feat: show Profile in secured action

Author: 77web

config/packages/security.yaml

@@ -27,17 +27,10 @@ security:
     # Note: Only the *first* access control that matches will be used
     access_control:
         # - { path: ^/admin, roles: ROLE_ADMIN }
-        # - { path: ^/profile, roles: ROLE_USER }
+        - { path: ^/profile, roles: ROLE_USER }
 
 when@test:
     security:
         password_hashers:
-            # By default, password hashers are resource intensive and take time. This is
-            # important to generate secure password hashes. In tests however, secure hashes
-            # are not important, waste resources and increase test times. The following
-            # reduces the work factor to the lowest possible values.
             Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
-                algorithm: auto
-                cost: 4 # Lowest possible value for bcrypt
-                time_cost: 3 # Lowest possible value for argon
-                memory_cost: 10 # Lowest possible value for argon
+                algorithm: plaintext

docker-compose.override.yml

@@ -4,5 +4,5 @@ services:
 ###> doctrine/doctrine-bundle ###
   database:
     ports:
-      - "5432"
+      - "5432:5432"
 ###< doctrine/doctrine-bundle ###

src/Controller/ProfileController.php

@@ -0,0 +1,18 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+class ProfileController extends AbstractController
+{
+    #[Route("/profile", name: 'profile_index')]
+    public function index(): Response
+    {
+        return $this->render('profile/index.html.twig');
+    }
+}

templates/profile/index.html.twig

@@ -0,0 +1,5 @@
+{% extends 'base.html.twig' %}
+
+{% block body %}
+    This is profile page for {{ app.user.email }}.
+{% endblock %}

tests/Controller/ProfileControllerTest.php

@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Controller;
+
+use App\Entity\User;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Bundle\FrameworkBundle\KernelBrowser;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Zenstruck\Foundry\Test\ResetDatabase;
+
+class ProfileControllerTest extends WebTestCase
+{
+    use ResetDatabase;
+
+    private KernelBrowser $client;
+    private User $user;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->user = new User();
+        $this->user->setEmail('[email protected]');
+        $this->user->setPassword('test');
+        $this->user->setRoles(['ROLE_USER']);
+
+        $this->client = static::createClient();
+        $em = $this->client->getContainer()->get(EntityManagerInterface::class);
+        $em->persist($this->user);
+        $em->flush();
+    }
+
+    public function test(): void
+    {
+        $this->client->loginUser($this->user);
+        $crawler = $this->client->request('GET', '/profile');
+        $this->assertTrue($this->client->getResponse()->isOk());
+        $this->assertTrue($crawler->filter('body:contains("[email protected]")')->count() === 1);
+    }
+
+    public function testNotAuthenticated(): void
+    {
+        $this->client->request('GET', '/profile');
+        $this->assertEquals(401, $this->client->getResponse()->getStatusCode());
+    }
+}