[Pimcore 11] Exclude AdminBundle (#17)

* extract adminBundle.

* Replace getAdminUser with getPimcoreUser.

* Refactoring.

* Switch back to 11.x

* add conflict for alpha and beta versions

* Remove admin firewall settings.

.github/ci/files/config/packages/security.yaml

@@ -3,48 +3,19 @@ security:
 
     providers:
         pimcore_admin:
-            id: Pimcore\Bundle\AdminBundle\Security\User\UserProvider
+            id: Pimcore\Security\User\UserProvider
 
     firewalls:
         dev:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
 
         # Pimcore WebDAV HTTP basic // DO NOT CHANGE!
-        pimcore_admin_webdav:
-            pattern: ^/admin/asset/webdav
+        pimcore_webdav:
+            pattern: ^/asset/webdav
             provider: pimcore_admin
             http_basic: ~
 
-        # Pimcore admin form login // DO NOT CHANGE!
-        pimcore_admin:
-            pattern: ^/admin(/.*)?$
-            user_checker: Pimcore\Bundle\AdminBundle\Security\User\UserChecker
-            provider: pimcore_admin
-            login_throttling:
-                max_attempts: 3
-                interval: '5 minutes'
-            logout:
-                path: pimcore_admin_logout
-                target: pimcore_admin_login
-            form_login:
-                default_target_path: pimcore_admin_index
-                always_use_default_target_path: true
-                login_path: pimcore_admin_login
-                check_path: pimcore_admin_login_check
-                username_parameter: username
-                password_parameter: password
-            custom_authenticators:
-                - Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminTokenAuthenticator
-            two_factor:
-                auth_form_path: /admin/login/2fa                   # Path or route name of the two-factor form
-                check_path: /admin/login/2fa-verify                # Path or route name of the two-factor code check
-                default_target_path: /admin            # Where to redirect by default after successful authentication
-                always_use_default_target_path: false  # If it should always redirect to default_target_path
-                auth_code_parameter_name: _auth_code   # Name of the parameter for the two-factor authentication code
-                trusted_parameter_name: _trusted       # Name of the parameter for the trusted device option
-                multi_factor: false                    # If ALL active two-factor methods need to be fulfilled (multi-factor authentication)
-
     access_control:
         # Pimcore admin ACl  // DO NOT CHANGE!
         - { path: ^/admin/settings/display-custom-logo, roles: PUBLIC_ACCESS }
@@ -54,6 +25,7 @@ security:
         - { path: ^/admin/login$, roles: PUBLIC_ACCESS }
         - { path: ^/admin/login/(login|lostpassword|deeplink|csrf-token)$, roles: PUBLIC_ACCESS }
         - { path: ^/admin, roles: ROLE_PIMCORE_USER }
+        - { path: ^/asset/webdav, roles: ROLE_PIMCORE_USER }
 
     role_hierarchy:
         # Pimcore admin  // DO NOT CHANGE!

composer.json

@@ -11,13 +11,15 @@
   "require": {
     "php": "^8.1",
     "pimcore/pimcore": "^11.0",
-    "pimcore/admin-ui-classic-bundle": "^1.0",
     "amnuts/opcache-gui": "^3.0.1"
   },
   "require-dev": {
     "phpstan/phpstan": "1.10.5",
     "phpstan/phpstan-symfony": "^1.2.20"
   },
+  "conflict": {
+    "pimcore/pimcore": "v11.0.0-ALPHA1 || v11.0.0-ALPHA2 || v11.0.0-ALPHA3 || v11.0.0-ALPHA4 || v11.0.0-ALPHA5 || v11.0.0-ALPHA6 || v11.0.0-ALPHA7 || v11.0.0-ALPHA8 || v11.0.0-BETA1"
+  },
   "autoload": {
     "psr-4": {
       "Pimcore\\Bundle\\SystemInfoBundle\\": "src/"

src/Controller/OpcacheController.php

@@ -16,8 +16,8 @@
 
 namespace Pimcore\Bundle\SystemInfoBundle\Controller;
 
-use Pimcore\Bundle\AdminBundle\Controller\AdminController;
 use Pimcore\Controller\KernelControllerEventInterface;
+use Pimcore\Controller\UserAwareController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\ControllerEvent;
@@ -29,7 +29,7 @@
  *
  * @internal
  */
-class OpcacheController extends AdminController implements KernelControllerEventInterface
+class OpcacheController extends UserAwareController implements KernelControllerEventInterface
 {
     /**
      * @Route("/index", name="pimcore_bundle_systeminfo_opcache_index")

src/Controller/SettingsController.php

@@ -15,7 +15,7 @@
 
 namespace Pimcore\Bundle\SystemInfoBundle\Controller;
 
-use Pimcore\Bundle\AdminBundle\Controller\AdminController;
+use Pimcore\Controller\UserAwareController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Profiler\Profiler;
@@ -26,7 +26,7 @@
  *
  * @internal
  */
-class SettingsController extends AdminController
+class SettingsController extends UserAwareController
 {
     /**
      * @Route("/phpinfo", name="pimcore_bundle_systeminfo_settings_phpinfo", methods={"GET"})
@@ -44,7 +44,7 @@ public function phpinfoAction(Request $request, ?Profiler $profiler): Response
             $profiler->disable();
         }
 
-        if (!$this->getAdminUser()->isAdmin()) {
+        if (!$this->getPimcoreUser()->isAdmin()) {
             throw new \Exception('Permission denied');
         }
 

src/PimcoreSystemInfoBundle.php

@@ -15,22 +15,20 @@
 
 namespace Pimcore\Bundle\SystemInfoBundle;
 
-use Pimcore\Bundle\AdminBundle\Support\BundleAdminSupportTrait;
-use Pimcore\Bundle\AdminBundle\Support\PimcoreBundleAdminSupportInterface;
 use Pimcore\Extension\Bundle\AbstractPimcoreBundle;
+use Pimcore\Extension\Bundle\PimcoreBundleAdminClassicInterface;
+use Pimcore\Extension\Bundle\Traits\BundleAdminClassicTrait;
 use Pimcore\Extension\Bundle\Traits\PackageVersionTrait;
 
-class PimcoreSystemInfoBundle extends AbstractPimcoreBundle implements PimcoreBundleAdminSupportInterface
+class PimcoreSystemInfoBundle extends AbstractPimcoreBundle implements PimcoreBundleAdminClassicInterface
 {
-    use BundleAdminSupportTrait;
     use PackageVersionTrait;
+    use BundleAdminClassicTrait;
 
-    // @TODO Enable when bundle move to own repo
-    //
-    //    public function getComposerPackageName(): string
-    //    {
-    //        return 'pimcore/system-info-bundle';
-    //    }
+    public function getComposerPackageName(): string
+    {
+        return 'pimcore/system-info-bundle';
+    }
 
     public function getCssPaths(): array
     {