merged branch beberlei/SecurityEntityRepositoryIdentifierFix (PR #2765)

Commits
-------

3c83b89 [DoctrineBridge] Catch user-error when the identifier is not serialized with the User entity.

Discussion
----------

[DoctrineBridge] Catch user-error when the identifier is not serialized ...

...with the User entity.

Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: GH-2670

---------------------------------------------------------------------------

by stof at 2011/12/01 12:31:37 -0800

is it still needed after https://github.com/doctrine/doctrine2/commit/619a31913a4f5952248a0b909a25c2020619c29f ?

---------------------------------------------------------------------------

by beberlei at 2011/12/01 12:59:05 -0800

Yes i think. It doesn't cost anything to have this check and gives a much better error message than the generic Doctrine one.

---------------------------------------------------------------------------

by stof at 2011/12/01 13:22:05 -0800

but it gives it only in one case (id missing). It will not handle the case of incomplete composite key which will go to the doctrine error.

src/Symfony/Bridge/Doctrine/Security/User/EntityUserProvider.php

@@ -75,12 +75,21 @@ class EntityUserProvider implements UserProviderInterface
         if (!$user instanceof $this->class) {
             throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
         }
+        
 
         // The user must be reloaded via the primary key as all other data
         // might have changed without proper persistence in the database.
         // That's the case when the user has been changed by a form with
         // validation errors.
-        return $this->repository->find($this->metadata->getIdentifierValues($user));
+        $id = $this->metadata->getIdentifierValues($user);
+        if (!$id) {
+            throw new \InvalidArgumentException("You cannot refresh a user ".
+                "from the EntityUserProvider that does not contain an identifier. ".
+                "The user object has to be serialized with its own identifier " .
+                "mapped by Doctrine."
+            );
+        }
+        return $this->repository->find($id);
     }
 
     /**

tests/Symfony/Tests/Bridge/Doctrine/Security/User/EntityUserProviderTest.php

@@ -40,6 +40,20 @@ class EntityUserProviderTest extends DoctrineOrmTestCase
 
         $this->assertSame($user1, $provider->refreshUser($user1));
     }
+    
+    public function testRefreshUserRequiresId()
+    {
+        $em = $this->createTestEntityManager();
+        
+        $user1 = new CompositeIdentEntity(null, null, 'user1');
+        $provider = new EntityUserProvider($em, 'Symfony\Tests\Bridge\Doctrine\Fixtures\CompositeIdentEntity', 'name');
+        
+        $this->setExpectedException(
+            'InvalidArgumentException',
+            'You cannot refresh a user from the EntityUserProvider that does not contain an identifier. The user object has to be serialized with its own identifier mapped by Doctrine'
+        );
+        $provider->refreshUser($user1);
+    }
 
     private function createSchema($em)
     {