update configuration of app for internal testing app

tests/app/config/packages/security.yaml

@@ -1,6 +1,14 @@
 security:
 
-    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
+    access_decision_manager:
+        strategy: unanimous
+        allow_if_all_abstain: false
+
+    enable_authenticator_manager: true
+    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
+    password_hashers:
+        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
+    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
     providers:
 
         chain_provider:
@@ -9,12 +17,11 @@ security:
         in_memory:
             memory:
                 users:
-                    admin: { password: '%env(resolve:ADMIN_PASSWORD)%', roles: ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'] }
+                    admin: { password: '%env(resolve:ADMIN_PASSWORD)%', roles: ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH', 'ROLE_USER'] }
         users:
             id: chill.main.user_provider
 
     encoders:
-
         Chill\MainBundle\Entity\User:
             algorithm: bcrypt
         Symfony\Component\Security\Core\User\User: plaintext
@@ -25,19 +32,30 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
 
+        wopi:
+            pattern: ^/wopi
+            provider: chain_provider
+            stateless: true
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
         default:
-            anonymous: ~
+            # remove during upgrade from symfony 4 to symfony 5 TODO check this
+            #anonymous: ~
             provider: chain_provider
             form_login:
                 csrf_parameter: _csrf_token
                 csrf_token_id: authenticate
                 #csrf_provider: security.csrf.token_manager
-            logout_on_user_change: true
-            logout: ~
+            # remove during upgrade from symfony 4 to symfony 5 TODO check this
+            # logout_on_user_change: true
+            logout:
+                path: /logout
 
             # uncomment to enable impersonate mode in Chill
             # https://symfony.com/doc/current/security/impersonating_user.html
-            # switch_user: true
+            switch_user: true
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#firewalls-authentication
@@ -47,6 +65,7 @@ security:
     access_control:
         - { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY }
         # access for homepage, the homepage redirect admin to admin section
         - { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
         - { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
@@ -56,3 +75,16 @@ security:
         - { path: ^/([a-z]+/)?admin, roles: ROLE_ADMIN }
         # other pages, only for regular user (no admin)
         - { path: ^/, roles: ROLE_USER }
+
+when@test:
+    security:
+        password_hashers:
+            # By default, password hashers are resource intensive and take time. This is
+            # important to generate secure password hashes. In tests however, secure hashes
+            # are not important, waste resources and increase test times. The following
+            # reduces the work factor to the lowest possible values.
+            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
+                algorithm: auto
+                cost: 4 # Lowest possible value for bcrypt
+                time_cost: 3 # Lowest possible value for argon
+                memory_cost: 10 # Lowest possible value for argon