Merge pull request #546 from nikophil/fix-security-config-updater

Fix SecurityConfigUpdater

Author: weaverryan

src/Security/SecurityConfigUpdater.php

@@ -103,12 +103,7 @@ private function normalizeSecurityYamlFile()
 
     private function updateProviders(UserClassConfiguration $userConfig, string $userClass)
     {
-        if ($this->isSingleInMemoryProviderConfigured()) {
-            // empty the providers if the generic "in_memory" is the only one
-            $newData = $this->manipulator->getData();
-            $newData['security']['providers'] = [];
-            $this->manipulator->setData($newData);
-        }
+        $this->removeMemoryProviderIfIsSingleConfigured();
 
         $newData = $this->manipulator->getData();
         $newData['security']['providers']['__'] = $this->manipulator->createCommentLine(
@@ -149,6 +144,27 @@ private function updateEncoders(UserClassConfiguration $userConfig, string $user
         $this->manipulator->setData($newData);
     }
 
+    private function removeMemoryProviderIfIsSingleConfigured()
+    {
+        if (!$this->isSingleInMemoryProviderConfigured()) {
+            return;
+        }
+
+        $newData = $this->manipulator->getData();
+
+        $memoryProviderName = array_keys($newData['security']['providers'])[0];
+
+        $newData['security']['providers'] = [];
+
+        foreach ($newData['security']['firewalls'] as &$firewall) {
+            if (($firewall['provider'] ?? null) === $memoryProviderName) {
+                $firewall['provider'] = 'app_user_provider';
+            }
+        }
+
+        $this->manipulator->setData($newData);
+    }
+
     private function isSingleInMemoryProviderConfigured(): bool
     {
         if (!isset($this->manipulator->getData()['security']['providers'])) {

tests/Security/SecurityConfigUpdaterTest.php

@@ -72,6 +72,12 @@ public function getUserClassTests()
             'empty_source_model_email_with_password.yaml',
             'empty_security.yaml',
         ];
+
+        yield 'simple_security_with_single_memory_provider_configured' => [
+            new UserClassConfiguration(true, 'email', true),
+            'simple_security_with_single_memory_provider_configured.yaml',
+            'simple_security_with_single_memory_provider_configured.yaml',
+        ];
     }
 
     /**

tests/Security/yaml_fixtures/expected_user_class/simple_security_with_single_memory_provider_configured.yaml

@@ -0,0 +1,18 @@
+security:
+    encoders:
+        App\Entity\User:
+            algorithm: {BCRYPT_OR_AUTO}
+
+    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
+    providers:
+        # used to reload user from session & other features (e.g. switch_user)
+        app_user_provider:
+            entity:
+                class: App\Entity\User
+                property: email
+
+    firewalls:
+        dev: ~
+        main:
+            anonymous: true
+            provider: app_user_provider

tests/Security/yaml_fixtures/source/simple_security_with_single_memory_provider_configured.yaml

@@ -0,0 +1,10 @@
+security:
+    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
+    providers:
+        in_memory: { memory: ~ }
+
+    firewalls:
+        dev: ~
+        main:
+            anonymous: true
+            provider: in_memory