +58,13 @@ public function listAction() { * Creates a new person entity. * @return views * @param Request $request The request. - * @param UserPasswordEncoderInterface $passwordEncoder Encodes the password. + * @param EntityManagerInterface $entityManager * @Route("/new", name="member_create", methods={"GET", "POST"}) * @Security("is_granted('ROLE_GESTION')") */ - public function createAction(Request $request, UserPasswordEncoderInterface $passwordEncoder, TranslatorInterface $translator) { + public function create(Request $request, TranslatorInterface $translator, EntityManagerInterface $entityManager) { $updateMemberDataFDO = new UpdateMemberDataFDO(); - $em = $this->getDoctrine()->getManager(); - $form = $this->createForm(MemberType::class, $updateMemberDataFDO); $form->handleRequest($request); @@ -80,7 +76,7 @@ public function createAction(Request $request, UserPasswordEncoderInterface $pas $member->setFirstName($updateMemberDataFDO->getFirstName()); $member->setLastName($updateMemberDataFDO->getLastName()); - $type = $em->getRepository(PeopleType::class)->findOneBy([ + $type = $entityManager->getRepository(PeopleType::class)->findOneBy([ 'code' => PeopleType::CONTACT_CODE, ]); if ($updateMemberDataFDO->isContact()) @@ -92,7 +88,7 @@ public function createAction(Request $request, UserPasswordEncoderInterface $pas $member->removeType($type); } - $typeSocialPole = $em->getRepository(PeopleType::class)->findOneBy([ + $typeSocialPole = $entityManager->getRepository(PeopleType::class)->findOneBy([ 'code' => PeopleType::SOCIAL_POLE_CODE, ]); if ($updateMemberDataFDO->needHelp()) @@ -152,9 +148,9 @@ public function createAction(Request $request, UserPasswordEncoderInterface $pas $member->setFirstContactYear($updateMemberDataFDO->getFirstContactYear()); } - $em->persist($address); - $em->persist($member); - $em->flush(); + $entityManager->persist($address); + $entityManager->persist($member); + $entityManager->flush(); $userTranslation = $translator->trans('L\'utilisateurice'); $hasBeenCreatedTranslation = $translator->trans('a été créé.e'); @@ -199,13 +195,11 @@ public function createAction(Request $request, UserPasswordEncoderInterface $pas * @Route("/{id}", name="member_show", methods={"GET", "POST"}) * @Security("is_granted('ROLE_GESTION') || (is_granted('ROLE_INSCRIT_E') && (user.getId() == id))") */ - public function showAction(Request $request, People $individual) { + public function show(Request $request, People $individual, ReceiptRepository $receiptRepository) { $deleteForm = $this->createDeleteForm($individual); - $em = $this->getDoctrine()->getManager(); - // Find fiscal years for which there is receipts to generate - $availableYears = $em->getRepository(Receipt::class)->findAvailableYearsByPeople($individual); + $availableYears = $receiptRepository->findAvailableYearsByPeople($individual); // Creating an empty FDO $generateTaxReceiptFromYearFDO = new GenerateTaxReceiptFromYearFDO(); @@ -234,20 +228,20 @@ public function showAction(Request $request, People $individual) { * @return views * @param Request $request The request. * @param People $individual The user to edit. - * @param UserPasswordEncoderInterface $passwordEncoder Encodes the password. * @Route("/{id}/edit", name="member_edit", methods={"GET", "POST"}) * @Security("is_granted('ROLE_GESTION') || (is_granted('ROLE_INSCRIT_E') && (user.getId() == id))") */ - public function editAction( + public function edit( Request $request, People $individual, - UserPasswordEncoderInterface $passwordEncoder, - TranslatorInterface $translator + TranslatorInterface $translator, + PeopleRepository $peopleRepository, + PeopleTypeRepository $peopleTypeRepository, + EntityManagerInterface $entityManager, ) { $updateMemberDataFDO = UpdateMemberDataFDO::fromMember($individual); - $entityManager = $this->getDoctrine()->getManager(); $deleteForm = $this->createDeleteForm($individual); $editForm = $this->createForm(MemberType::class, $updateMemberDataFDO); $editForm->handleRequest($request); @@ -255,7 +249,7 @@ public function editAction( // Submit change of general infos if ($editForm->isSubmitted() && $editForm->isValid()) { // Get the existing people to keep the sensible data it has if necessary - $individual = $entityManager->getRepository(People::class)->findOneBy([ + $individual = $peopleRepository->findOneBy([ 'id' => $individual->getId(), ]); @@ -263,7 +257,7 @@ public function editAction( $individual->setFirstName($updateMemberDataFDO->getFirstName()); $individual->setLastName($updateMemberDataFDO->getLastName()); - $type = $entityManager->getRepository(PeopleType::class)->findOneBy([ + $type = $peopleTypeRepository->findOneBy([ 'code' => PeopleType::CONTACT_CODE, ]); if ($updateMemberDataFDO->isContact()) @@ -276,7 +270,7 @@ public function editAction( } - $typeSocialPole = $entityManager->getRepository(PeopleType::class)->findOneBy([ + $typeSocialPole = $peopleTypeRepository->findOneBy([ 'code' => PeopleType::SOCIAL_POLE_CODE, ]); if ($updateMemberDataFDO->needHelp()) @@ -380,7 +374,7 @@ public function editAction( * @Route("/{id}", name="member_delete", methods={"DELETE"}) * @Security("is_granted('ROLE_GESTION') || (is_granted('ROLE_INSCRIT_E') && (user.getId() == id))") */ - public function deleteAction(Request $request, People $individual, TranslatorInterface $translator) { + public function delete(Request $request, People $individual, TranslatorInterface $translator, EntityManagerInterface $entityManager) { $form = $this->createDeleteForm($individual); $form->handleRequest($request); @@ -388,9 +382,8 @@ public function deleteAction(Request $request, People $individual, TranslatorInt $firstname = $individual->getFirstName(); $lastname = $individual->getLastName(); - $em = $this->getDoctrine()->getManager(); - $em->remove($individual); - $em->flush(); + $entityManager->remove($individual); + $entityManager->flush(); $dataOfTranslation = $translator->trans('Les informations de'); $hasBeenDeletedTranslation = $translator->trans('ont bien été supprimées'); diff --git a/src/Controller/PeopleController.php b/src/Controller/PeopleController.php index 1fc9a17b..0b362c59 100644 --- a/src/Controller/PeopleController.php +++ b/src/Controller/PeopleController.php @@ -19,7 +19,7 @@ use Symfony\Component\Routing\Annotation\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Form\FormError; use App\FormDataObject\UpdatePeopleDataFDO; use App\FormDataObject\GenerateTaxReceiptFromYearFDO; @@ -85,11 +85,11 @@ public function listContactsAction() { * Creates a new people entity. * @return views * @param Request $request The request. - * @param UserPasswordEncoderInterface $passwordEncoder Encodes the password. + * @param UserPasswordHasherInterface $passwordHasher Encodes the password. * @Route("/new", name="people_create", methods={"GET", "POST"}) * @Security("is_granted('ROLE_GESTION')") */ - public function createAction(Request $request, UserPasswordEncoderInterface $passwordEncoder, TranslatorInterface $translator) { + public function createAction(Request $request, UserPasswordHasherInterface $passwordHasher, TranslatorInterface $translator) { $updatePeopleDataFDO = new UpdatePeopleDataFDO(); $em = $this->getDoctrine()->getManager(); @@ -262,11 +262,11 @@ public function showAction(Request $request, People $people): Response * @return views * @param Request $request The request. * @param People $people The user to edit. - * @param UserPasswordEncoderInterface $passwordEncoder Encodes the password. + * @param UserPasswordHasherInterface $passwordHasher Encodes the password. * @Route("/{id}/edit", name="people_edit", methods={"GET", "POST"}) * @Security("is_granted('ROLE_GESTION') || (is_granted('ROLE_INSCRIT_E') && (user.getId() == id))") */ - public function editAction(Request $request, People $people, UserPasswordEncoderInterface $passwordEncoder,TranslatorInterface $translator) { + public function editAction(Request $request, People $people, UserPasswordHasherInterface $passwordHasher,TranslatorInterface $translator) { $updatePeopleDataFDO = UpdatePeopleDataFDO::fromPeople($people); $entityManager = $this->getDoctrine()->getManager(); diff --git a/src/Controller/ProfileController.php b/src/Controller/ProfileController.php index 307f9666..ae926ae2 100644 --- a/src/Controller/ProfileController.php +++ b/src/Controller/ProfileController.php @@ -17,9 +17,9 @@ use Symfony\Component\Routing\Annotation\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Symfony\Component\Form\FormError; use App\FormDataObject\UpdateUserGeneralDataFDO; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Contracts\Translation\TranslatorInterface; /** @@ -152,11 +152,11 @@ public function editPseudonymAction(Request $request, User $currentUser, Transla * @return views * @param Request $request The request. * @param User $currentUser The user to edit. - * @param UserPasswordEncoderInterface $passwordEncoder Encodes the password. + * @param UserPasswordHasherInterface $passwordHasher Encodes the password. * @Route("/{id}/editpassword", name="profile_edit_password", methods={"GET", "POST"}) * @Security("not is_anonymous() && user.getId() == id") */ - public function editProfileAction(Request $request, User $currentUser, UserPasswordEncoderInterface $passwordEncoder, TranslatorInterface $translator) + public function editProfileAction(Request $request, User $currentUser, UserPasswordHasherInterface $passwordHasher, TranslatorInterface $translator) { if ($currentUser->getPeople() != null) { @@ -185,7 +185,7 @@ public function editProfileAction(Request $request, User $currentUser, UserPassw // If a password is entered and the old password typed in is correct if ($plainPassword !== null && password_verify($plainOldPassword,$oldPassword)) { - $password = $passwordEncoder->encodePassword($currentUser, $plainPassword); + $password = $passwordHasher->hashPassword($currentUser, $plainPassword); $currentUser->setPassword($password); $entityManager->persist($currentUser); diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php index 06c15780..2efbbd73 100644 --- a/src/Controller/UserController.php +++ b/src/Controller/UserController.php @@ -19,7 +19,7 @@ use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Form\FormError; use Symfony\Contracts\Translation\TranslatorInterface; @@ -179,11 +179,11 @@ public function historyAction(User $currentUser) * @return views * @param Request $request The request. * @param User $currentUser The user to edit. - * @param UserPasswordEncoderInterface $passwordEncoder Encodes the password. + * @param UserPasswordHasherInterface $passwordHasher Encodes the password. * @Route("/{id}/edit", name="user_edit", methods={"GET", "POST"}) * @Security("is_granted('ROLE_ADMIN') || (is_granted('ROLE_INSCRIT_E') && (user.getId() == id))") */ - public function editAction(Request $request, User $currentUser, UserPasswordEncoderInterface $passwordEncoder) + public function editAction(Request $request, User $currentUser, UserPasswordHasherInterface $passwordHasher) { $updateUserGeneralDataFDO = UpdateUserGeneralDataFDO::fromUser($currentUser); @@ -271,7 +271,7 @@ public function editAction(Request $request, User $currentUser, UserPasswordEnco // If a password is entered and the old password typed in is correct if ($plainPassword !== null && password_verify($plainOldPassword,$oldPassword)) { - $password = $passwordEncoder->encodePassword($currentUser, $plainPassword); + $password = $passwordHasher->hashPassword($currentUser, $plainPassword); $currentUser->setPassword($password); $this->getDoctrine()->getManager()->persist($currentUser); diff --git a/src/DataFixtures/DonationFixtures.php b/src/DataFixtures/DonationFixtures.php index dd1fbd58..2a76b518 100644 --- a/src/DataFixtures/DonationFixtures.php +++ b/src/DataFixtures/DonationFixtures.php @@ -6,7 +6,7 @@ use Doctrine\Bundle\FixturesBundle\FixtureGroupInterface; use Doctrine\Common\DataFixtures\DependentFixtureInterface; use Doctrine\Persistence\ObjectManager; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Console\Output\ConsoleOutput; use App\Entity\Bank; use App\Entity\Donation; diff --git a/src/DataFixtures/MembershipFixtures.php b/src/DataFixtures/MembershipFixtures.php index 2389005c..019afbe2 100644 --- a/src/DataFixtures/MembershipFixtures.php +++ b/src/DataFixtures/MembershipFixtures.php @@ -7,7 +7,7 @@ use Doctrine\Common\DataFixtures\DependentFixtureInterface; use Doctrine\Persistence\ObjectManager; use Symfony\Component\Console\Output\ConsoleOutput; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use App\Entity\Bank; use App\Entity\Membership; use App\Entity\MembershipType; diff --git a/tests/DataFixtures/ORM/UserFixtures.php b/tests/DataFixtures/ORM/UserFixtures.php index c9c2146d..816f33a7 100644 --- a/tests/DataFixtures/ORM/UserFixtures.php +++ b/tests/DataFixtures/ORM/UserFixtures.php @@ -1,7 +1,7 @@ encoder = $encoder; +// $this->hasher = $hasher; // } // public function load(ObjectManager $manager) @@ -214,7 +214,7 @@ // $userAdminSensible = new User(); // $userAdminSensible->setUsername('adminSensible'); -// $password = $this->encoder->encodePassword($userAdminSensible, 'a'); +// $password = $this->hasher->hashPassword($userAdminSensible, 'a'); // $userAdminSensible->setPassword($password); // $peopleAdminSensible = new People(); @@ -253,7 +253,7 @@ // $userAdmin = new User(); // $userAdmin->setUsername('admin'); -// $password = $this->encoder->encodePassword($userAdmin, 'a'); +// $password = $this->hasher->hashPassword($userAdmin, 'a'); // $userAdmin->setPassword($password); // $peopleAdmin = new People(); @@ -290,7 +290,7 @@ // $userGestionnaireSensible = new User(); // $userGestionnaireSensible->setUsername('gestiSensible'); -// $password = $this->encoder->encodePassword($userGestionnaireSensible, 'a'); +// $password = $this->hasher->hashPassword($userGestionnaireSensible, 'a'); // $userGestionnaireSensible->setPassword($password); // $peopleGestionnaireSensible = new People(); @@ -328,7 +328,7 @@ // $userGestionnaire1 = new User(); // $userGestionnaire1->setUsername('gest1'); -// $password = $this->encoder->encodePassword($userGestionnaire1, 'a'); +// $password = $this->hasher->hashPassword($userGestionnaire1, 'a'); // $userGestionnaire1->setPassword($password); // $peopleGestionnaire1 = new People(); @@ -364,7 +364,7 @@ // $userGestionnaire2 = new User(); // $userGestionnaire2->setUsername('gest2'); -// $password = $this->encoder->encodePassword($userGestionnaire2, 'a'); +// $password = $this->hasher->hashPassword($userGestionnaire2, 'a'); // $userGestionnaire2->setPassword($password); // $peopleGestionnaire2 = new People(); @@ -400,7 +400,7 @@ // $userInformateurice = new User(); // $userInformateurice->setUsername('info'); -// $password = $this->encoder->encodePassword($userInformateurice, 'a'); +// $password = $this->hasher->hashPassword($userInformateurice, 'a'); // $userInformateurice->setPassword($password); // $peopleInformateurice = new People(); @@ -437,7 +437,7 @@ // $peopleAdherentE1 = new People(); -// $password = $this->encoder->encodePassword($userAdherentE1, 'a'); +// $password = $this->hasher->hashPassword($userAdherentE1, 'a'); // $userAdherentE1->setPassword($password); // $peopleAdherentE1->setDenomination($madame); @@ -471,7 +471,7 @@ // $peopleAdherentE2 = new People(); -// $password = $this->encoder->encodePassword($userAdherentE2, 'a'); +// $password = $this->hasher->hashPassword($userAdherentE2, 'a'); // $userAdherentE2->setPassword($password); // $peopleAdherentE2->setDenomination($madame); @@ -503,7 +503,7 @@ // $userAdherentE3 = new User(); // $userAdherentE3->setUsername('adhe3'); -// $password = $this->encoder->encodePassword($userAdherentE3, 'a'); +// $password = $this->hasher->hashPassword($userAdherentE3, 'a'); // $userAdherentE3->setPassword($password); // $peopleAdherentE3 = new People(); @@ -537,7 +537,7 @@ // $userAdherentE4 = new User(); // $userAdherentE4->setUsername('adhe4'); -// $password = $this->encoder->encodePassword($userAdherentE4, 'a'); +// $password = $this->hasher->hashPassword($userAdherentE4, 'a'); // $userAdherentE4->setPassword($password); // $peopleAdherentE4 = new People(); @@ -571,7 +571,7 @@ // $userAdherentE5 = new User(); // $userAdherentE5->setUsername('adhe5'); -// $password = $this->encoder->encodePassword($userAdherentE5, 'a'); +// $password = $this->hasher->hashPassword($userAdherentE5, 'a'); // $userAdherentE5->setPassword($password); // $peopleAdherentE5 = new People(); @@ -606,7 +606,7 @@ // $userAdminUniquement = new User(); // $userAdminUniquement ->setUsername('adminUniquement'); -// $password = $this->encoder->encodePassword($userAdminUniquement, 'a'); +// $password = $this->hasher->hashPassword($userAdminUniquement, 'a'); // $userAdminUniquement->setPassword($password); // $peopleAdminUniquement = new People(); @@ -640,7 +640,7 @@ // $userTest = new User(); // $userTest ->setUsername('test'); -// $password = $this->encoder->encodePassword($userTest, 'a'); +// $password = $this->hasher->hashPassword($userTest, 'a'); // $userTest->setPassword($password); // $peopleTest = new People(); @@ -674,7 +674,7 @@ // $userTest2 = new User(); // $userTest2 ->setUsername('test2'); -// $password = $this->encoder->encodePassword($userTest2, 'a'); +// $password = $this->hasher->hashPassword($userTest2, 'a'); // $userTest2->setPassword($password); // $peopleTest2 = new People();