bug #805 Enhancement: Fullfill interface and move comments to the method description (OskarStark)

This PR was merged into the 1.0-dev branch.

Discussion
----------

Enhancement: Fullfill interface and move comments to the method description

Before this fix, static analyzers are complaining:
```
Return type (void) of method App\Entity\User::getSalt() should be compatible with return type (string|null) of method Symfony\Component\Security\Core\User\UserInterface::getSalt()
```

cc @chalasr

Commits
-------

e7957ba Enhancement: Fullfill interface

Author: weaverryan

src/Security/UserClassBuilder.php

@@ -165,13 +165,20 @@ private function addGetPassword(ClassSourceManipulator $manipulator, UserClassCo
             // add an empty method only
             $builder = $manipulator->createMethodBuilder(
                 'getPassword',
-                null,
-                false,
-                ['@see UserInterface']
+                'string',
+                true,
+                [
+                    'This method is not needed for apps that do not check user passwords.',
+                    '',
+                    '@see UserInterface',
+                ]
             );
+
             $builder->addStmt(
-                $manipulator->createMethodLevelCommentNode(
-                    'not needed for apps that do not check user passwords'
+                new Node\Stmt\Return_(
+                    new Node\Expr\ConstFetch(
+                        new Node\Name('null')
+                    )
                 )
             );
 
@@ -222,26 +229,38 @@ private function addGetPassword(ClassSourceManipulator $manipulator, UserClassCo
 
     private function addGetSalt(ClassSourceManipulator $manipulator, UserClassConfiguration $userClassConfig)
     {
-        // add getSalt(): always empty
+        if ($userClassConfig->hasPassword()) {
+            $methodDescription = [
+                'Returning a salt is only needed, if you are not using a modern',
+                'hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.',
+            ];
+        } else {
+            $methodDescription = [
+                'This method is not needed for apps that do not check user passwords.',
+            ];
+        }
+
+        // add getSalt(): ?string - always returning null
         $builder = $manipulator->createMethodBuilder(
             'getSalt',
-            null,
-            false,
-            ['@see UserInterface']
+            'string',
+            true,
+            array_merge(
+                $methodDescription,
+                [
+                    '',
+                    '@see UserInterface',
+                ]
+            )
         );
-        if ($userClassConfig->hasPassword()) {
-            $builder->addStmt(
-                $manipulator->createMethodLevelCommentNode(
-                    'not needed when using the "bcrypt" algorithm in security.yaml'
-                )
-            );
-        } else {
-            $builder->addStmt(
-                $manipulator->createMethodLevelCommentNode(
-                    'not needed for apps that do not check user passwords'
+
+        $builder->addStmt(
+            new Node\Stmt\Return_(
+                new Node\Expr\ConstFetch(
+                    new Node\Name('null')
                 )
-            );
-        }
+            )
+        );
 
         $manipulator->addMethodBuilder($builder);
     }

tests/Security/fixtures/expected/UserEntityEmailWithPassword.php

@@ -95,11 +95,14 @@ public function setPassword(string $password): self
     }
 
     /**
+     * Returning a salt is only needed, if you are not using a modern
+     * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed when using the "bcrypt" algorithm in security.yaml
+        return null;
     }
 
     /**

tests/Security/fixtures/expected/UserEntityUser_nameWithPassword.php

@@ -90,11 +90,14 @@ public function setPassword(string $password): self
     }
 
     /**
+     * Returning a salt is only needed, if you are not using a modern
+     * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed when using the "bcrypt" algorithm in security.yaml
+        return null;
     }
 
     /**

tests/Security/fixtures/expected/UserEntityUsernameNoPassword.php

@@ -69,19 +69,23 @@ public function setRoles(array $roles): self
     }
 
     /**
+     * This method is not needed for apps that do not check user passwords.
+     *
      * @see UserInterface
      */
-    public function getPassword()
+    public function getPassword(): ?string
     {
-        // not needed for apps that do not check user passwords
+        return null;
     }
 
     /**
+     * This method is not needed for apps that do not check user passwords.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed for apps that do not check user passwords
+        return null;
     }
 
     /**

tests/Security/fixtures/expected/UserEntityUsernameWithPassword.php

@@ -90,11 +90,14 @@ public function setPassword(string $password): self
     }
 
     /**
+     * Returning a salt is only needed, if you are not using a modern
+     * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed when using the "bcrypt" algorithm in security.yaml
+        return null;
     }
 
     /**

tests/Security/fixtures/expected/UserModelEmailWithPassword.php

@@ -72,11 +72,14 @@ public function setPassword(string $password): self
     }
 
     /**
+     * Returning a salt is only needed, if you are not using a modern
+     * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed when using the "bcrypt" algorithm in security.yaml
+        return null;
     }
 
     /**

tests/Security/fixtures/expected/UserModelUsernameNoPassword.php

@@ -47,19 +47,23 @@ public function setRoles(array $roles): self
     }
 
     /**
+     * This method is not needed for apps that do not check user passwords.
+     *
      * @see UserInterface
      */
-    public function getPassword()
+    public function getPassword(): ?string
     {
-        // not needed for apps that do not check user passwords
+        return null;
     }
 
     /**
+     * This method is not needed for apps that do not check user passwords.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed for apps that do not check user passwords
+        return null;
     }
 
     /**

tests/Security/fixtures/expected/UserModelUsernameWithPassword.php

@@ -67,11 +67,14 @@ public function setPassword(string $password): self
     }
 
     /**
+     * Returning a salt is only needed, if you are not using a modern
+     * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
+     *
      * @see UserInterface
      */
-    public function getSalt()
+    public function getSalt(): ?string
     {
-        // not needed when using the "bcrypt" algorithm in security.yaml
+        return null;
     }
 
     /**