I get the following error when I try to reach app/example on symfony demo
Error: The Symfony\Component\Security\Core\SecurityContext class is
deprecated since version 2.6 and will be removed in 3.0. Use
Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage
or Symfony\Component\Security\Core\Authorization\AuthorizationChecker
instead.
The server is returning the right answer with a 200 status code though.
I've found nothing on Google about it. Has anybody encounter this error before and/or know how to fix it ?
Explanation
Starting with Symfony 2.6 the SecurityContext got split into the TokenStorage and the AuthorizationChecker (see: Symfony Blog - "New in Symfony 2.6: Security component improvements").
The main reason for this was to prevent circular reference which occurred quite often when injecting the SecurityContext into your own services.
Solution
The change itself is 100% backwards compatible (as stated in the linked blog post), you just need to rewrite how you accessed the SecurityContext.
// Symfony 2.5
$user = $this->get('security.context')->getToken()->getUser();
// Symfony 2.6
$user = $this->get('security.token_storage')->getToken()->getUser();
// Symfony 2.5
if (false === $this->get('security.context')->isGranted('ROLE_ADMIN')) { ... }
// Symfony 2.6
if (false === $this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')) { ... }
You can simply try to find the culprit by doing a text-search for security.context or SecurityContext in your source code (including the vendor directory).
But as you stated that you're using vanilla Symfony 2.6 it seems that it simply uses some soon to be deprecated methods. So you might simply use this...
Workaround
As Symfony does it's deprecation by triggering E_USER_DEPRECATED errors, you can simply disable them when booting your Symfony AppKernel:
// app/AppKernel.php
class AppKernel extends Kernel
{
public function __construct($environment, $debug) {
// Keep error reporting like it was and disable only deprecation warnings.
error_reporting(error_reporting() & (-1 ^ E_DEPRECATED));
// ...
}
}
I personally like the deprecation warnings, because Symfony's changelogs tend to give very detailed information on how you need to change your code to support future versions of Symfony and the deprecation warnings normally are triggered months before the methods are actually deprecated.
It's not a proper error, just a warning.
A deprecated class is a class that is planned to be removed in future releases (of Symfony, in this case).
It suggest you to stop using it, and points you to the newer (and substitutes) class, TokenStorage and AuthorizationChecker, that will take completly over to do the same tasks.
It gets so annoying to see that warning. At the same time you don't want to turn off the warnings. So I thought maybe it's useful to give an example of changing your code to get rid of it. Here's how I changed HWIOAuthBundle's OAuthUtils class to do so.
First, I changed /vendor/hwi/oauth-bundle/HWI/Bundle/OAuthBundle/Resources/config/oauth.html from this:
<service id="hwi_oauth.security.oauth_utils" class="%hwi_oauth.security.oauth_utils.class%">
<argument type="service" id="security.http_utils" />
<argument type="service" id="security.context" />
<argument>%hwi_oauth.connect%</argument>
</service>
to this:
<service id="hwi_oauth.security.oauth_utils" class="%hwi_oauth.security.oauth_utils.class%">
<argument type="service" id="security.http_utils" />
<argument type="service" id="security.authorization_checker" />
<argument>%hwi_oauth.connect%</argument>
</service>
Now we have to change it in the /vendor/hwi/oauth-bundle/HWI/Bundle/OAuthBundle/Security/OAuthUtils class from this:
use Symfony\Component\Security\Core\SecurityContextInterface;
...
/**
* #var SecurityContextInterface
*/
private $securityContext;
/**
* #param HttpUtils $httpUtils
* #param SecurityContextInterface $securityContext
* #param boolean $connect
*/
public function __construct(HttpUtils $httpUtils, SecurityContextInterface $securityContext, $connect)
{
$this->httpUtils = $httpUtils;
$this->securityContext = $securityContext;
$this->connect = $connect;
}
to this:
use Symfony\Component\Security\Core\Authorization\AuthorizationChecker;
...
/**
* #var AuthorizationChecker
*/
private $authorizationChecker;
/**
* #param HttpUtils $httpUtils
* #param AuthorizationChecker $authorizationChecker
* #param boolean $connect
*/
public function __construct(HttpUtils $httpUtils, AuthorizationChecker $authorizationChecker, $connect)
{
$this->httpUtils = $httpUtils;
$this->authorizationChecker = $authorizationChecker;
$this->connect = $connect;
}
Then I made changes where the securityContext was used. Replaced it with authorizationChecker.
public function getAuthorizationUrl(Request $request, $name, $redirectUrl = null, array $extraParameters = array())
{
$resourceOwner = $this->getResourceOwner($name);
if (null === $redirectUrl) {
if (!$this->connect || !$this->authorizationChecker->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
$redirectUrl = $this->httpUtils->generateUri($request, $this->ownerMap->getResourceOwnerCheckPath($name));
} else {
$redirectUrl = $this->getServiceAuthUrl($request, $resourceOwner);
}
}
return $resourceOwner->getAuthorizationUrl($redirectUrl, $extraParameters);
}
The reason of replacing SecurityContext with AuthorizationChecker is because only isGranted method is used in this case. Maybe you could replace it with TokenStorage or use both AuthorizationChecker and TokenStorage if you needed for your case.
Related
I have a situation where I want to send emails from the order written event whenever an order has been updated according to some set of conditions that I will implement (for example an API response error) But unfortunately I have been unable to do so.
I first created a controller and an email service which uses the abstract email service of shopware And from my controller I'm able to send an email But when I tried to do the same in the event,I quickly realized that it wasn't doing exactly what I was expecting it to do. After some research on it, I saw that the event actually don't have access to the sales channel context so I tried multiple different ways to solve this issue but I'm still stuck. Can somebody please guide me on how I can implement that? thank you very much.
an example of what I tried is to call the store API in order to get the context of the saleschannel to use it in my sendMail function But it was giving errors such as:
request.CRITICAL: Uncaught PHP Exception TypeError: "Argument 5 passed to Swag\BasicExample\Service\EmailService::sendMail() must be an instance of Shopware\Core\System\SalesChannel\SalesChannelContext, instance of stdClass given.
I obviously understand that I have to give it a Shopware\Core\System\SalesChannel\SalesChannelContext not an STD class but how can I do that? since it doesn't really see the channel context.
If you do have an instance of OrderEntity you can rebuild the SalesChannelContext from the existing order using the OrderConverter service.
<service id="Foo\MyPlugin\Subscriber\MySubscriber">
<argument type="service" id="Shopware\Core\Checkout\Cart\Order\OrderConverter"/>
<argument type="service" id="order.repository"/>
<tag name="kernel.event_subscriber"/>
</service>
class MySubscriber implements EventSubscriberInterface
{
private OrderConverter $orderConverter;
private EntityRepository $repository;
public function __construct(
OrderConverter $orderConverter,
EntityRepository $repository
) {
$this->orderConverter = $orderConverter;
$this->repository = $repository;
}
public static function getSubscribedEvents(): array
{
return [
OrderEvents::ORDER_WRITTEN_EVENT => 'onOrderWritten',
];
}
public function onOrderWritten(EntityWrittenEvent $event): void
{
foreach ($event->getWriteResults() as $writeResult) {
$orderId = $writeResult->getPrimaryKey();
$criteria = new Criteria([$orderId]);
$criteria->addAssociation('transactions');
$criteria->addAssociation('orderCustomer');
$order = $this->repository
->search($criteria, $event->getContext())->first();
if (!$order instanceof OrderEntity) {
continue;
}
$salesChannelContext = $this->orderConverter
->assembleSalesChannelContext($order, $event->getContext());
// ...
}
}
}
I have written a Java class for event filtering on one of the Publish channels, and rebuilt and deployed it. I have referenced it on the Publish channel too. However, Maximo behaves as if the class was never there.
package com.sof.iface.eventfilter;
import java.rmi.RemoteException;
import psdi.iface.mic.MaximoEventFilter;
import psdi.iface.mic.PublishInfo;
import psdi.mbo.MboRemote;
import psdi.util.MXException;
import psdi.util.logging.MXLogger;
import psdi.util.logging.MXLoggerFactory;
public class VSPPWOCOMPEventFilter extends MaximoEventFilter {
private static final String SILMX_ATTRIBUTE_STATUS = "STATUS";
private MXLogger log = MXLoggerFactory.getLogger("maximo.application.EVENTFILTER");
/**
* Constructor
*
* #param pubInfo Publish Channel Information
* #throws MXException Maximo Exception
*/
public VSPPWOCOMPEventFilter(PublishInfo pubInfo) throws MXException {
super(pubInfo);
} // end constructor.
/**
* Decide whether to filter out the event before it triggers the
* Publish Channel or not.
*/
public boolean filterEvent(MboRemote mbo) throws MXException, RemoteException {
log.debug("######## com.sof.iface.eventfilter.VSPPWOCOMPEventFilter::filterEvent() - Start of Method");
boolean filter = false;
// try {
String status = mbo.getString(SILMX_ATTRIBUTE_STATUS);
log.debug("######## com.sof.iface.eventfilter.VSPPWOCOMPEventFilter::filterEvent() - WO Status " + status);
if(mbo.isModified("STATUS") && status == "COMP") {
log.debug("######## com.sof.iface.eventfilter.VSPPWOCOMPEventFilter::filterEvent() - Skipping MBO");
filter = true;
} else {
filter = super.filterEvent(mbo);
}
log.debug("######## com.sof.iface.eventfilter.VSPPWOCOMPEventFilter::filterEvent() - End of Method");
return filter;
// }
} // end filterEvent.
} // end class.
Please ignore the below text :)
A good logging (tracing) is always a lifesaver when you have problems in a production environment. I will never stop telling to my fellow programmers how much is important to fill code with meaningful log calls.Maximo has a good and flexible logging subsystem. This IBM TechNote describes in detail how logging works in Maximo. Let’s now see hot to use Maximo logging in your custom Java code.
It looks like you need to skip the outbound message when the Work Order is completed. When the event doesn't seem to occur, make sure to check for these flags:
External System is active
Publish Channel is active
Publish Channel listener is enabled
I think you could easily achieve the same result with a SKIP action processing rule. See details here:
https://www.ibm.com/support/knowledgecenter/en/SSLKT6_7.6.0/com.ibm.mt.doc/gp_intfrmwk/c_message_proc_actions.html
Also worth mentioning: IBM added automation script support for Event Filtering in version 7.6 so no more build/redeploy required.
I have following configuration for KinesisMessageDrivenChannelAdapter, when I remove dynamoDbMetaDataStore as checkpointer, messages are received correctly, but when I add it back records are always empty.
I debugged the code and KinesisMessageDrivenChannelAdapter.processTask() line 776 (version 2.0.0.M2) returns empty records.
UPDATE:
public DynamoDbMetaDataStore dynamoDbMetaDataStore() {
String url = consumerClientProperties.getDynamoDB().getUrl();
final AmazonDynamoDBAsync amazonDynamoDB = AmazonDynamoDBAsyncClientBuilder.standard()
.withEndpointConfiguration(new EndpointConfiguration(
url,
Regions.fromName(awsRegion).getName()))
.withClientConfiguration(new ClientConfiguration()
.withMaxErrorRetry(consumerClientProperties.getDynamoDB().getRetries())
.withConnectionTimeout(consumerClientProperties.getDynamoDB().getConnectionTimeout())).build();
DynamoDbMetaDataStore dynamoDbMetaDataStore = new DynamoDbMetaDataStore(amazonDynamoDB, "consumer-test");
return dynamoDbMetaDataStore;
}
public KinesisMessageDrivenChannelAdapter kinesisInboundChannel(
AmazonKinesis amazonKinesis, String[] streamNames) {
KinesisMessageDrivenChannelAdapter adapter =
new KinesisMessageDrivenChannelAdapter(amazonKinesis, streamNames);
adapter.setConverter(null);
adapter.setOutputChannel(kinesisReceiveChannel());
adapter.setCheckpointStore(dynamoDbMetaDataStore());
adapter.setConsumerGroup(consumerClientProperties.getName());
adapter.setCheckpointMode(CheckpointMode.manual);
adapter.setListenerMode(ListenerMode.record);
adapter.setStartTimeout(10000);
adapter.setDescribeStreamRetries(1);
adapter.setConcurrency(10);
return adapter;
}
Thank you
I recommend you to test your solution with the latest 2.0.0.BUILD-SNAPSHOT.
There is already an option like:
/**
* Specify a {#link LockRegistry} for an exclusive access to provided streams.
* This is not used when shards-based configuration is provided.
* #param lockRegistry the {#link LockRegistry} to use.
* #since 2.0
*/
public void setLockRegistry(LockRegistry lockRegistry) {
where you would need to inject a DynamoDbLockRegistry for better checkpoint management.
For that purpose you would also need to add this dependency:
compile("com.amazonaws:dynamodb-lock-client:1.0.0")
There indeed might be some issues with filtering in that M2 yet...
I have a plugin which works on shopware 5.2 and 5.3 but doesnt work on 5.1.6. Here is the start file which is called ebTaxApi.php and i believe something should be changed here, but I need help:
<?php
namespace ebTaxApi;
use Shopware\Components\Plugin;
class ebTaxApi extends Plugin
{
/**
* #inheritdoc
*/
public static function getSubscribedEvents()
{
return [
'Enlight_Controller_Dispatcher_ControllerPath_Api_Tax' => 'onGetTaxApiController',
'Enlight_Controller_Front_StartDispatch' => 'onEnlightControllerFrontStartDispatch'
];
}
/**
* #return string
*/
public function onGetTaxApiController()
{
return $this->getPath() . '/Controllers/Api/Tax.php';
}
/**
*
*/
public function onEnlightControllerFrontStartDispatch()
{
$this->container->get('loader')->registerNamespace('Shopware\Components', $this->getPath() . '/Components/');
}
}
THis plugin is verified and works on 5.2 and 5.3 but i have tried to make its way into 5.1.6 but no luck. Also tried to register the namespace using a function but didnt work, the class could not be found.
Any help?
Thanks
The Plugin-Class you are showing here is based on the new Plugin-System, wich was introduced in Shopware Version 5.2. If you need your Plugin in older Shopware versions, you need to use the legacy plugin system.
In Symfony2, I really like the #Security annotation to perform permissions checks.
However, when using this annotation, I come over a limitation which is you can't cumulate them.
/**
* #Security("is_granted('organizer')")
* #Security("is_granted('owner')")
*/
public function displayPlanningsAction($isModel = false)
{
or
* #Security("is_granted('subscription_valid')")
*/
class PlanningController extends CustomBaseController
{
/**
* #Security("is_granted('owner')")
*/
public function displayPlanningsAction($isModel = false)
{
the two previous will only check for is_granted('owner'). That's kind of ok in the first example because I can just put an 'and' and write this in a single line, but it's really annoying for the second example because then I have to repeat for every method of the class.
Is there a simple way I could overcome this (without using the jmsextrasecuritybundle) ?