8000 [Security] add 'is_granted' to default security ExpressionLanguage? · Issue #23084 · symfony/symfony · GitHub
[go: up one dir, main page]

Skip to content
[Security] add 'is_granted' to default security ExpressionLanguage? #23084
Closed
@dmaicher

Description

@dmaicher
Q A
Bug report? no
Feature request? yes
BC Break report? no
RFC? no
Symfony version 3.4

In one of my projects I would like to evaluate a complex expression involving checking other custom attribute voters.

Unfortunately this does not work out of the box:

$authChecker->isGranted(new Expression("is_granted('custom_attr') and/or ..."))

==> The function "is_granted" does not exist around position 1 for expression ...

My solution for now is to add a custom extension for the security ExpressionLanguage and tag it with security.expression_language_provider:

use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\ExpressionLanguage\ExpressionFunction;
use Symfony\Component\ExpressionLanguage\ExpressionFunctionProviderInterface;

class ExpressionLanguageProvider implements ExpressionFunctionProviderInterface
{
    /**
     * @var ContainerInterface
     */
    private $container;

    public function __construct(ContainerInterface $container)
    {
        $this->container = $container;
    }

    public function getFunctions()
    {
        return [
            new ExpressionFunction('is_granted', null, function (array $variables, $attributes, $object = null) {
                return $this->container->get('security.authorization_checker')->isGranted($attributes, $object);
            })
        ];
    }
}

As @stof pointed out here symfony/symfony-docs#4282 there is a circular dependency and that's why I get the security.authorization_checker directly from the container. It would also be possible to use a ServiceLocator for it in 3.4.

WDYT? Should we think about adding this to the core? To me it seems quite useful.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      0