8000 [Security] Trigger a deprecation when a voter is missing the VoterInterface by linaori · Pull Request #22629 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

[Security] Trigger a deprecation when a voter is missing the VoterInterface #22629

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 6 commits into from
Closed

[Security] Trigger a deprecation when a voter is missing the VoterInterface #22629

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
0df7c95
Trigger deprecation when missing VoterInterface
May 4, 2017
c8b5f80
Fixed phpunit compatibility
May 4, 2017
4a13ef5
Fixed feedback
May 4, 2017
ab0ab44
Rewording in the change- and upgrade-log
May 4, 2017
b187304
LogicException instead of BadMethodCallException
May 5, 2017
40ac4ec
Added a deprecation warning to AccessDecisionManager::vote()
May 5, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions UPGRADE-3.4.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
UPGRADE FROM 3.3 to 3.4
=======================

Security
--------

* Using voters that do not implement the `VoterInterface`is now deprecated in
the `AccessDecisionManager` and this functionality will be removed in 4.0.
6 changes: 6 additions & 0 deletions src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
CHANGELOG
=========

3.4.0
-----

* Tagging voters with the `security.voter` tag without implementing the
`VoterInterface` on the class is now deprecated and will be removed in 4.0.

3.3.0
-----

Expand Down
14 changes: 14 additions & 0 deletions src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
use Symfony\Component\DependencyInjection\Compiler\PriorityTaggedServiceTrait;
use Symfony\Component\DependencyInjection\Exception\LogicException;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;

/**
* Adds all configured security voters to the access decision manager.
Expand All @@ -40,6 +41,19 @@ public function process(ContainerBuilder $container)
throw new LogicException('No security voters found. You need to tag at least one with "security.voter"');
}

foreach ($voters as $voter) {
$class = $container->getDefinition((string) $voter)->getClass();

if (!is_a($class, VoterInterface::class, true)) {
@trigger_error(sprintf('Using a security.voter tag on a class without implementing the %1$s is deprecated as of 3.4 and will be removed in 4.0. Implement the %1$s instead.', VoterInterface::class), E_USER_DEPRECATED);
}

if (!method_exists($class, 'vote')) {
// in case the vote method is completely missing, to prevent exceptions when voting
throw new LogicException(sprintf('%s should implement the %s interface when used as voter.', $class, VoterInterface::class));
}
}

$adm = $container->getDefinition('security.access.decision_manager');
$adm->replaceArgument(0, new IteratorArgument($voters));
}
Expand Down
68 changes: 62 additions & 6 deletions ...ny/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/AddSecurityVotersPassTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,11 @@
use PHPUnit\Framework\TestCase;
use Symfony\Bundle\SecurityBundle\DependencyInjection\Compiler\AddSecurityVotersPass;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Exception\LogicException;
use Symfony\Component\DependencyInjection\Reference;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Tests\Authorization\Stub\VoterWithoutInterface;

class AddSecurityVotersPassTest extends TestCase
{
Expand All @@ -25,7 +29,7 @@ public function testNoVoters()
{
$container = new ContainerBuilder();
$container
->register('security.access.decision_manager', 'Symfony\Component\Security\Core\Authorization\AccessDecisionManager')
->register('security.access.decision_manager', AccessDecisionManager::class)
->addArgument(array())
;

Expand All @@ -37,23 +41,23 @@ public function testThatSecurityVotersAreProcessedInPriorityOrder()
{
$container = new ContainerBuilder();
$container
->register('security.access.decision_manager', 'Symfony\Component\Security\Core\Authorization\AccessDecisionManager')
->register('security.access.decision_manager', AccessDecisionManager::class)
->addArgument(array())
;
$container
->register('no_prio_service')
->register('no_prio_service', Voter::class)
->addTag('security.voter')
;
$container
->register('lowest_prio_service')
->register('lowest_prio_service', Voter::class)
->addTag('security.voter', array('priority' => 100))
;
$container
->register('highest_prio_service')
->register('highest_prio_service', Voter::class)
->addTag('security.voter', array('priority' => 200))
;
$container
->register('zero_prio_service')
->register('zero_prio_service', Voter::class)
->addTag('security.voter', array('priority' => 0))
;
$compilerPass = new AddSecurityVotersPass();
Expand All @@ -65,4 +69,56 @@ public function testThatSecurityVotersAreProcessedInPriorityOrder()
$this->assertEquals(new Reference('lowest_prio_service'), $refs[1]);
$this->assertCount(4, $refs);
}

/**
* @group legacy
* @expectedDeprecation Using a security.voter tag on a class without implementing the Symfony\Component\Security\Core\Authorization\Voter\VoterInterface is deprecated as of 3.4 and will be removed in 4.0. Implement the Symfony\Component\Security\Core\Authorization\Voter\VoterInterface instead.
*/
public function testVoterMissingInterface()
{
$container = new ContainerBuilder();
$container
->register('security.access.decision_manager', AccessDecisionManager::class)
->addArgument(array())
;
$container
->register('without_interface', VoterWithoutInterface::class)
->addTag('security.voter')
;
$compilerPass = new AddSecurityVotersPass();
$compilerPass->process($container);

$argument = $container->getDefinition('security.access.decision_manager')->getArgument(0);
$refs = $argument->getValues();
$this->assertEquals(new Reference('without_interface'), $refs[0]);
$this->assertCount(1, $refs);
}

/**
* @group legacy
*/
public function testVoterMissingInterfaceAndMethod()
{
$exception = LogicException::class;
$message = 'stdClass should implement the Symfony\Component\Security\Core\Authorization\Voter\VoterInterface interface when used as voter.';

if (method_exists($this, 'expectException')) {
$this->expectException($exception);
$this->expectExceptionMessage($message);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about using the annotations?

} else {
$this->setExpectedException($exception, $message);
}

$container = new ContainerBuilder();
$container
->register('security.access.decision_manager', AccessDecisionManager::class)
->addArgument(array())
;
$container
->register('without_method', 'stdClass')
->addTag('security.voter')
;
$compilerPass = new AddSecurityVotersPass();
$compilerPass->process($container);
}
}
6 changes: 6 additions & 0 deletions src/Symfony/Component/Security/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
CHANGELOG
=========

3.4.0
-----

* Using voters that do not implement the `VoterInterface`is now deprecated in
the `AccessDecisionManager` and this functionality will be removed in 4.0.

3.3.0
-----

Expand Down
27 changes: 24 additions & 3 deletions src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ private function decideAffirmative(TokenInterface $token, array $attributes, $ob
{
$deny = 0;
foreach ($this->voters as $voter) {
$result = $voter->vote($token, $object, $attributes);
$result = $this->vote($voter, $token, $object, $attributes);
switch ($result) {
case VoterInterface::ACCESS_GRANTED:
return true;
Expand Down Expand Up @@ -125,7 +125,7 @@ private function decideConsensus(TokenInterface $token, array $attributes, $obje
$grant = 0;
$deny = 0;
foreach ($this->voters as $voter) {
$result = $voter->vote($token, $object, $attributes);
$result = $this->vote($voter, $token, $object, $attributes);

switch ($result) {
case VoterInterface::ACCESS_GRANTED:
Expand Down Expand Up @@ -166,7 +166,7 @@ private function decideUnanimous(TokenInterface $token, array $attributes, $obje
$grant = 0;
foreach ($this->voters as $voter) {
foreach ($attributes as $attribute) {
$result = $voter->vote($token, $object, array($attribute));
$result = $this->vote($voter, $token, $object, array($attribute));

switch ($result) {
case VoterInterface::ACCESS_GRANTED:
Expand All @@ -190,4 +190,25 @@ private function decideUnanimous(TokenInterface $token, array $attributes, $obje

return $this->allowIfAllAbstainDecisions;
}

/**
* TokenInterface vote proxy method.
*
* Acts as a BC layer when the VoterInterface is not implemented on the voter.
*/
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would add a note to remove this method in 4.0 (to avoid forgetting about it).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I could make the method itself deprecated with a full-fledged warning, even though it's private. Would make it easier to detect.

private function vote($voter, TokenInterface $token, $subject, $attributes)
{
if ($voter instanceof VoterInterface) {
return $voter->vote($token, $subject, $attributes);
}

if (method_exists($voter, 'vote')) {
@trigger_error(sprintf('Calling vote() on an voter without %1$s is deprecated as of 3.4 and will be removed in 4.0. Implement the %1$s on your voter.', VoterInterface::class), E_USER_DEPRECATED);

// making the assumption that the signature matches
return $voter->vote($token, $subject, $attributes);
}

throw new \BadMethodCallException(sprintf('%s should implement the %s interface when used as voter.', get_class($voter), VoterInterface::class));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would still qualify it a \LogicException :) it's only possible by violating the contract. So technically this is a safeguard.. do we need it? Given the validation during compilation. 👍 for that.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to have it because it's a component that can be used without the DIC

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's still a safeguard :) sure it adds some DX value, but nowhere near the value added by the pass (validation at compile time). Practically for the component this is just creating cosmetic errors, which we dont do elsewhere really.

}
}
32 changes: 32 additions & 0 deletions src/Symfony/Component/Security/Core/Tests/Authorization/AccessDecisionManagerTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,10 @@
namespace Symfony\Component\Security\Core\Tests\Authorization;

use PHPUnit\Framework\TestCase;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
use Symfony\Component\Security\Core\Tests\Authorization\Stub\VoterWithoutInterface;

class AccessDecisionManagerTest extends TestCase
{
Expand Down Expand Up @@ -138,4 +140,34 @@ protected function getVoter($vote)

return $voter;
}

public function testVotingWrongTypeNoVoteMethod()
{
$exception = \BadMethodCallException::class;
$message = sprintf('stdClass should implement the %s interface when used as voter.', VoterInterface::class);

if (method_exists($this, 'expectException')) {
$this->expectException($exception);
$this->expectExceptionMessage($message);
} else {
$this->setExpectedException($exception, $message);
}

$adm = new AccessDecisionManager(array(new \stdClass()));
$token = $this->getMockBuilder(TokenInterface::class)->getMock();

$adm->decide($token, array('TEST'));
}

/**
* @group legacy
* @expectedDeprecation Calling vote() on an voter without Symfony\Component\Security\Core\Authorization\Voter\VoterInterface is deprecated as of 3.4 and will be removed in 4.0. Implement the Symfony\Component\Security\Core\Authorization\Voter\VoterInterface on your voter.
*/
public function testVotingWrongTypeWithVote()
{
$adm = new AccessDecisionManager(array(new VoterWithoutInterface()));
$token = $this->getMockBuilder(TokenInterface::class)->getMock();

$adm->decide($token, array('TEST'));
}
}
22 changes: 22 additions & 0 deletions src/Symfony/Component/Security/Core/Tests/Authorization/Stub/VoterWithoutInterface.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Component\Security\Core\Tests\Authorization\Stub;

/**
* @author Iltar van der Berg <kjarli@gmail.com>
*/
class VoterWithoutInterface
{
public function vote()
{
}
}
0