From 0393724fd05bc630676adeb5d4307d97d6ba0e98 Mon Sep 17 00:00:00 2001 From: Christian Flothmann Date: Mon, 28 Nov 2016 08:59:03 +0100 Subject: [PATCH] =?UTF-8?q?[Security]=C2=A0deprecate=20the=20RoleInterface?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- UPGRADE-3.3.md | 6 ++++++ UPGRADE-4.0.md | 6 ++++++ .../Core/Authentication/Token/AbstractToken.php | 2 +- .../Core/Authentication/Token/AnonymousToken.php | 8 ++++---- .../Authentication/Token/PreAuthenticatedToken.php | 10 +++++----- .../Authentication/Token/UsernamePasswordToken.php | 10 +++++----- src/Symfony/Component/Security/Core/Role/Role.php | 3 +-- .../Component/Security/Core/Role/RoleInterface.php | 2 ++ .../Guard/Token/PostAuthenticationGuardToken.php | 8 ++++---- .../Http/Tests/Firewall/SwitchUserListenerTest.php | 9 +++++---- 10 files changed, 39 insertions(+), 25 deletions(-) diff --git a/UPGRADE-3.3.md b/UPGRADE-3.3.md index 758941e2eb598..92d084ca6e384 100644 --- a/UPGRADE-3.3.md +++ b/UPGRADE-3.3.md @@ -6,3 +6,9 @@ ClassLoader * The ApcClassLoader, WinCacheClassLoader and XcacheClassLoader classes have been deprecated in favor of the `--apcu-autoloader` option introduced in composer 1.3 + +Security +-------- + + * The `RoleInterface` has been deprecated. Extend the `Symfony\Component\Security\Core\Role\Role` + class in your custom role implementations instead. diff --git a/UPGRADE-4.0.md b/UPGRADE-4.0.md index 7463425be81a0..7aaf88b79ba68 100644 --- a/UPGRADE-4.0.md +++ b/UPGRADE-4.0.md @@ -170,6 +170,12 @@ HttpKernel * The `DataCollector::varToString()` method has been removed in favor of `cloneVar()`. +Security +-------- + + * The `RoleInterface` has been removed. Extend the `Symfony\Component\Security\Core\Role\Role` + class instead. + Serializer ---------- diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php index 7538648b1329f..2f517f38f1b82 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php @@ -33,7 +33,7 @@ abstract class AbstractToken implements TokenInterface /** * Constructor. * - * @param RoleInterface[]|string[] $roles An array of roles + * @param (Role|string)[] $roles An array of roles * * @throws \InvalidArgumentException */ diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php index 76c88ba4ac0da..33b480c7df1df 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Core\Authentication\Token; -use Symfony\Component\Security\Core\Role\RoleInterface; +use Symfony\Component\Security\Core\Role\Role; /** * AnonymousToken represents an anonymous token. @@ -25,9 +25,9 @@ class AnonymousToken extends AbstractToken /** * Constructor. * - * @param string $secret A secret used to make sure the token is created by the app and not by a malicious client - * @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string - * @param RoleInterface[] $roles An array of roles + * @param string $secret A secret used to make sure the token is created by the app and not by a malicious client + * @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string + * @param Role[] $roles An array of roles */ public function __construct($secret, $user, array $roles = array()) { diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php index b4b5e70b188fb..feb53cc5181f5 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Core\Authentication\Token; -use Symfony\Component\Security\Core\Role\RoleInterface; +use Symfony\Component\Security\Core\Role\Role; /** * PreAuthenticatedToken implements a pre-authenticated token. @@ -26,10 +26,10 @@ class PreAuthenticatedToken extends AbstractToken /** * Constructor. * - * @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string - * @param mixed $credentials The user credentials - * @param string $providerKey The provider key - * @param RoleInterface[]|string[] $roles An array of roles + * @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string + * @param mixed $credentials The user credentials + * @param string $providerKey The provider key + * @param (Role|string)[] $roles An array of roles */ public function __construct($user, $credentials, $providerKey, array $roles = array()) { diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php index 33b00f01f82ae..a7d530c741be6 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Core\Authentication\Token; -use Symfony\Component\Security\Core\Role\RoleInterface; +use Symfony\Component\Security\Core\Role\Role; /** * UsernamePasswordToken implements a username and password token. @@ -26,10 +26,10 @@ class UsernamePasswordToken extends AbstractToken /** * Constructor. * - * @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method - * @param string $credentials This usually is the password of the user - * @param string $providerKey The provider key - * @param RoleInterface[]|string[] $roles An array of roles + * @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method + * @param string $credentials This usually is the password of the user + * @param string $providerKey The provider key + * @param (Role|string)[] $roles An array of roles * * @throws \InvalidArgumentException */ diff --git a/src/Symfony/Component/Security/Core/Role/Role.php b/src/Symfony/Component/Security/Core/Role/Role.php index 5b50981fe1a78..7cb4698ea84a2 100644 --- a/src/Symfony/Component/Security/Core/Role/Role.php +++ b/src/Symfony/Component/Security/Core/Role/Role.php @@ -12,8 +12,7 @@ namespace Symfony\Component\Security\Core\Role; /** - * Role is a simple implementation of a RoleInterface where the role is a - * string. + * Role is a simple implementation representing a role identified by a string. * * @author Fabien Potencier */ diff --git a/src/Symfony/Component/Security/Core/Role/RoleInterface.php b/src/Symfony/Component/Security/Core/Role/RoleInterface.php index 3d4cbeab567dd..a0621baa6b4be 100644 --- a/src/Symfony/Component/Security/Core/Role/RoleInterface.php +++ b/src/Symfony/Component/Security/Core/Role/RoleInterface.php @@ -18,6 +18,8 @@ * supported by at least one AccessDecisionManager. * * @author Fabien Potencier + * + * @deprecated The RoleInterface is deprecated since version 3.3 and will be removed in 4.0. Extend the Symfony\Component\Security\Core\Role\Role class instead. */ interface RoleInterface { diff --git a/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php b/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php index 36c40cab9579d..6852d9e2fe0c8 100644 --- a/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php +++ b/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php @@ -12,7 +12,7 @@ namespace Symfony\Component\Security\Guard\Token; use Symfony\Component\Security\Core\Authentication\Token\AbstractToken; -use Symfony\Component\Security\Core\Role\RoleInterface; +use Symfony\Component\Security\Core\Role\Role; use Symfony\Component\Security\Core\User\UserInterface; /** @@ -28,9 +28,9 @@ class PostAuthenticationGuardToken extends AbstractToken implements GuardTokenIn private $providerKey; /** - * @param UserInterface $user The user! - * @param string $providerKey The provider (firewall) key - * @param RoleInterface[]|string[] $roles An array of roles + * @param UserInterface $user The user! + * @param string $providerKey The provider (firewall) key + * @param (Role|string)[] $roles An array of roles * * @throws \InvalidArgumentException */ diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php index 28d73e0c3b217..140a58072c7b5 100644 --- a/src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php +++ b/src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\Firewall; +use Symfony\Component\Security\Core\Role\Role; use Symfony\Component\Security\Http\Event\SwitchUserEvent; use Symfony\Component\Security\Http\Firewall\SwitchUserListener; use Symfony\Component\Security\Http\SecurityEvents; @@ -66,7 +67,7 @@ public function testEventIsIgnoredIfUsernameIsNotPassedWithTheRequest() */ public function testExitUserThrowsAuthenticationExceptionIfOriginalTokenCannotBeFound() { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); + $token = $this->getToken(array(new Role('the role'))); $this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token)); $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit')); @@ -216,7 +217,7 @@ public function testExitUserDoesNotDispatchEventWithStringUser() */ public function testSwitchUserIsDisallowed() { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); + $token = $this->getToken(array(new Role('the role'))); $this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token)); $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba')); @@ -231,7 +232,7 @@ public function testSwitchUserIsDisallowed() public function testSwitchUser() { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); + $token = $this->getToken(array(new Role('the role'))); $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); $user->expects($this->any())->method('getRoles')->will($this->returnValue(array())); @@ -261,7 +262,7 @@ public function testSwitchUser() public function testSwitchUserKeepsOtherQueryStringParameters() { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); + $token = $this->getToken(array(new Role('the role'))); $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); $user->expects($this->any())->method('getRoles')->will($this->returnValue(array()));