added some tests for security/routing integration

src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityRoutingIntegrationTest.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace Symfony\Bundle\SecurityBundle\Tests\Functional;
+
+class SecurityRoutingIntegrationTest extends WebTestCase
+{
+    public function testRoutingErrorIsNotExposedForProtectedResourceWhenAnonymous()
+    {
+        $client = $this->createClient(array('test_case' => 'StandardFormLogin'));
+        $client->request('GET', '/protected_resource');
+
+        $this->assertRedirect($client->getResponse(), '/login');
+    }
+
+    public function testRoutingErrorIsExposedWhenNotProtected()
+    {
+        $client = $this->createClient(array('test_case' => 'StandardFormLogin'));
+        $client->request('GET', '/unprotected_resource');
+
+        $this->assertEquals(404, $client->getResponse()->getStatusCode());
+    }
+
+    public function testRoutingErrorIsNotExposedForProtectedResourceWhenLoggedInWithInsufficientRights()
+    {
+        $client = $this->createClient(array('test_case' => 'StandardFormLogin'));
+
+        $form = $client->request('GET', '/login')->selectButton('login')->form();
+        $form['_username'] = 'johannes';
+        $form['_password'] = 'test';
+        $client->submit($form);
+
+        $client->request('GET', '/highly_protected_resource');
+
+        $this->assertNotEquals(404, $client->getResponse()->getStatusCode());
+    }
+}

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml

@@ -1,5 +1,5 @@
 imports:
-    - { type: file, resource: ./../config/default.yml }
+    - { resource: ./../config/default.yml }
 
 security:
     encoders:
@@ -11,6 +11,9 @@ security:
                 johannes: { password: test, roles: [ROLE_USER] }
             
     firewalls:
+        # This firewall doesn't make sense in combination with the rest of the
+        # configuration file, but it's here for testing purposes (do not use 
+        # this file in a real world scenario though)
         login_form:
             pattern: ^/login$
             security: false
@@ -18,6 +21,9 @@ security:
         default:
             form_login:
                 check_path: /login_check
+            anonymous: ~
 
     access_control:
+        - { path: ^/unprotected_resource$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/highly_protected_resource$, roles: IS_ADMIN }
         - { path: .*, roles: IS_AUTHENTICATED_FULLY }

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/config/default.yml

@@ -1,21 +1,3 @@
-framework:
-    charset:       UTF-8
-    secret:        test
-    csrf_protection:
-        enabled: true
-    router:        { resource: "%kernel.root_dir%/%kernel.test_case%/routing.yml" }
-    validation:    { enabled: true, enable_annotations: true }
-    templating:    { engines: ['twig'] }
-    form: ~
-    test: ~
-    session:
-        default_locale: en
-        lifetime:       3600
-        auto_start:     true
-        storage_id: session.storage.filesystem
-
-# Twig Configuration 
-twig:
-    debug:            %kernel.debug%
-    strict_variables: %kernel.debug%
-    extensions: []
+imports:
+    - { resource: framework.yml }
+    - { resource: twig.yml }

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/config/framework.yml

@@ -0,0 +1,14 @@
+framework:
+    charset:       UTF-8
+    secret:        test
+    csrf_protection:
+        enabled: true
+    router:        { resource: "%kernel.root_dir%/%kernel.test_case%/routing.yml" }
+    validation:    { enabled: true, enable_annotations: true }
+    form: ~
+    test: ~
+    session:
+        default_locale: en
+        lifetime:       3600
+        auto_start:     true
+        storage_id: session.storage.filesystem

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/config/twig.yml

@@ -0,0 +1,8 @@
+framework:
+    templating:    { engines: ['twig'] }
+
+# Twig Configuration 
+twig:
+    debug:            %kernel.debug%
+    strict_variables: %kernel.debug%
+    extensions: []