15763634671

Committed 19 Jun 2025 05:47PM UTC coverage: 84.375%. Remained the same

Build Type

push

github

Committed by

Commit Message

SimpleAuthenticator: passwords can be hashed

Run Details

2 of 2 new or added lines in 1 file covered. (100.0%)

44 existing lines in 5 files now uncovered.

486 of 576 relevant lines covered (84.38%)

0.84 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

97.14

/src/Bridges/SecurityDI/SecurityExtension.php

<?php

/**
 * This file is part of the Nette Framework (https://nette.org)
 * Copyright (c) 2004 David Grudl (https://davidgrudl.com)
 */

declare(strict_types=1);

namespace Nette\Bridges\SecurityDI;

use Nette;
use Nette\Schema\Expect;
use Tracy;
use function is_array;


/**
 * Security extension for Nette DI.
 */
class SecurityExtension extends Nette\DI\CompilerExtension
{
        private bool $debugMode;


        public function __construct(bool $debugMode = false)
        {
                $this->debugMode = $debugMode;
        }


        public function getConfigSchema(): Nette\Schema\Schema
        {
                return Expect::structure([
                        'debugger' => Expect::bool(),
                        'users' => Expect::arrayOf(
                                Expect::anyOf(
                                        Expect::string()->dynamic(), // user => password
                                        Expect::structure([ // user => password + roles + data
                                                'password' => Expect::string()->dynamic(),
                                                'roles' => Expect::anyOf(Expect::string(), Expect::listOf('string')),
                                                'data' => Expect::array(),
                                        ])->castTo('array'),
                                ),
                        ),
                        'roles' => Expect::arrayOf('string|array|null'), // role => parent(s)
                        'resources' => Expect::arrayOf('string|null'), // resource => parent
                        'authentication' => Expect::structure([
                                'storage' => Expect::anyOf('session', 'cookie')->default('session'),
                                'expiration' => Expect::string()->dynamic(),
                                'cookieName' => Expect::string(),
                                'cookieDomain' => Expect::string(),
                                'cookieSamesite' => Expect::anyOf('Lax', 'Strict', 'None'),
                        ]),
                ]);
        }


        public function loadConfiguration(): void
        {
                /** @var object{debugger: bool, users: array, roles: array, resources: array, authentication: \stdClass} $config */
                $config = $this->config;
                $builder = $this->getContainerBuilder();

                $builder->addDefinition($this->prefix('passwords'))
                        ->setFactory(Nette\Security\Passwords::class);

                $auth = $config->authentication;
                $storage = $builder->addDefinition($this->prefix('userStorage'))
                        ->setType(Nette\Security\UserStorage::class)
                        ->setFactory([
                                'session' => Nette\Bridges\SecurityHttp\SessionStorage::class,
                                'cookie' => Nette\Bridges\SecurityHttp\CookieStorage::class,
                        ][$auth->storage]);

                if ($auth->storage === 'cookie') {
                        if ($auth->cookieDomain === 'domain') {
                                $auth->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');
                        }

                        $storage->addSetup('setCookieParameters', [$auth->cookieName, $auth->cookieDomain, $auth->cookieSamesite]);
                }

                $user = $builder->addDefinition($this->prefix('user'))
                        ->setFactory(Nette\Security\User::class);

                if ($auth->expiration) {
                        $user->addSetup('setExpiration', [$auth->expiration]);
                }

                if ($config->users) {
                        $usersList = $usersRoles = $usersData = [];
                        foreach ($config->users as $username => $data) {
                                $data = is_array($data) ? $data : ['password' => $data];
                                $usersList[$username] = $data['password'];
                                $usersRoles[$username] = $data['roles'] ?? null;
                                $usersData[$username] = $data['data'] ?? [];
                        }

                        $builder->addDefinition($this->prefix('authenticator'))
                                ->setType(Nette\Security\Authenticator::class)
                                ->setFactory(Nette\Security\SimpleAuthenticator::class, [$usersList, $usersRoles, $usersData]);

                        if ($this->name === 'security') {
                                $builder->addAlias('nette.authenticator', $this->prefix('authenticator'));
                        }
                }

                if ($config->roles || $config->resources) {
                        $authorizator = $builder->addDefinition($this->prefix('authorizator'))
                                ->setType(Nette\Security\Authorizator::class)
                                ->setFactory(Nette\Security\Permission::class);

                        foreach ($config->roles as $role => $parents) {
                                $authorizator->addSetup('addRole', [$role, $parents]);
                        }

                        foreach ($config->resources as $resource => $parents) {
                                $authorizator->addSetup('addResource', [$resource, $parents]);
                        }

                        if ($this->name === 'security') {
                                $builder->addAlias('nette.authorizator', $this->prefix('authorizator'));
                        }
                }

                if ($this->name === 'security') {
                        $builder->addAlias('user', $this->prefix('user'));
                        $builder->addAlias('nette.userStorage', $this->prefix('userStorage'));
                }
        }


        public function beforeCompile(): void
        {
                $builder = $this->getContainerBuilder();

                if (
                        $this->debugMode &&
                        ($this->config->debugger ?? $builder->getByType(Tracy\Bar::class))
                ) {
                        $builder->getDefinition($this->prefix('user'))->addSetup('@Tracy\Bar::addPanel', [
                                new Nette\DI\Definitions\Statement(Nette\Bridges\SecurityTracy\UserPanel::class),
                        ]);
                }
        }
}

1	<?php
2
3	/**
4	* This file is part of the Nette Framework (https://nette.org)
5	* Copyright (c) 2004 David Grudl (https://davidgrudl.com)
6	*/
7
8	declare(strict_types=1);
9
10	namespace Nette\Bridges\SecurityDI;
11
12	use Nette;
13	use Nette\Schema\Expect;
14	use Tracy;
15	use function is_array;
16
17
18	/**
19	* Security extension for Nette DI.
20	*/
21	class SecurityExtension extends Nette\DI\CompilerExtension
22	{
23	private bool $debugMode;
24
25
26	public function __construct(bool $debugMode = false)	1✔
27	{
28	$this->debugMode = $debugMode;	1✔
29	}	1✔
30
31
32	public function getConfigSchema(): Nette\Schema\Schema
33	{
34	return Expect::structure([	1✔
35	'debugger' => Expect::bool(),	1✔
36	'users' => Expect::arrayOf(	1✔
37	Expect::anyOf(	1✔
38	Expect::string()->dynamic(), // user => password	1✔
39	Expect::structure([ // user => password + roles + data	1✔
40	'password' => Expect::string()->dynamic(),	1✔
41	'roles' => Expect::anyOf(Expect::string(), Expect::listOf('string')),	1✔
42	'data' => Expect::array(),	1✔
43	])->castTo('array'),	1✔
44	),
45	),
46	'roles' => Expect::arrayOf('string\|array\|null'), // role => parent(s)	1✔
47	'resources' => Expect::arrayOf('string\|null'), // resource => parent	1✔
48	'authentication' => Expect::structure([	1✔
49	'storage' => Expect::anyOf('session', 'cookie')->default('session'),	1✔
50	'expiration' => Expect::string()->dynamic(),	1✔
51	'cookieName' => Expect::string(),	1✔
52	'cookieDomain' => Expect::string(),	1✔
53	'cookieSamesite' => Expect::anyOf('Lax', 'Strict', 'None'),	1✔
54	]),
55	]);
56	}
57
58
59	public function loadConfiguration(): void
60	{
61	/** @var object{debugger: bool, users: array, roles: array, resources: array, authentication: \stdClass} $config */
62	$config = $this->config;	1✔
63	$builder = $this->getContainerBuilder();	1✔
64
65	$builder->addDefinition($this->prefix('passwords'))	1✔
66	->setFactory(Nette\Security\Passwords::class);	1✔
67
68	$auth = $config->authentication;	1✔
69	$storage = $builder->addDefinition($this->prefix('userStorage'))	1✔
70	->setType(Nette\Security\UserStorage::class)	1✔
71	->setFactory([	1✔
72	'session' => Nette\Bridges\SecurityHttp\SessionStorage::class,
73	'cookie' => Nette\Bridges\SecurityHttp\CookieStorage::class,
74	][$auth->storage]);	1✔
75
76	if ($auth->storage === 'cookie') {	1✔
77	if ($auth->cookieDomain === 'domain') {	1✔
78	$auth->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');	1✔
79	}
80
81	$storage->addSetup('setCookieParameters', [$auth->cookieName, $auth->cookieDomain, $auth->cookieSamesite]);	1✔
82	}
83
84	$user = $builder->addDefinition($this->prefix('user'))	1✔
85	->setFactory(Nette\Security\User::class);	1✔
86
87	if ($auth->expiration) {	1✔
88	$user->addSetup('setExpiration', [$auth->expiration]);	1✔
89	}
90
91	if ($config->users) {	1✔
92	$usersList = $usersRoles = $usersData = [];	1✔
93	foreach ($config->users as $username => $data) {	1✔
94	$data = is_array($data) ? $data : ['password' => $data];	1✔
95	$usersList[$username] = $data['password'];	1✔
96	$usersRoles[$username] = $data['roles'] ?? null;	1✔
97	$usersData[$username] = $data['data'] ?? [];	1✔
98	}
99
100	$builder->addDefinition($this->prefix('authenticator'))	1✔
101	->setType(Nette\Security\Authenticator::class)	1✔
102	->setFactory(Nette\Security\SimpleAuthenticator::class, [$usersList, $usersRoles, $usersData]);	1✔
103
104	if ($this->name === 'security') {	1✔
105	$builder->addAlias('nette.authenticator', $this->prefix('authenticator'));	1✔
106	}
107	}
108
109	if ($config->roles \|\| $config->resources) {	1✔
110	$authorizator = $builder->addDefinition($this->prefix('authorizator'))	1✔
111	->setType(Nette\Security\Authorizator::class)	1✔
112	->setFactory(Nette\Security\Permission::class);	1✔
113
114	foreach ($config->roles as $role => $parents) {	1✔
115	$authorizator->addSetup('addRole', [$role, $parents]);	1✔
116	}
117
118	foreach ($config->resources as $resource => $parents) {	1✔
119	$authorizator->addSetup('addResource', [$resource, $parents]);	1✔
120	}
121
122	if ($this->name === 'security') {	1✔
123	$builder->addAlias('nette.authorizator', $this->prefix('authorizator'));	1✔
124	}
125	}
126
127	if ($this->name === 'security') {	1✔
128	$builder->addAlias('user', $this->prefix('user'));	1✔
129	$builder->addAlias('nette.userStorage', $this->prefix('userStorage'));	1✔
130	}
131	}	1✔
132
133
134	public function beforeCompile(): void
135	{
136	$builder = $this->getContainerBuilder();	1✔
137
138	if (
139	$this->debugMode &&	1✔
140	($this->config->debugger ?? $builder->getByType(Tracy\Bar::class))	1✔
141	) {
142	$builder->getDefinition($this->prefix('user'))->addSetup('@Tracy\Bar::addPanel', [	×
UNCOV 143	new Nette\DI\Definitions\Statement(Nette\Bridges\SecurityTracy\UserPanel::class),	×
144	]);
145	}
146	}	1✔
147	}

nette / security / 15763634671

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous