From 2533d00ab6ce83a287c9a7eb74e022089639a15c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Pi=C3=B3rkowski?= Date: Thu, 30 Jan 2025 09:58:52 +0100 Subject: [PATCH] fix/OP-565 [Wishlist] Issue with multiple wishlists using the same token --- .github/workflows/build.yml | 2 +- .github/workflows/coding_standard.yml | 2 +- .../Application/config/packages/security.yaml | 124 ------------------ 3 files changed, 2 insertions(+), 126 deletions(-) delete mode 100644 tests/Application/config/packages/security.yaml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index edf61502..679cc4b0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: matrix: php: [ "8.1", "8.2", "8.3" ] symfony: ["^5.4", "^6.4"] - sylius: [ "^1.12", "^1.13" ] + sylius: [ "~1.12", "~1.13" ] node: [ "18.x", "20.x" ] mysql: ["8.0"] state_machine_adapter: ["winzou_state_machine", "symfony_workflow"] diff --git a/.github/workflows/coding_standard.yml b/.github/workflows/coding_standard.yml index 8f49a540..e95115a2 100644 --- a/.github/workflows/coding_standard.yml +++ b/.github/workflows/coding_standard.yml @@ -20,7 +20,7 @@ jobs: matrix: php: [ "8.1", "8.2", "8.3" ] symfony: [ "^5.4", "^6.4" ] - sylius: [ "^1.12", "^1.13" ] + sylius: [ "~1.12", "~1.13" ] node: [ "18.x", "20.x" ] steps: diff --git a/tests/Application/config/packages/security.yaml b/tests/Application/config/packages/security.yaml deleted file mode 100644 index 842b093c..00000000 --- a/tests/Application/config/packages/security.yaml +++ /dev/null @@ -1,124 +0,0 @@ -security: - enable_authenticator_manager: true - providers: - sylius_admin_user_provider: - id: sylius.admin_user_provider.email_or_name_based - sylius_api_admin_user_provider: - id: sylius.admin_user_provider.email_or_name_based - sylius_shop_user_provider: - id: sylius.shop_user_provider.email_or_name_based - sylius_api_shop_user_provider: - id: sylius.shop_user_provider.email_or_name_based - - password_hashers: - Sylius\Component\User\Model\UserInterface: argon2i - firewalls: - admin: - switch_user: true - context: admin - pattern: "%sylius.security.admin_regex%" - provider: sylius_admin_user_provider - form_login: - provider: sylius_admin_user_provider - login_path: sylius_admin_login - check_path: sylius_admin_login_check - failure_path: sylius_admin_login - default_target_path: sylius_admin_dashboard - use_forward: false - use_referer: true - enable_csrf: true - csrf_parameter: _csrf_admin_security_token - csrf_token_id: admin_authenticate - remember_me: - secret: "%env(APP_SECRET)%" - path: "/%sylius_admin.path_name%" - name: APP_ADMIN_REMEMBER_ME - lifetime: 31536000 - remember_me_parameter: _remember_me - logout: - path: sylius_admin_logout - target: sylius_admin_login - - new_api_admin_user: - pattern: "%sylius.security.new_api_admin_regex%/.*" - provider: sylius_api_admin_user_provider - stateless: true - entry_point: jwt - json_login: - check_path: "%sylius.security.new_api_admin_route%/authentication-token" - username_path: email - password_path: password - success_handler: lexik_jwt_authentication.handler.authentication_success - failure_handler: lexik_jwt_authentication.handler.authentication_failure - jwt: true - - new_api_shop_user: - pattern: "%sylius.security.new_api_shop_regex%/.*" - provider: sylius_api_shop_user_provider - stateless: true - entry_point: jwt - json_login: - check_path: "%sylius.security.new_api_shop_route%/authentication-token" - username_path: email - password_path: password - success_handler: lexik_jwt_authentication.handler.authentication_success - failure_handler: lexik_jwt_authentication.handler.authentication_failure - jwt: true - - shop: - switch_user: { role: ROLE_ALLOWED_TO_SWITCH } - context: shop - pattern: "%sylius.security.shop_regex%" - provider: sylius_shop_user_provider - form_login: - success_handler: sylius.authentication.success_handler - failure_handler: sylius.authentication.failure_handler - provider: sylius_shop_user_provider - login_path: sylius_shop_login - check_path: sylius_shop_login_check - failure_path: sylius_shop_login - default_target_path: sylius_shop_homepage - use_forward: false - use_referer: true - enable_csrf: true - csrf_parameter: _csrf_shop_security_token - csrf_token_id: shop_authenticate - remember_me: - secret: "%env(APP_SECRET)%" - name: APP_SHOP_REMEMBER_ME - lifetime: 31536000 - remember_me_parameter: _remember_me - logout: - path: sylius_shop_logout - target: sylius_shop_homepage - invalidate_session: false - - dev: - pattern: ^/(_(profiler|wdt)|css|images|js)/ - security: false - - image_resolver: - pattern: ^/media/cache/resolve - security: false - - access_control: - - { path: "%sylius.security.admin_regex%/_partial", role: PUBLIC_ACCESS, ips: [127.0.0.1, ::1] } - - { path: "%sylius.security.admin_regex%/_partial", role: ROLE_NO_ACCESS } - - { path: "%sylius.security.shop_regex%/_partial", role: PUBLIC_ACCESS, ips: [127.0.0.1, ::1] } - - { path: "%sylius.security.shop_regex%/_partial", role: ROLE_NO_ACCESS } - - - { path: "%sylius.security.admin_regex%/login", role: PUBLIC_ACCESS } - - { path: "%sylius.security.shop_regex%/login", role: PUBLIC_ACCESS } - - - { path: "%sylius.security.shop_regex%/register", role: PUBLIC_ACCESS } - - { path: "%sylius.security.shop_regex%/verify", role: PUBLIC_ACCESS } - - - { path: "%sylius.security.admin_regex%", role: ROLE_ADMINISTRATION_ACCESS } - - { path: "%sylius.security.shop_regex%/account", role: ROLE_USER } - - - { path: "%sylius.security.new_api_admin_route%/reset-password-requests", role: PUBLIC_ACCESS } - - { path: "%sylius.security.new_api_admin_regex%/.*", role: ROLE_API_ACCESS } - - { path: "%sylius.security.new_api_admin_route%/authentication-token", role: PUBLIC_ACCESS } - - { path: "%sylius.security.new_api_user_account_regex%/.*", role: ROLE_USER } - - { path: "%sylius.security.new_api_shop_route%/authentication-token", role: PUBLIC_ACCESS } - - { path: "%sylius.security.new_api_shop_regex%/.*", role: PUBLIC_ACCESS }