22292327079

Committed 23 Feb 2026 03:53AM UTC coverage: 91.812% (-0.01%) from 91.826%

Build Type

push

github

Committed by

Commit Message

User: deprecated magic properties (BC break)

Run Details

527 of 574 relevant lines covered (91.81%)

0.92 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

95.71

/src/Bridges/SecurityDI/SecurityExtension.php

<?php declare(strict_types=1);

/**
 * This file is part of the Nette Framework (https://nette.org)
 * Copyright (c) 2004 David Grudl (https://davidgrudl.com)
 */

namespace Nette\Bridges\SecurityDI;

use Nette;
use Nette\Schema\Expect;
use Tracy;
use function is_array;


/**
 * Security extension for Nette DI.
 */
class SecurityExtension extends Nette\DI\CompilerExtension
{
        public function __construct(
                private readonly bool $debugMode = false,
        ) {
        }


        public function getConfigSchema(): Nette\Schema\Schema
        {
                return Expect::structure([
                        'debugger' => Expect::bool(),
                        'users' => Expect::arrayOf(
                                Expect::anyOf(
                                        Expect::string()->dynamic(), // user => password
                                        Expect::structure([ // user => password + roles + data
                                                'password' => Expect::string()->dynamic(),
                                                'roles' => Expect::anyOf(Expect::string(), Expect::listOf('string')),
                                                'data' => Expect::array(),
                                        ])->castTo('array'),
                                ),
                        ),
                        'roles' => Expect::arrayOf('string|array|null'), // role => parent(s)
                        'resources' => Expect::arrayOf('string|null'), // resource => parent
                        'authentication' => Expect::structure([
                                'storage' => Expect::anyOf('session', 'cookie')->default('session'),
                                'expiration' => Expect::string()->dynamic(),
                                'cookieName' => Expect::string(),
                                'cookieDomain' => Expect::string(),
                                'cookieSamesite' => Expect::anyOf('Lax', 'Strict', 'None'),
                        ]),
                ]);
        }


        public function loadConfiguration(): void
        {
                /** @var object{debugger: bool, users: array<string, string|array{password: string, roles?: string|string[], data?: array<string, mixed>}>, roles: array<string, string|string[]|null>, resources: array<string, string|null>, authentication: \stdClass} $config */
                $config = $this->config;
                $builder = $this->getContainerBuilder();

                $builder->addDefinition($this->prefix('passwords'))
                        ->setFactory(Nette\Security\Passwords::class);

                $auth = $config->authentication;
                $storage = $builder->addDefinition($this->prefix('userStorage'))
                        ->setType(Nette\Security\UserStorage::class)
                        ->setFactory([
                                'session' => Nette\Bridges\SecurityHttp\SessionStorage::class,
                                'cookie' => Nette\Bridges\SecurityHttp\CookieStorage::class,
                        ][$auth->storage]);

                if ($auth->storage === 'cookie') {
                        if ($auth->cookieDomain === 'domain') {
                                $auth->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');
                        }

                        $storage->addSetup('setCookieParameters', [$auth->cookieName, $auth->cookieDomain, $auth->cookieSamesite]);
                }

                $user = $builder->addDefinition($this->prefix('user'))
                        ->setFactory(Nette\Security\User::class);

                if ($auth->expiration) {
                        $user->addSetup('setExpiration', [$auth->expiration]);
                }

                if ($config->users) {
                        $usersList = $usersRoles = $usersData = [];
                        foreach ($config->users as $username => $data) {
                                $data = is_array($data) ? $data : ['password' => $data];
                                $usersList[$username] = $data['password'];
                                $usersRoles[$username] = $data['roles'] ?? null;
                                $usersData[$username] = $data['data'] ?? [];
                        }

                        $builder->addDefinition($this->prefix('authenticator'))
                                ->setType(Nette\Security\Authenticator::class)
                                ->setFactory(Nette\Security\SimpleAuthenticator::class, [$usersList, $usersRoles, $usersData]);

                        if ($this->name === 'security') {
                                $builder->addAlias('nette.authenticator', $this->prefix('authenticator'));
                        }
                }

                if ($config->roles || $config->resources) {
                        $authorizator = $builder->addDefinition($this->prefix('authorizator'))
                                ->setType(Nette\Security\Authorizator::class)
                                ->setFactory(Nette\Security\Permission::class);

                        foreach ($config->roles as $role => $parents) {
                                $authorizator->addSetup('addRole', [$role, $parents]);
                        }

                        foreach ($config->resources as $resource => $parents) {
                                $authorizator->addSetup('addResource', [$resource, $parents]);
                        }

                        if ($this->name === 'security') {
                                $builder->addAlias('nette.authorizator', $this->prefix('authorizator'));
                        }
                }

                if ($this->name === 'security') {
                        $builder->addAlias('user', $this->prefix('user'));
                        $builder->addAlias('nette.userStorage', $this->prefix('userStorage'));
                }
        }


        public function beforeCompile(): void
        {
                $builder = $this->getContainerBuilder();

                if (
                        $this->debugMode &&
                        ($this->config->debugger ?? $builder->getByType(Tracy\Bar::class))
                ) {
                        $definition = $builder->getDefinition($this->prefix('user'));
                        assert($definition instanceof Nette\DI\Definitions\ServiceDefinition);
                        $definition->addSetup('@Tracy\Bar::addPanel', [
                                new Nette\DI\Definitions\Statement(Nette\Bridges\SecurityTracy\UserPanel::class),
                        ]);
                }
        }
}

1	<?php declare(strict_types=1);
2
3	/**
4	* This file is part of the Nette Framework (https://nette.org)
5	* Copyright (c) 2004 David Grudl (https://davidgrudl.com)
6	*/
7
8	namespace Nette\Bridges\SecurityDI;
9
10	use Nette;
11	use Nette\Schema\Expect;
12	use Tracy;
13	use function is_array;
14
15
16	/**
17	* Security extension for Nette DI.
18	*/
19	class SecurityExtension extends Nette\DI\CompilerExtension
20	{
21	public function __construct(	1✔
22	private readonly bool $debugMode = false,
23	) {
24	}	1✔
25
26
27	public function getConfigSchema(): Nette\Schema\Schema
28	{
29	return Expect::structure([	1✔
30	'debugger' => Expect::bool(),	1✔
31	'users' => Expect::arrayOf(	1✔
32	Expect::anyOf(	1✔
33	Expect::string()->dynamic(), // user => password	1✔
34	Expect::structure([ // user => password + roles + data	1✔
35	'password' => Expect::string()->dynamic(),	1✔
36	'roles' => Expect::anyOf(Expect::string(), Expect::listOf('string')),	1✔
37	'data' => Expect::array(),	1✔
38	])->castTo('array'),	1✔
39	),
40	),
41	'roles' => Expect::arrayOf('string\|array\|null'), // role => parent(s)	1✔
42	'resources' => Expect::arrayOf('string\|null'), // resource => parent	1✔
43	'authentication' => Expect::structure([	1✔
44	'storage' => Expect::anyOf('session', 'cookie')->default('session'),	1✔
45	'expiration' => Expect::string()->dynamic(),	1✔
46	'cookieName' => Expect::string(),	1✔
47	'cookieDomain' => Expect::string(),	1✔
48	'cookieSamesite' => Expect::anyOf('Lax', 'Strict', 'None'),	1✔
49	]),
50	]);
51	}
52
53
54	public function loadConfiguration(): void
55	{
56	/** @var object{debugger: bool, users: array<string, string\|array{password: string, roles?: string\|string[], data?: array<string, mixed>}>, roles: array<string, string\|string[]\|null>, resources: array<string, string\|null>, authentication: \stdClass} $config */
57	$config = $this->config;	1✔
58	$builder = $this->getContainerBuilder();	1✔
59
60	$builder->addDefinition($this->prefix('passwords'))	1✔
61	->setFactory(Nette\Security\Passwords::class);	1✔
62
63	$auth = $config->authentication;	1✔
64	$storage = $builder->addDefinition($this->prefix('userStorage'))	1✔
65	->setType(Nette\Security\UserStorage::class)	1✔
66	->setFactory([	1✔
67	'session' => Nette\Bridges\SecurityHttp\SessionStorage::class,
68	'cookie' => Nette\Bridges\SecurityHttp\CookieStorage::class,
69	][$auth->storage]);	1✔
70
71	if ($auth->storage === 'cookie') {	1✔
72	if ($auth->cookieDomain === 'domain') {	1✔
73	$auth->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');	1✔
74	}
75
76	$storage->addSetup('setCookieParameters', [$auth->cookieName, $auth->cookieDomain, $auth->cookieSamesite]);	1✔
77	}
78
79	$user = $builder->addDefinition($this->prefix('user'))	1✔
80	->setFactory(Nette\Security\User::class);	1✔
81
82	if ($auth->expiration) {	1✔
83	$user->addSetup('setExpiration', [$auth->expiration]);	1✔
84	}
85
86	if ($config->users) {	1✔
87	$usersList = $usersRoles = $usersData = [];	1✔
88	foreach ($config->users as $username => $data) {	1✔
89	$data = is_array($data) ? $data : ['password' => $data];	1✔
90	$usersList[$username] = $data['password'];	1✔
91	$usersRoles[$username] = $data['roles'] ?? null;	1✔
92	$usersData[$username] = $data['data'] ?? [];	1✔
93	}
94
95	$builder->addDefinition($this->prefix('authenticator'))	1✔
96	->setType(Nette\Security\Authenticator::class)	1✔
97	->setFactory(Nette\Security\SimpleAuthenticator::class, [$usersList, $usersRoles, $usersData]);	1✔
98
99	if ($this->name === 'security') {	1✔
100	$builder->addAlias('nette.authenticator', $this->prefix('authenticator'));	1✔
101	}
102	}
103
104	if ($config->roles \|\| $config->resources) {	1✔
105	$authorizator = $builder->addDefinition($this->prefix('authorizator'))	1✔
106	->setType(Nette\Security\Authorizator::class)	1✔
107	->setFactory(Nette\Security\Permission::class);	1✔
108
109	foreach ($config->roles as $role => $parents) {	1✔
110	$authorizator->addSetup('addRole', [$role, $parents]);	1✔
111	}
112
113	foreach ($config->resources as $resource => $parents) {	1✔
114	$authorizator->addSetup('addResource', [$resource, $parents]);	1✔
115	}
116
117	if ($this->name === 'security') {	1✔
118	$builder->addAlias('nette.authorizator', $this->prefix('authorizator'));	1✔
119	}
120	}
121
122	if ($this->name === 'security') {	1✔
123	$builder->addAlias('user', $this->prefix('user'));	1✔
124	$builder->addAlias('nette.userStorage', $this->prefix('userStorage'));	1✔
125	}
126	}	1✔
127
128
129	public function beforeCompile(): void
130	{
131	$builder = $this->getContainerBuilder();	1✔
132
133	if (
134	$this->debugMode &&	1✔
135	($this->config->debugger ?? $builder->getByType(Tracy\Bar::class))	1✔
136	) {
137	$definition = $builder->getDefinition($this->prefix('user'));	×
138	assert($definition instanceof Nette\DI\Definitions\ServiceDefinition);
139	$definition->addSetup('@Tracy\Bar::addPanel', [	×
140	new Nette\DI\Definitions\Statement(Nette\Bridges\SecurityTracy\UserPanel::class),	×
141	]);
142	}
143	}	1✔
144	}

nette / security / 22292327079

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous