8000 minor #31724 [Security] remove the has_role() security expression fun… · symfony/symfony@bfa43d3 · GitHub
[go: up one dir, main page]
Skip to content

Commit bfa43d3

Browse files
nicolas-grekasnicolas-grekas
committed
minor #31724 [Security] remove the has_role() security expression function (xabbuh)
This PR was merged into the 5.0-dev branch. Discussion ---------- [Security] remove the has_role() security expression function | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | yes | Deprecations? | no | Tests pass? | yes | Fixed tickets | | License | MIT | Doc PR | Commits ------- c99dfdf remove the has_role() security expression function
2 parents d4464af + c99dfdf commit bfa43d3

File tree

4 files changed

+2
-54
lines changed

4 files changed

+2
-54
lines changed

src/Symfony/Component/Security/CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ CHANGELOG
66

77
* Removed `Argon2iPasswordEncoder`, use `SodiumPasswordEncoder` instead
88
* Removed `BcryptPasswordEncoder`, use `NativePasswordEncoder` instead
9+
* Removed the `has_role()` function from security expressions, use `is_granted()` instead.
910

1011
4.3.0
1112
-----

src/Symfony/Component/Security/Core/Authorization/ExpressionLanguageProvider.php

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -53,16 +53,6 @@ public function getFunctions()
5353
}, function (array $variables) {
5454
return $variables['trust_resolver']->isRememberMe($variables['token']);
5555
}),
56-
57-
new ExpressionFunction('has_role', function ($role) {
58-
@trigger_error('Using the "has_role()" function in security expressions is deprecated since Symfony 4.2, use "is_granted()" instead.', E_USER_DEPRECATED);
59-
60-
return sprintf('in_array(%s, $roles)', $role);
61-
}, function (array $variables, $role) {
62-
@trigger_error('Using the "has_role()" function in security expressions is deprecated since Symfony 4.2, use "is_granted()" instead.', E_USER_DEPRECATED);
63-
64-
return \in_array($role, $variables['roles']);
65-
}),
6656
];
6757
}
6858
}

src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php

Lines changed: 1 addition & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -33,25 +33,8 @@ class ExpressionVoter implements VoterInterface
3333
private $authChecker;
3434
private $roleHierarchy;
3535

36-
/**
37-
* @param AuthorizationCheckerInterface $authChecker
38-
*/
39-
public function __construct(ExpressionLanguage $expressionLanguage, AuthenticationTrustResolverInterface $trustResolver, $authChecker = null, RoleHierarchyInterface $roleHierarchy = null)
36+
public function __construct(ExpressionLanguage $expressionLanguage, AuthenticationTrustResolverInterface $trustResolver, AuthorizationCheckerInterface $authChecker, RoleHierarchyInterface $roleHierarchy = null)
4037
{
41-
if ($authChecker instanceof RoleHierarchyInterface) {
42-
@trigger_error(sprintf('Passing a RoleHierarchyInterface to "%s()" is deprecated since Symfony 4.2. Pass an AuthorizationCheckerInterface instead.', __METHOD__), E_USER_DEPRECATED);
43-
$roleHierarchy = $authChecker;
44-
$authChecker = null;
45-
46-
if (!method_exists($roleHierarchy, 'getReachableRoleNames')) {
47-
@trigger_error(sprintf('Not implementing the getReachableRoleNames() method in %s which implements %s is deprecated since Symfony 4.3.', \get_class($this->roleHierarchy), RoleHierarchyInterface::class), E_USER_DEPRECATED);
48-
}
49-
} elseif (null === $authChecker) {
50-
@trigger_error(sprintf('Argument 3 passed to "%s()" should be an instance of AuthorizationCheckerInterface, not passing it is deprecated since Symfony 4.2.', __METHOD__), E_USER_DEPRECATED);
51-
} elseif (!$authChecker instanceof AuthorizationCheckerInterface) {
52-
throw new \TypeError(sprintf('Argument 3 passed to %s() must be an instance of %s or null, %s given.', __METHOD__, AuthorizationCheckerInterface::class, \is_object($authChecker) ? \get_class($authChecker) : \gettype($authChecker)));
53-
}
54-
5538
$this->expressionLanguage = $expressionLanguage;
5639
$this->trustResolver = $trustResolver;
5740
$this->authChecker = $authChecker;

src/Symfony/Component/Security/Core/Tests/Authorization/ExpressionLanguageTest.php

Lines changed: 0 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -83,30 +83,4 @@ public function provider()
8383
[$usernamePasswordToken, "is_granted('ROLE_USER')", true],
8484
];
8585
}
86-
87-
/**
88-
* @dataProvider provideLegacyHasRole
89-
* @group legacy
90-
*/
91-
public function testLegacyHasRole($expression, $result, $roles = [])
92-
{
93-
$expressionLanguage = new ExpressionLanguage();
94-
$context = ['roles' => $roles];
95-
96-
$this->assertEquals($result, $expressionLanguage->evaluate($expression, $context));
97-
}
98-
99-
public function provideLegacyHasRole()
100-
{
101-
$roles = ['ROLE_USER', 'ROLE_ADMIN'];
102-
103-
return [
104-
["has_role('ROLE_FOO')", false],
105-
["has_role('ROLE_USER')", false],
106-
["has_role('ROLE_ADMIN')", false],
107-
["has_role('ROLE_FOO')", false, $roles],
108-
["has_role('ROLE_USER')", true, $roles],
109-
["has_role('ROLE_ADMIN')", true, $roles],
110-
];
111-
}
11286
}

0 commit comments

Comments
 (0)
0