From 9ba9120c12ecd732d9ba656963847631df30b62d Mon Sep 17 00:00:00 2001 From: Tavo Nieves J Date: Sun, 13 Dec 2020 12:37:34 -0500 Subject: [PATCH 1/2] Add cookie validation to auth methods --- src/Codeception/Module/Symfony.php | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/src/Codeception/Module/Symfony.php b/src/Codeception/Module/Symfony.php index b04fd121..1a525a5c 100644 --- a/src/Codeception/Module/Symfony.php +++ b/src/Codeception/Module/Symfony.php @@ -1133,7 +1133,14 @@ public function seeRememberedAuthentication(): void $this->fail('There is no user in session'); } - $this->assertTrue($security->isGranted('IS_AUTHENTICATED_REMEMBERED'), 'There is no authenticated user'); + $hasRememberMeCookie = $this->client->getCookieJar()->get('REMEMBERME'); + $hasRememberMeRole = $security->isGranted('IS_AUTHENTICATED_REMEMBERED'); + + $isRemembered = $hasRememberMeCookie && $hasRememberMeRole; + $this->assertTrue( + $isRemembered, + 'User does not have remembered authentication' + ); } /** @@ -1149,9 +1156,13 @@ public function dontSeeRememberedAuthentication(): void /** @var Security $security */ $security = $this->grabService('security.helper'); + $hasRememberMeCookie = $this->client->getCookieJar()->get('REMEMBERME'); + $hasRememberMeRole = $security->isGranted('IS_AUTHENTICATED_REMEMBERED'); + + $isRemembered = $hasRememberMeCookie && $hasRememberMeRole; $this->assertFalse( - $security->isGranted('IS_AUTHENTICATED_REMEMBERED'), - 'There is an user authenticated' + $isRemembered, + 'User does have remembered authentication' ); } From 7487a183d07e0be2ce88421f5fff0c3f77e4700b Mon Sep 17 00:00:00 2001 From: Tavo Nieves J Date: Sun, 13 Dec 2020 12:39:10 -0500 Subject: [PATCH 2/2] use class constants for auth methods roles --- src/Codeception/Module/Symfony.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/Codeception/Module/Symfony.php b/src/Codeception/Module/Symfony.php index 1a525a5c..c2fc4820 100644 --- a/src/Codeception/Module/Symfony.php +++ b/src/Codeception/Module/Symfony.php @@ -39,6 +39,7 @@ use Symfony\Component\Routing\RouterInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; +use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter; use Symfony\Component\Security\Core\Security; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken; @@ -1080,7 +1081,10 @@ public function seeAuthentication(): void $this->fail('There is no user in session'); } - $this->assertTrue($security->isGranted('IS_AUTHENTICATED_FULLY'), 'There is no authenticated user'); + $this->assertTrue( + $security->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_FULLY), + 'There is no authenticated user' + ); } /** @@ -1134,7 +1138,7 @@ public function seeRememberedAuthentication(): void } $hasRememberMeCookie = $this->client->getCookieJar()->get('REMEMBERME'); - $hasRememberMeRole = $security->isGranted('IS_AUTHENTICATED_REMEMBERED'); + $hasRememberMeRole = $security->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $isRemembered = $hasRememberMeCookie && $hasRememberMeRole; $this->assertTrue( @@ -1157,7 +1161,7 @@ public function dontSeeRememberedAuthentication(): void $security = $this->grabService('security.helper'); $hasRememberMeCookie = $this->client->getCookieJar()->get('REMEMBERME'); - $hasRememberMeRole = $security->isGranted('IS_AUTHENTICATED_REMEMBERED'); + $hasRememberMeRole = $security->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $isRemembered = $hasRememberMeCookie && $hasRememberMeRole; $this->assertFalse( @@ -1211,7 +1215,7 @@ public function dontSeeAuthentication(): void $security = $this->grabService('security.helper'); $this->assertFalse( - $security->isGranted('IS_AUTHENTICATED_FULLY'), + $security->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_FULLY), 'There is an user authenticated' ); }