Use SonataAdminBundle configuration to configure services (#1297)

sonata-project · Oct 2, 2017 · 3100b67 · 3100b67
1 parent 6c44137
commit 3100b67
Show file tree

Hide file tree

Showing 4 changed files with 92 additions and 7 deletions.
diff --git a/DependencyInjection/SonataMediaExtension.php b/DependencyInjection/SonataMediaExtension.php
@@ -16,15 +16,21 @@
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Definition;
+use Symfony\Component\DependencyInjection\Extension\PrependExtensionInterface;
 use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Component\HttpKernel\DependencyInjection\Extension;
 
 /**
  * @author Thomas Rabaix <[email protected]>
  */
-class SonataMediaExtension extends Extension
+class SonataMediaExtension extends Extension implements PrependExtensionInterface
 {
+    /**
+     * @var array
+     */
+    private $bundleConfigs;
+
     /**
      * {@inheritdoc}
      */
@@ -111,6 +117,24 @@ public function load(array $configs, ContainerBuilder $container)
 
         if (isset($bundles['SonataAdminBundle'])) {
             $loader->load(sprintf('%s_admin.xml', $config['db_driver']));
+
+            $sonataAdminConfig = $this->bundleConfigs['SonataAdminBundle'];
+
+            $sonataRoles = array();
+            if (isset($sonataAdminConfig['security']['role_admin'])) {
+                $sonataRoles[] = $sonataAdminConfig['security']['role_admin'];
+            } else {
+                $sonataRoles[] = 'ROLE_ADMIN';
+            }
+
+            if (isset($sonataAdminConfig['security']['role_super_admin'])) {
+                $sonataRoles[] = $sonataAdminConfig['security']['role_super_admin'];
+            } else {
+                $sonataRoles[] = 'ROLE_SUPER_ADMIN';
+            }
+
+            $container->getDefinition('sonata.media.security.superadmin_strategy')
+                ->replaceArgument(2, $sonataRoles);
         }
 
         $this->configureFilesystemAdapter($container, $config);
@@ -551,6 +575,21 @@ public function configureClassesToCompile()
         ));
     }
 
+    /**
+     * Allow an extension to prepend the extension configurations.
+     *
+     * @param ContainerBuilder $container
+     */
+    public function prepend(ContainerBuilder $container)
+    {
+        $bundles = $container->getParameter('kernel.bundles');
+
+        // Store SonataAdminBundle configuration for later use
+        if (isset($bundles['SonataAdminBundle'])) {
+            $this->bundleConfigs['SonataAdminBundle'] = current($container->getExtensionConfig('sonata_admin'));
+        }
+    }
+
     /**
      * Checks if the classification of media is enabled.
      *

diff --git a/Resources/config/security.xml b/Resources/config/security.xml
@@ -11,10 +11,7 @@
             <argument type="service" id="translator"/>
             <argument/>
             <!-- Either security.context or security.authorization_checker -->
-            <argument type="collection">
-                <argument>ROLE_SUPER_ADMIN</argument>
-                <argument>ROLE_ADMIN</argument>
-            </argument>
+            <argument type="collection"/>
         </service>
         <service id="sonata.media.security.session_strategy" class="Sonata\MediaBundle\Security\SessionDownloadStrategy">
             <argument type="service" id="translator"/>

diff --git a/Resources/doc/reference/security.rst b/Resources/doc/reference/security.rst
@@ -7,10 +7,12 @@ a download strategy interface, which can be set per context and authorize the me
 
 Built-in security strategy:
 
-* ``sonata.media.security.superadmin_strategy`` : DEFAULT - the user need to have one of the following roles : ``ROLE_SUPER_ADMIN`` or ``ROLE_ADMIN``
+* ``sonata.media.security.superadmin_strategy`` : DEFAULT - the user needs to have one of the following roles :
+  ``ROLE_SUPER_ADMIN`` or ``ROLE_ADMIN`` (although these roles can be configured in SonataAdminBundle)
 * ``sonata.media.security.public_strategy`` : no restriction, files are public
 * ``sonata.media.security.forbidden_strategy`` : not possible to retrieve the original file
-* ``sonata.media.security.connected_strategy`` : the need to have one of the following roles : ``IS_AUTHENTICATED_FULLY`` or ``IS_AUTHENTICATED_REMEMBERED``
+* ``sonata.media.security.connected_strategy`` : the need to have one of the following roles :
+  ``IS_AUTHENTICATED_FULLY`` or ``IS_AUTHENTICATED_REMEMBERED``
 
 On top of that, there is 3 download modes which can be configured to download the media. The download mode depends on
 the HTTP server you used:

diff --git a/Tests/DependencyInjection/SonataMediaExtensionTest.php b/Tests/DependencyInjection/SonataMediaExtensionTest.php
@@ -13,6 +13,7 @@
 
 use Matthias\SymfonyDependencyInjectionTest\PhpUnit\AbstractExtensionTestCase;
 use Sonata\MediaBundle\DependencyInjection\SonataMediaExtension;
+use Symfony\Component\DependencyInjection\Extension\PrependExtensionInterface;
 
 class SonataMediaExtensionTest extends AbstractExtensionTestCase
 {
@@ -153,6 +154,52 @@ public function dataResizer()
         );
     }
 
+    public function testLoadWithSonataAdminDefaults()
+    {
+        $this->load();
+
+        $this->assertEquals(
+            $this->container->getDefinition('sonata.media.security.superadmin_strategy')->getArgument(2),
+            array('ROLE_ADMIN', 'ROLE_SUPER_ADMIN')
+        );
+    }
+
+    public function testLoadWithSonataAdminCustomConfiguration()
+    {
+        $fakeContainer = $this->getMockBuilder('Symfony\Component\DependencyInjection\ContainerBuilder')
+            ->setMethods(array('getParameter', 'getExtensionConfig'))
+            ->getMock();
+
+        $fakeContainer->expects($this->once())
+            ->method('getParameter')
+            ->with($this->equalTo('kernel.bundles'))
+            ->willReturn($this->container->getParameter('kernel.bundles'));
+
+        $fakeContainer->expects($this->once())
+            ->method('getExtensionConfig')
+            ->with($this->equalTo('sonata_admin'))
+            ->willReturn(array(array(
+                'security' => array(
+                    'role_admin' => 'ROLE_FOO',
+                    'role_super_admin' => 'ROLE_BAR',
+                ),
+            )));
+
+        $configs = array($this->getMinimalConfiguration());
+        foreach ($this->getContainerExtensions() as $extension) {
+            if ($extension instanceof PrependExtensionInterface) {
+                $extension->prepend($fakeContainer);
+            }
+
+            $extension->load($configs, $this->container);
+        }
+
+        $this->assertEquals(
+            $this->container->getDefinition('sonata.media.security.superadmin_strategy')->getArgument(2),
+            array('ROLE_FOO', 'ROLE_BAR')
+        );
+    }
+
     protected function getMinimalConfiguration()
     {
         return array(