Merge pull request #23 from krizon/exception-factory

reecefowell · reecefowell · commit b92365d7bcc7 · 2014-04-23T18:53:57.000-04:00
Introduce exception factory to allow customization of exception thrown when ip is blocked
diff --git a/Component/Listener/AccessDeniedExceptionFactory.php b/Component/Listener/AccessDeniedExceptionFactory.php
@@ -0,0 +1,24 @@
+<?php
+
+/*
+ * This file is part of the CCDNUser SecurityBundle
+ *
+ * (c) CCDN (c) CodeConsortium <http://www.codeconsortium.com/>
+ *
+ * Available on github <http://www.github.com/codeconsortium/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace CCDNUser\SecurityBundle\Component\Listener;
+
+use Symfony\Component\HttpKernel\Exception\HttpException;
+
+class AccessDeniedExceptionFactory implements AccessDeniedExceptionFactoryInterface
+{
+    public function createAccessDeniedException()
+    {
+        return new HttpException(500, 'flood control - login blocked');
+    }
+}
diff --git a/Component/Listener/AccessDeniedExceptionFactoryInterface.php b/Component/Listener/AccessDeniedExceptionFactoryInterface.php
@@ -0,0 +1,24 @@
+<?php
+
+/*
+ * This file is part of the CCDNUser SecurityBundle
+ *
+ * (c) CCDN (c) CodeConsortium <http://www.codeconsortium.com/>
+ *
+ * Available on github <http://www.github.com/codeconsortium/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace CCDNUser\SecurityBundle\Component\Listener;
+
+interface AccessDeniedExceptionFactoryInterface
+{
+    /**
+     * Create exception thrown when a ip is blocked
+     *
+     * @return \Exception
+     */
+    public function createAccessDeniedException();
+}
diff --git a/Component/Listener/BlockingLoginListener.php b/Component/Listener/BlockingLoginListener.php
@@ -13,7 +13,7 @@
 
 namespace CCDNUser\SecurityBundle\Component\Listener;
 
-use Symfony\Component\HttpKernel\Exception\HttpException;
+use CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\Routing\RouterInterface;
@@ -52,18 +52,25 @@ class BlockingLoginListener
      */
     protected $securityManager;
 
+    /**
+     * @var AccessDeniedExceptionFactoryInterface
+     */
+    protected $exceptionFactory;
+
     /**
      *
      * @access public
-     * @param \Symfony\Component\Routing\RouterInterface                        $router
-     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager  $loginFailureTracker
-     * @param array                                                             $forceAccountRecovery
+     * @param \Symfony\Component\Routing\RouterInterface                                              $router
+     * @param \CCDNUser\SecurityBundle\Component\Authorisation\SecurityManager                        $loginFailureTracker
+     * @param \CCDNUser\SecurityBundle\Component\Listener\AccessDeniedExceptionFactoryInterface $exceptionFactory
+     * @param array                                                                                   $forceAccountRecovery
      */
-    public function __construct(RouterInterface $router, $securityManager, $forceAccountRecovery)
+    public function __construct(RouterInterface $router, SecurityManager $securityManager, AccessDeniedExceptionFactoryInterface $exceptionFactory, $forceAccountRecovery)
     {
         $this->securityManager = $securityManager;
         $this->router = $router;
         $this->forceAccountRecovery = $forceAccountRecovery;
+        $this->exceptionFactory = $exceptionFactory;
     }
 
     /**
@@ -101,7 +108,7 @@ public function onKernelRequest(GetResponseEvent $event)
         if ($result == $securityManager::ACCESS_DENIED_BLOCK) {
             $event->stopPropagation();
 
-            throw new HttpException(500, 'flood control - login blocked');
+            throw $this->exceptionFactory->createAccessDeniedException();
         }
     }
 }
diff --git a/DependencyInjection/CCDNUserSecurityExtension.php b/DependencyInjection/CCDNUserSecurityExtension.php
@@ -166,6 +166,7 @@ private function getComponentSection(ContainerBuilder $container, $config)
 
         $container->setParameter('ccdn_user_security.component.listener.route_referer_listener.class', $config['component']['listener']['route_referer_listener']['class']);
         $container->setParameter('ccdn_user_security.component.listener.blocking_login_listener.class', $config['component']['listener']['blocking_login_listener']['class']);
+        $container->setParameter('ccdn_user_security.component.access_denied_exception_factory.class', $config['component']['listener']['blocking_login_listener']['access_denied_exception_factory']);
 
         $container->setParameter('ccdn_user_security.component.route_referer_ignore.chain.class', $config['component']['route_referer_ignore']['chain']['class']);
 
diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
@@ -315,6 +315,7 @@ private function addComponentSection(ArrayNodeDefinition $node)
                                     ->canBeUnset()
                                     ->children()
                                         ->scalarNode('class')->defaultValue('CCDNUser\SecurityBundle\Component\Listener\BlockingLoginListener')->end()
+                                        ->scalarNode('access_denied_exception_factory')->defaultValue('CCDNUser\SecurityBundle\Component\Listener\AccessDeniedExceptionFactory')->end()
                                     ->end()
                                 ->end()
                             ->end()
diff --git a/Resources/config/services/components.yml b/Resources/config/services/components.yml
@@ -61,14 +61,20 @@ services:
         tags:
             - { name: security.voter }
 
+    #
+    # Blocking login Listener.
+    #
     ccdn_user_security.component.listener.blocking_login_listener:
         class: %ccdn_user_security.component.listener.blocking_login_listener.class%
         arguments:
             - @router
             - @ccdn_user_security.component.authorisation.security_manager
+            - @ccdn_user_security.component.access_denied_exception_factory
             - %ccdn_user_security.login_shield.force_account_recovery%
         tags:
             - { name: kernel.event_listener, event: kernel.request, method: onKernelRequest }
+    ccdn_user_security.component.access_denied_exception_factory:
+        class: %ccdn_user_security.component.access_denied_exception_factory.class%
 
     #
     # Referer Listener.
