8000 round 2 · symfony/symfony@69e8d07 · GitHub
[go: up one dir, main page]
Skip to content

Commit 69e8d07

Browse files
maidmaidmaidmaid
committed
round 2
1 parent 26a8381 commit 69e8d07

File tree

8 files changed

+75
-64
lines changed

8 files changed

+75
-64
lines changed

src/Symfony/Component/Security/Core/Authorization/AccessDecision.php

Lines changed: 31 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,14 +13,15 @@
1313

1414
use Symfony\Component\Security\Core\Authorization\Voter\AccessTrait;
1515
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
16+
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
1617
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
1718

1819
class AccessDecision
1920
{
2021
use AccessTrait;
2122

2223
/** @var Vote[] */
23-
private $votes;
24+
private $votes = [];
2425

2526
private function __construct(int $access, array $votes = [])
2627
{
@@ -41,12 +42,37 @@ public static function createDenied(array $votes = []): self
4142
/**
4243
* @return Vote[]
4344
*/
44-
public function getVotes(int $access = null): array
45+
public function getVotes(): array
4546
{
46-
if (null === $access) {
47-
return $this->votes;
48-
}
47+
return $this->votes;
48+
}
49+
50+
/**
51+
* @return Vote[]
52+
*/
53+
public function getGrantedVotes(): array
54+
{
55+
return $this->getVotesByAccess(Voter::ACCESS_GRANTED);
56+
}
57+
58+
/**
59+
* @return Vote[]
60+
*/
61+
public function getAbstainedVotes(): array
62+
{
63+
return $this->getVotesByAccess(Voter::ACCESS_ABSTAIN);
64+
}
65+
66+
/**
67+
* @return Vote[]
68+
*/
69+
public function getDeniedVotes(): array
70+
{
71+
return $this->getVotesByAccess(Voter::ACCESS_DENIED);
72+
}
4973

74+
private function getVotesByAccess(int $access): array
75+
{
5076
return array_filter($this->votes, function (Vote $vote) use ($access) { return $vote->getAccess() === $access; });
5177
}
5278
}

src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -209,6 +209,11 @@ private function decideIfAllAbstainDecisions(): AccessDecision
209209

210210
private function vote(VoterInterface $voter, TokenInterface $token, $subject, array $attributes): Vote
211211
{
212-
return \is_int($vote = $voter->vote($token, $subject, $attributes)) ? Vote::create($vote) : $vote;
212+
if (\is_int($vote = $voter->vote($token, $subject, $attributes))) {
213+
trigger_deprecation('symfony/security', 5.1, 'Returning an int from the "%s::vote()" method is deprecated. Return a "" object instead.', get_class($this->voter), Vote::class);
214+
$vote = Vote::create($vote);
215+
}
216+
217+
return $vote;
213218
}
214219
}

src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,15 @@ final public function isGranted($attribute, $subject = null): bool
5555
$this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));
5656
}
5757

58-
return ($this->lastAccessDecision = $this->accessDecisionManager->decide($token, [$attribute], $subject))->isGranted();
58+
$this->lastAccessDecision = $this->accessDecisionManager->decide($token, [$attribute], $subject);
59+
60+
if (is_bool($this->lastAccessDecision)) {
61+
trigger_deprecation('symfony/security', 5.1, 'Returning a boolean from the "%s::decide()" method is deprecated. Return an "%s" object instead', get_class($this->accessDecisionManager), AccessDecision::class);
62+
63+
return $this->lastAccessDecision;
64+
}
65+
66+
return $this->lastAccessDecision->isGranted();
5967
}
6068

6169
public function getLastAccessDecision(): AccessDecision

src/Symfony/Component/Security/Core/Authorization/Voter/AccessTrait.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
trait AccessTrait
1515
{
1616
/** @var int */
17-
private $access;
17+
protected $access;
1818

1919
public function getAccess(): int
2020
{

src/Symfony/Component/Security/Core/Authorization/Voter/ExplainedVoterInterface.php

Lines changed: 0 additions & 21 deletions
This file was deleted.

src/Symfony/Component/Security/Core/Authorization/Voter/ExplainedVoterTrait.php

Lines changed: 0 additions & 30 deletions
This file was deleted.

src/Symfony/Component/Security/Core/Authorization/Voter/Voter.php

Lines changed: 27 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,8 @@
1919
* @author Roman Marintšenko <inoryy@gmail.com>
2020
* @author Grégoire Pineau <lyrixx@lyrixx.info>
2121
*/
22-
abstract class Voter implements VoterInterface, ExplainedVoterInterface
22+
abstract class Voter implements VoterInterface
2323
{
24-
use ExplainedVoterTrait;
25-
2624
/**
2725
* {@inheritdoc}
2826
*/
@@ -39,7 +37,8 @@ public function vote(TokenInterface $token, $subject, array $attributes)
3937
// as soon as at least one attribute is supported, default is to deny access
4038
$vote = $this->deny();
4139

42-
if (($v = $this->voteOnAttribute($attribute, $subject, $token))->isGranted()) {
40+
$v = is_bool($v = $this->voteOnAttribute($attribute, $subject, $token)) ? Vote::create($v) : $v; // BC layer
41+
if ($v->isGranted()) {
4342
// grant access as soon as at least one attribute returns a positive response
4443
return $v;
4544
} else {
@@ -50,6 +49,30 @@ public function vote(TokenInterface $token, $subject, array $attributes)
5049
return $vote;
5150
}
5251

52+
/**
53+
* Creates an granted vote.
54+
*/
55+
public function grant(string $reason = '', array $parameters = []): Vote
56+
{
57+
return Vote::createGranted($reason, $parameters);
58+
}
59+
60+
/**
61+
* Creates an abstained vote.
62+
*/
63+
public function abstain(string $reason = '', array $parameters = []): Vote
64+
{
65+
return Vote::createAbstrain($reason, $parameters);
66+
}
67+
68+
/**
69+
* Creates an denied vote.
70+
*/
71+
public function deny(string $reason = '', array $parameters = []): Vote
72+
{
73+
return Vote::createDenied($reason, $parameters);
74+
}
75+
5376
/**
5477
* Determines if the attribute and subject are supported by this voter.
5578
*

src/Symfony/Component/Security/Core/Exception/AccessDeniedException.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ public function setSubject($subject)
7070
public function setAccessDecision(AccessDecision $accessDecision)
7171
{
7272
$this->accessDecision = $accessDecision;
73-
$reasons = array_map(function (Vote $vote) { return $vote->getReason(); }, $this->accessDecision->getVotes(VoterInterface::ACCESS_DENIED));
73+
$reasons = array_map(function (Vote $vote) { return $vote->getReason(); }, $this->accessDecision->getDeniedVotes());
7474
$this->message .= rtrim(' '.implode(' ', $reasons));
7575
}
7676

0 commit comments

Comments
 (0)
0