[Security] Changed has_user to is_granted for expression in upgrade 4.4 #34592
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* 4.4: Re-enable previously failing PHP 7.4 test cases [PhpUnitBridge] fix uninitialized variable [ErrorRenderer] fix Cannot use object of type ErrorException as array exception symfony#33631 [Twig] Add missing check Revert "bug symfony#33618 fix tests depending on other components' tests (xabbuh)" install from source to include components tests Fix undefined constant and other minor issues [Twig] Add NotificationEmail ensure compatibility with type resolver 0.5 Call AssertEquals with proper parameters [DependencyInjection] Allow binding iterable and tagged services [Twig] Fix Twig config extra keys fix tests depending on other components' tests Fix lint commands frozen on empty stdin
* 4.4: [PhpUnitBridge] bump cache id
* 4.4: [Process] fix typo in tests
* 4.4: [PhpUnitBridge] fix undefined variables
* 4.4: [PhpUnitBridge] more fixes for PHP 5.5
* 4.4: [HttpKernel] fix merge fix tests [HttpClient] fix throwing HTTP exceptions when the 1st chunk is emitted
* 4.4: fix merge
* 4.4: cleanup fix tests
This PR was merged into the 5.0-dev branch. Discussion ---------- [TwigBundle] fix accessing service arguments | Q | A | ------------- | --- | Branch? | master | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | | License | MIT | Doc PR | Commits ------- 6233cce fix accessing service arguments
* 4.4: [Cache] skip igbinary on PHP 7.4.0
* 4.4: [travis] checkout previous major and test with patched components on deps=high
* 4.4: [travis] install from dist except for selected components
* 4.4: [FrameworkBundle] fix tests fix typo
* 4.4: [travis] fix testing flipped versions [travis] honor .gitattributes when building local packages
* 4.3: [travis] fix CI
* 4.4: [travis] fix CI
* 4.4: [Twig] Remove deprecated tag usage
* 4.4: [travis] fix typo [travis] more CI fixes
* 4.4: [Security/Http] fix typo in deprecation message [Security] Deprecate isGranted()/decide() on more than one attribute Fixed a minor typo in the UPGRADE to 5.0 guide Various tweaks 3.4 Various tweaks 4.3 [Security] Make stateful firewalls turn responses private only when needed [PhpUnit] Fix usleep mock return value Revert \"feature symfony#33507 [WebProfiler] Deprecated intercept_redirects in 4.4 (dorumd)\" [TwigBundle] typo [TwigBundle] fix test case [Lock] use Predis\ClientInterface instead of Predis\Client Allow Twig 3 Minor tweaks Fix version typo in deprecation notice [Form][SubmitType] Add "validate" option hint to the --parse-tags when parsing tags fails Make legacy "wrong" RFC2047 encoding apply only to one header
* 4.4: [Routing] fix bad fix
This PR was merged into the 5.0-dev branch. Discussion ---------- [Security] remove deprecated code paths | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | | License | MIT | Doc PR | Commits ------- 2b6ce01 remove deprecated code paths
This PR was merged into the 5.0-dev branch. Discussion ---------- [Security] remove tests for legacy behavior | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | | License | MIT | Doc PR | Commits ------- 4e0f034 remove tests for legacy behavior
…an abstract unit system
…rings management with an abstract unit system (nicolas-grekas, hhamon, gharlan) This PR was merged into the 5.0-dev branch. Discussion ---------- [String] a new component for object-oriented strings management with an abstract unit system | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - This is a reboot of symfony#22184 (thanks @hhamon for working on it) and a generalization of my previous work on the topic ([patchwork/utf8](https://github.com/tchwork/utf8)). Unlike existing libraries (including `patchwork/utf8`), this component provides a unified API for the 3 unit systems of strings: bytes, code points and grapheme clusters. The unified API is defined by the `AbstractString` class. It has 2 direct child classes: `BinaryString` and `AbstractUnicodeString`, itself extended by `Utf8String` and `GraphemeString`. All objects are immutable and provide clear edge-case semantics, using exceptions and/or (nullable) types! Two helper functions are provided to create such strings: ```php new GraphemeString('foo') == u('foo'); // when dealing with Unicode, prefer grapheme units new BinaryString('foo') == b('foo'); ``` `GraphemeString` is the most linguistic-friendly variant of them, which means it's the one ppl should use most of the time *when dealing with written text*. Future ideas: - improve tests - add more docblocks (only where they'd add value!) - consider adding more methods in the string API (`is*()?`, `*Encode()`?, etc.) - first class Emoji support - merge the Inflector component into this one - use `width()` to improve `truncate()` and `wordwrap()` - move method `slug()` to a dedicated locale-aware service class - propose your ideas (send PRs after merge) Out of (current) scope: - what [intl](https://php.net/intl) provides (collations, transliterations, confusables, segmentation, etc) Here is the unified API I'm proposing in this PR, borrowed from looking at many existing libraries, but also Java, Python, JavaScript and Go. ```php function __construct(string $string = ''); static function unwrap(array $values): array static function wrap(array $values): array function after($needle, bool $includeNeedle = false, int $offset = 0): self; function afterLast($needle, bool $includeNeedle = false, int $offset = 0): self; function append(string ...$suffix): self; function before($needle, bool $includeNeedle = false, int $offset = 0): self; function beforeLast($needle, bool $includeNeedle = false, int $offset = 0): self; function camel(): self; function chunk(int $length = 1): array; function collapseWhitespace(): self function endsWith($suffix): bool; function ensureEnd(string $suffix): self; function ensureStart(string $prefix): self; function equalsTo($string): bool; function folded(): self; function ignoreCase(): self; function indexOf($needle, int $offset = 0): ?int; function indexOfLast($needle, int $offset = 0): ?int; function isEmpty(): bool; function join(array $strings): self; function jsonSerialize(): string; function length(): int; function lower(): self; function match(string $pattern, int $flags = 0, int $offset = 0): array; function padBoth(int $length, string $padStr = ' '): self; function padEnd(int $length, string $padStr = ' '): self; function padStart(int $length, string $padStr = ' '): self; function prepend(string ...$prefix): self; function repeat(int $multiplier): self; function replace(string $from, string $to): self; function replaceMatches(string $fromPattern, $to): self; function slice(int $start = 0, int $length = null): self; function snake(): self; function splice(string $replacement, int $start = 0, int $length = null): self; function split(string $delimiter, int $limit = null, int $flags = null): array; function startsWith($prefix): bool; function title(bool $allWords = false): self; function toBinary(string $toEncoding = null): BinaryString; function toGrapheme(): GraphemeString; function toUtf8(): Utf8String; function trim(string $chars = " \t\n\r\0\x0B\x0C\u{A0}\u{FEFF}"): self; function trimEnd(string $chars = " \t\n\r\0\x0B\x0C\u{A0}\u{FEFF}"): self; function trimStart(string $chars = " \t\n\r\0\x0B\x0C\u{A0}\u{FEFF}"): self; function truncate(int $length, string $ellipsis = ''): self; function upper(): self; function width(bool $ignoreAnsiDecoration = true): int; function wordwrap(int $width = 75, string $break = "\n", bool $cut = false): self; function __clone(); function __toString(): string; ``` `AbstractUnicodeString` adds these: ```php static function fromCodePoints(int ...$codes): self; function ascii(array $rules = []): self; function codePoint(int $index = 0): ?int; function folded(bool $compat = true): parent; function normalize(int $form = self::NFC): self; function slug(string $separator = '-'): self; ``` and `BinaryString`: ```php static function fromRandom(int $length = 16): self; function byteCode(int $index = 0): ?int; function isUtf8(): bool; function toUtf8(string $fromEncoding = null): Utf8String; function toGrapheme(string $fromEncoding = null): GraphemeString; ``` Case insensitive operations are done with the `ignoreCase()` method. e.g. `b('abc')->ignoreCase()->indexOf('B')` will return `1`. For reference, CLDR transliterations (used in the `ascii()` method) are defined here: https://github.com/unicode-org/cldr/tree/master/common/transforms Commits ------- dd8745a [String] add more tests 82a0095 [String] add tests 012e92a [String] a new component for object-oriented strings management with an abstract unit system
…halasr) This PR was merged into the 5.0 branch. Discussion ---------- [HttpKernel] Drop deprecated ExceptionListener | Q | A | ------------- | --- | Branch? | 5.0 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Commits ------- dede914 [HttpKernel] Drop deprecated ExceptionListener
* 4.4: [HttpKernel] Make ErrorListener::onKernelException()'s dispatcher argument explicit Removed extra whitespace [Security] Fix best encoder not wired using migrate_from
…(fancyweb) This PR was merged into the 5.0 branch. Discussion ---------- [Routing] Fix ContainerLoader and ObjectLoaderTest | Q | A | ------------- | --- | Branch? | master | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Commits ------- 0e5db6a [Routing] Fix ContainerLoader and ObjectLoaderTest
This PR was merged into the 5.0 branch. Discussion ---------- Allow PHP ^7.2.5 | Q | A | ------------- | --- | Branch? | 5.0 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | Fix symfony#34442 | License | MIT | Doc PR | - Let's what the CI says. Will need tagging all contracts as v2.0.1 after merge. Commits ------- 6194c2a Allow PHP ^7.2.5
* 4.4: [Routing] fix tests [Form] group constraints when calling the validator Remove wrong @group legacy annotations [DependencyInjection] Fix dumping multiple deprecated aliases allow button names to start with uppercase letter States that the HttpClient provides a Http Async implementation
* 5.0: [Routing] fix tests [DI] minor cleanup [Form] group constraints when calling the validator Remove wrong @group legacy annotations [DependencyInjection] Fix dumping multiple deprecated aliases allow button names to start with uppercase letter Allow PHP ^7.2.5 States that the HttpClient provides a Http Async implementation [Routing] Fix ContainerLoader and ObjectLoaderTest [HttpKernel] Make ErrorListener::onKernelException()'s dispatcher argument explicit [HttpKernel] Drop deprecated ExceptionListener Removed extra whitespace [Security] Fix best encoder not wired using migrate_from
…essageEvent (chapa) This PR was squashed before being merged into the 5.1-dev branch (closes symfony#34475). Discussion ---------- [Mailer] Add UPGRADE entries about Envelope and MessageEvent * Class `SmtpEnvelope` has been renamed to `Envelope` in symfony#33562 * A required `$transport` argument has been added to `MessageEvent` in symfony#32927 | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | N/A | License | MIT | Doc PR | already up-to-date Commits ------- 7baa295 [Mailer] Add UPGRADE entries about Envelope and MessageEvent
…n + better default message in case it is not set
…hod (koenreiniers) This PR was squashed before being merged into the 5.1-dev branch (closes symfony#34457). Discussion ---------- Added context to exceptions thrown in apply method | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes <!-- please update src/**/CHANGELOG.md files --> | Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files --> | Tickets | | License | MIT | Doc PR | During the workflow and state machines workshop at SymfonyCon, we noticed that the context in the apply method was not passed to the exceptions that are thrown. This could prove to be convenient for debugging purposes. Commits ------- 8f86c33 Added context to exceptions thrown in apply method
…e when blocking a transition + better default message in case it is not set (lyrixx) This PR was merged into the 5.1-dev branch. Discussion ---------- [DX] [Workflow] Added a way to specify a message when blocking a transition + better default message in case it is not set | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | Fix symfony#34466 | License | MIT | Doc PR | Commits ------- 169bb2f [Workflow] Added a way to specify a message when blocking a transition + better default message in case it is not set
… (PHP 7.4) (dunglas) This PR was squashed before being merged into the 5.1-dev branch (closes symfony#34557). Discussion ---------- [PropertyInfo] Add support for typed properties (PHP 7.4) | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files --> | Tickets | n/a <!-- prefix each issue number with "Fix #", if any --> | License | MIT | Doc PR | n/a Add support for [typed properties](https://wiki.php.net/rfc/typed_properties_v2), a new feature introduced in PHP 7.4: ```php class Foo { public Bar $bar; private ?bool $nullableBoolProp; } $this->extractor->getTypes(Foo::class, 'bar'); // Type[] $this->extractor->getTypes(Foo::class, 'nullableBoolProp'); // Type[] ``` #SymfonyHackday Commits ------- 7edfe4f [PropertyInfo] Add support for typed properties (PHP 7.4)
…altsov) This PR was squashed before being merged into the 5.1-dev branch (closes symfony#32937). Discussion ---------- [Routing] Deprecate RouteCollectionBuilder | Q | A | ------------- | --- | Branch? | 5.1 | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | symfony#32240 | License | MIT | Doc PR | symfony/symfony-docs#12688 | Recipe PR | symfony/recipes#690 A lot to be done here after the implementation is accepted: - [x] finish deprecations in the MicroKernelTrait - [x] deprecate the class - [x] mention in the CHANGELOG file - [x] mention in the UPGRADE file - [x] mark tests as legacy - [x] add a doc PR - [x] update the recipe Ping @Tobion , @nicolas-grekas . Commits ------- e641cbd [Routing] Deprecate RouteCollectionBuilder
|
can you please check the same file for 5.0? and the changelog of the component? Do they have a similar issue? |
|
Okay, this PR is a bit borked, I will re-open a correct one. |
fabpot
added a commit
that referenced
this pull request
Nov 26, 2019
… in upgrade 4.4 (linaori) This PR was merged into the 4.4 branch. Discussion ---------- [Security] Changed has_role to is_granted for expression in upgrade 4.4 | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | no | New feature? | no <!-- please update src/**/CHANGELOG.md files --> | Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files --> | Tickets | ~ <!-- prefix each issue number with "Fix #", if any --> | License | MIT | Doc PR | ~ <!-- required for new features --> A user on slack was looking for a replacement for the `[ROLE1, ROLE2]` notation on `$this->denyAccessUnlessGranted`. After searching for `has_role`, they pointed out that the function has been deprecated as well: https://github.com/symfony/security/blob/297ac031eeae519c87b400ff6ed7fc1819e64d73/Core/Authorization/ExpressionLanguageProvider.php#L57-L65 This PR fixes the upgrade guide to point to the non-deprecated alternative. Additionally it turns out that the removal of `has_role()` has not been documented in `UPGRADE-5.0.md` _remake of #34592, there will be another PR for security/CHANGELOG.md in 5.0_ Commits ------- 78ff806 has_roles should be is_granted in upgrade files
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A user on slack was looking for a replacement for the
[ROLE1, ROLE2]notation on$this->denyAccessUnlessGranted. After searching forhas_role, they pointed out that the function has been deprecated as well: https://github.com/symfony/security/blob/297ac031eeae519c87b400ff6ed7fc1819e64d73/Core/Authorization/ExpressionLanguageProvider.php#L57-L65This PR fixes the upgrade guide to point to the non-deprecated alternative.