$rootNode =$tb->root('security');

->beforeNormalization()

->ifTrue(function ($v) {

if (!isset($v['access_decision_manager'])) {

returntrue;

}

if (!isset($v['access_decision_manager']['strategy']) && !isset($v['access_decision_manager']['service'])) {

returntrue;

};

returnfalse;

})

->then(function ($v) {

$v['access_decision_manager'] =array(

'strategy' => AccessDecisionManager::STRATEGY_AFFIRMATIVE,

);

return$v;

})

->end()

->children()

->scalarNode('access_denied_url')->defaultNull()->example('/foo/error403')->end()

->enumNode('session_fixation_strategy')

->children()

->enumNode('strategy')

->values(array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, AccessDecisionManager::STRATEGY_CONSENSUS, AccessDecisionManager::STRATEGY_UNANIMOUS))

->defaultValue(AccessDecisionManager::STRATEGY_AFFIRMATIVE)

->end()

->scalarNode('service')->end()

->booleanNode('allow_if_all_abstain')->defaultFalse()->end()

->booleanNode('allow_if_equal_granted_denied')->defaultTrue()->end()

->end()

->validate()

->ifTrue(function ($v) {returnisset($v['strategy']) &&isset($v['service']); })

->thenInvalid('"strategy" and "service" cannot be used together.')

->end()

->end()

->end()

;

$container->setParameter('security.access.denied_url',$config['access_denied_url']);

$container->setParameter('security.authentication.manager.erase_credentials',$config['erase_credentials']);

$container->setParameter('security.authentication.session_strategy.strategy',$config['session_fixation_strategy']);

->getDefinition('security.access.decision_manager')

->addArgument($config['access_decision_manager']['strategy'])

->addArgument($config['access_decision_manager']['allow_if_all_abstain'])

->addArgument($config['access_decision_manager']['allow_if_equal_granted_denied'])

;

if (isset($config['access_decision_manager']['service'])) {

$container->setAlias('security.access.decision_manager',$config['access_decision_manager']['service']);

}else {

->getDefinition('security.access.decision_manager')

->addArgument($config['access_decision_manager']['strategy'])

->addArgument($config['access_decision_manager']['allow_if_all_abstain'])

->addArgument($config['access_decision_manager']['allow_if_equal_granted_denied']);

}

$container->setParameter('security.access.always_authenticate_before_granting',$config['always_authenticate_before_granting']);

$container->setParameter('security.authentication.hide_user_not_found',$config['hide_user_not_found']);

useSymfony\Bundle\SecurityBundle\SecurityBundle;

useSymfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;

useSymfony\Component\DependencyInjection\ContainerBuilder;

useSymfony\Component\Security\Core\Authorization\AccessDecisionManager;

abstractclass CompleteConfigurationTestextends \PHPUnit_Framework_TestCase

{

$this->assertEquals('security.user_checker',$this->getContainer('container1')->getAlias('security.user_checker.secure'));

}

publicfunctiontestDefaultAccessDecisionManagerStrategyIsAffirmative()

{

$container =$this->getContainer('access_decision_manager_default_strategy');

$this->assertSame(AccessDecisionManager::STRATEGY_AFFIRMATIVE,$container->getDefinition('security.access.decision_manager')->getArgument(1),'Default vote strategy is affirmative');

}

publicfunctiontestCustomAccessDecisionManagerService()

{

$container =$this->getContainer('access_decision_manager_service');

$this->assertSame('app.access_decision_manager', (string)$container->getAlias('security.access.decision_manager'),'The custom access decision manager service is aliased');

}

publicfunctiontestAccessDecisionManagerServiceAndStrategyCannotBeUsedAtTheSameTime()

{

$container =$this->getContainer('access_decision_manager_service_and_strategy');

}

protectedfunctiongetContainer($file)

{

if (isset(self::$containerCache[$file])) {

$container->loadFromExtension('security',array(

'providers' =>array(

'default' =>array(

'memory' =>array(

'users' =>array(

'foo' =>array('password' =>'foo','roles' =>'ROLE_USER'),

),

),

),

),

'firewalls' =>array(

'simple' =>array('pattern' =>'/login','security' =>false),

),

));

$container->loadFromExtension('security',array(

'access_decision_manager' =>array(

'service' =>'app.access_decision_manager',

),

'providers' =>array(

'default' =>array(

'memory' =>array(

'users' =>array(

'foo' =>array('password' =>'foo','roles' =>'ROLE_USER'),

),

),

),

),

'firewalls' =>array(

'simple' =>array('pattern' =>'/login','security' =>false),

),

));

$container->loadFromExtension('security',array(

'access_decision_manager' =>array(

'service' =>'app.access_decision_manager',

'strategy' =>'affirmative',

),

'providers' =>array(

'default' =>array(

'memory' =>array(

'users' =>array(

'foo' =>array('password' =>'foo','roles' =>'ROLE_USER'),

),

),

),

),

'firewalls' =>array(

'simple' =>array('pattern' =>'/login','security' =>false),

),

));

<?xml version="1.0" encoding="UTF-8"?>

<srv:containerxmlns="http://symfony.com/schema/dic/security"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:srv="http://symfony.com/schema/dic/services"

xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<config>

<providername="default">

<memory>

<username="foo"password="foo"roles="ROLE_USER" />

</memory>

</provider>

<firewallname="simple"pattern="/login"security="false" />

</config>

</srv:container>

<?xml version="1.0" encoding="UTF-8"?>

<srv:containerxmlns="http://symfony.com/schema/dic/security"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:srv="http://symfony.com/schema/dic/services"

xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<config>

<access-decision-managerservice="app.access_decision_manager" />

<providername="default">

<memory>

<username="foo"password="foo"roles="ROLE_USER" />

</memory>

</provider>

<firewallname="simple"pattern="/login"security="false" />

</config>

</srv:container>

<?xml version="1.0" encoding="UTF-8"?>

<srv:containerxmlns="http://symfony.com/schema/dic/security"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:srv="http://symfony.com/schema/dic/services"

xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<config>

<access-decision-managerservice="app.access_decision_manager"strategy="affirmative" />

<providername="default">

<memory>

<username="foo"password="foo"roles="ROLE_USER" />

</memory>

</provider>

<firewallname="simple"pattern="/login"security="false" />

</config>

</srv:container>

security:

providers:

default:

memory:

users:

foo:{ password: foo, roles: ROLE_USER }

firewalls:

simple:{ pattern: /login, security: false }

security:

access_decision_manager:

service:app.access_decision_manager

providers:

default:

memory:

users:

foo:{ password: foo, roles: ROLE_USER }

firewalls:

simple:{ pattern: /login, security: false }

security:

access_decision_manager:

service:app.access_decision_manager

strategy:affirmative

providers:

default:

memory:

users:

foo:{ password: foo, roles: ROLE_USER }

firewalls:

simple:{ pattern: /login, security: false }