Clarified single attribute to isGranted() a bit more

wouterj · wouterj · commit e41e6b48a99d · 2019-11-09T00:23:23.000+01:00
Also, allow the array type for a single attribute.
diff --git a/src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php b/src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php
@@ -14,7 +14,6 @@
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
-use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
 
 /**
  * AuthorizationChecker is the main authorization point of the Security component.
@@ -44,7 +43,7 @@ public function __construct(TokenStorageInterface $tokenStorage, AuthenticationM
      *
      * @throws AuthenticationCredentialsNotFoundException when the token storage has no authentication token
      */
-    final public function isGranted($attributes, $subject = null): bool
+    final public function isGranted($attribute, $subject = null): bool
     {
         if (null === ($token = $this->tokenStorage->getToken())) {
             throw new AuthenticationCredentialsNotFoundException('The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.');
@@ -54,10 +53,6 @@ final public function isGranted($attributes, $subject = null): bool
             $this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));
         }
 
-        if (\is_array($attributes)) {
-            throw new InvalidArgumentException(sprintf('Passing an array of Security attributes to %s() is not supported.', __METHOD__));
-        }
-
-        return $this->accessDecisionManager->decide($token, [$attributes], $subject);
+        return $this->accessDecisionManager->decide($token, [$attribute], $subject);
     }
 }
diff --git a/src/Symfony/Component/Security/Core/Authorization/AuthorizationCheckerInterface.php b/src/Symfony/Component/Security/Core/Authorization/AuthorizationCheckerInterface.php
@@ -21,10 +21,10 @@ interface AuthorizationCheckerInterface
     /**
      * Checks if the attributes are granted against the current authentication token and optionally supplied subject.
      *
-     * @param mixed $attributes
+     * @param mixed $attribute A single attribute to vote on (can be of any type, string and instance of Expression are supported by the core)
      * @param mixed $subject
      *
      * @return bool
      */
-    public function isGranted($attributes, $subject = null);
+    public function isGranted($attribute, $subject = null);
 }

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,6 @@`
`14`	`14`	`use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;`
`15`	`15`	`use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`16`	`16`	`use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;`
`17`		`-use Symfony\Component\Security\Core\Exception\InvalidArgumentException;`
`18`	`17`
`19`	`18`	`/**`
`20`	`19`	`* AuthorizationChecker is the main authorization point of the Security component.`
`@@ -44,7 +43,7 @@ public function __construct(TokenStorageInterface $tokenStorage, AuthenticationM`
`44`	`43`	`*`
`45`	`44`	`* @throws AuthenticationCredentialsNotFoundException when the token storage has no authentication token`
`46`	`45`	`*/`
`47`		`- final public function isGranted($attributes, $subject = null): bool`
	`46`	`+ final public function isGranted($attribute, $subject = null): bool`
`48`	`47`	`{`
`49`	`48`	`if (null === ($token = $this->tokenStorage->getToken())) {`
`50`	`49`	`throw new AuthenticationCredentialsNotFoundException('The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.');`
`@@ -54,10 +53,6 @@ final public function isGranted($attributes, $subject = null): bool`
`54`	`53`	`$this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));`
`55`	`54`	`}`
`56`	`55`
`57`		`- if (\is_array($attributes)) {`
`58`		`- throw new InvalidArgumentException(sprintf('Passing an array of Security attributes to %s() is not supported.', __METHOD__));`
`59`		`- }`
`60`		`-`
`61`		`- return $this->accessDecisionManager->decide($token, [$attributes], $subject);`
	`56`	`+ return $this->accessDecisionManager->decide($token, [$attribute], $subject);`
`62`	`57`	`}`
`63`	`58`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,10 +21,10 @@ interface AuthorizationCheckerInterface`
`21`	`21`	`/**`
`22`	`22`	`* Checks if the attributes are granted against the current authentication token and optionally supplied subject.`
`23`	`23`	`*`
`24`		`- * @param mixed $attributes`
	`24`	`+ * @param mixed $attribute A single attribute to vote on (can be of any type, string and instance of Expression are supported by the core)`
`25`	`25`	`* @param mixed $subject`
`26`	`26`	`*`
`27`	`27`	`* @return bool`
`28`	`28`	`*/`
`29`		`- public function isGranted($attributes, $subject = null);`
	`29`	`+ public function isGranted($attribute, $subject = null);`
`30`	`30`	`}`