Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 28606e1

Browse files
wouterjwouterj
committed
Deprecated is_*() expression functions
is_granted() should be used instead with the correct attributes
1 parent 911347e commit 28606e1

File tree

5 files changed

+87
-7
lines changed

5 files changed

+87
-7
lines changed

UPGRADE-5.1.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,21 @@ Routing
5959
* Deprecated `RouteCollectionBuilder` in favor of `RoutingConfigurator`.
6060
* Added argument `$priority` to `RouteCollection::add()`
6161

62+
Security
63+
--------
64+
65+
* The `is_anonymous()`, `is_remember_me()`, `is_authenticated()` and `is_fully_authenticated()` expression functions are removed. Use `is_granted()` with the correct attribute instead:
66+
67+
Before:
68+
```
69+
is_remember_me() or is_anonymous()
70+
```
71+
72+
After:
73+
```
74+
is_granted('IS_REMEMBERED') or is_granted('IS_ANONYMOUS')
75+
```
76+
6277
Yaml
6378
----
6479

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,5 +50,5 @@ security:
5050
- { path: ^/secured-by-one-env-placeholder$, ips: '%env(APP_IP)%', roles: IS_AUTHENTICATED_ANONYMOUSLY }
5151
- { path: ^/secured-by-one-env-placeholder-and-one-real-ip$, ips: ['%env(APP_IP)%', 198.51.100.0], roles: IS_AUTHENTICATED_ANONYMOUSLY }
5252
- { path: ^/highly_protected_resource$, roles: IS_ADMIN }
53-
- { path: ^/protected-via-expression$, allow_if: "(is_anonymous() and request.headers.get('user-agent') matches '/Firefox/i') or is_granted('ROLE_USER')" }
53+
- { path: ^/protected-via-expression$, allow_if: "(is_granted('IS_ANONYMOUS') and request.headers.get('user-agent') matches '/Firefox/i') or is_granted('ROLE_USER')" }
5454
- { path: .*, roles: IS_AUTHENTICATED_FULLY }

src/Symfony/Component/Security/CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ CHANGELOG
66

77
* Added access decision strategy to override access decisions by voter service priority
88
* Added `IS_ANONYMOUS`, `IS_REMEMBERED`, `IS_IMPERSONATOR`
9+
* Deprecated `is_anonymous()`, `is_remember_me()`, `is_authenticated()` and `is_fully_authenticated()` in favor of `is_granted(attribute)`
910

1011
5.0.0
1112
-----

src/Symfony/Component/Security/Core/Authorization/ExpressionLanguageProvider.php

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,20 +25,32 @@ public function getFunctions()
2525
{
2626
return [
2727
new ExpressionFunction('is_anonymous', function () {
28+
@trigger_error("is_anonymous() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_ANONYMOUS') instead.", E_USER_DEPRECATED);
29+
2830
return '$trust_resolver->isAnonymous($token)';
2931
}, function (array $variables) {
32+
@trigger_error("is_anonymous() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_ANONYMOUS') instead.", E_USER_DEPRECATED);
33+
3034
return $variables['trust_resolver']->isAnonymous($variables['token']);
3135
}),
3236

3337
new ExpressionFunction('is_authenticated', function () {
38+
@trigger_error("is_authenticated() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_AUTHENTICATED') instead.", E_USER_DEPRECATED);
39+
3440
return '$token && !$trust_resolver->isAnonymous($token)';
3541
}, function (array $variables) {
42+
@trigger_error("is_authenticated() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_AUTHENTICATED') instead.", E_USER_DEPRECATED);
43+
3644
return $variables['token'] && !$variables['trust_resolver']->isAnonymous($variables['token']);
3745
}),
3846

3947
new ExpressionFunction('is_fully_authenticated', function () {
48+
@trigger_error("is_fully_authenticated() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_AUTHENTICATED_FULLY') instead.", E_USER_DEPRECATED);
49+
4050
return '$trust_resolver->isFullFledged($token)';
4151
}, function (array $variables) {
52+
@trigger_error("is_fully_authenticated() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_AUTHENTICATED_FULLY') instead.", E_USER_DEPRECATED);
53+
4254
return $variables['trust_resolver']->isFullFledged($variables['token']);
4355
}),
4456

@@ -49,8 +61,12 @@ public function getFunctions()
4961
}),
5062

5163
new ExpressionFunction('is_remember_me', function () {
64+
@trigger_error("is_remember_me() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_REMEMBERED') instead.", E_USER_DEPRECATED);
65+
5266
return '$trust_resolver->isRememberMe($token)';
5367
}, function (array $variables) {
68+
@trigger_error("is_remember_me() is deprecated since version 5.1 and will be removed in 6.0. Use is_granted('IS_REMEMBERED') instead.", E_USER_DEPRECATED);
69+
5470
return $variables['trust_resolver']->isRememberMe($variables['token']);
5571
}),
5672
];

src/Symfony/Component/Security/Core/Tests/Authorization/ExpressionLanguageTest.php

Lines changed: 54 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\Security\Core\Tests\Authorization;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
1516
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
1617
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
1718
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
@@ -21,11 +22,14 @@
2122
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
2223
use Symfony\Component\Security\Core\Authorization\AuthorizationChecker;
2324
use Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
25+
use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
2426
use Symfony\Component\Security\Core\Authorization\Voter\RoleVoter;
2527
use Symfony\Component\Security\Core\User\User;
2628

2729
class ExpressionLanguageTest extends TestCase
2830
{
31+
use ExpectDeprecationTrait;
32+
2933
/**
3034
* @dataProvider provider
3135
*/
@@ -35,7 +39,7 @@ public function testIsAuthenticated($token, $expression, $result)
3539
$trustResolver = new AuthenticationTrustResolver();
3640
$tokenStorage = new TokenStorage();
3741
$tokenStorage->setToken($token);
38-
$accessDecisionManager = new AccessDecisionManager([new RoleVoter()]);
42+
$accessDecisionManager = new AccessDecisionManager([new RoleVoter(), new AuthenticatedVoter($trustResolver)]);
3943
$authChecker = new AuthorizationChecker($tokenStorage, $this->getMockBuilder(AuthenticationManagerInterface::class)->getMock(), $accessDecisionManager);
4044

4145
$context = [];
@@ -51,6 +55,55 @@ public function provider()
5155
$roles = ['ROLE_USER', 'ROLE_ADMIN'];
5256
$user = new User('username', 'password', $roles);
5357

58+
$anonymousToken = new AnonymousToken('firewall', 'anon.');
59+
$rememberMeToken = new RememberMeToken($user, 'providerkey', 'firewall');
60+
$usernamePasswordToken = new UsernamePasswordToken('username', 'password', 'providerkey', $roles);
61+
62+
return [
63+
[$anonymousToken, "is_granted('IS_AUTHENTICATED_ANONYMOUSLY')", true],
64+
[$anonymousToken, "is_granted('IS_AUTHENTICATED_FULLY')", false],
65+
[$anonymousToken, "is_granted('IS_ANONYMOUS')", true],
66+
[$anonymousToken, "is_granted('IS_REMEMBERED')", false],
67+
[$anonymousToken, "is_granted('ROLE_USER')", false],
68+
69+
[$rememberMeToken, "is_granted('IS_AUTHENTICATED_ANONYMOUSLY')", true],
70+
[$rememberMeToken, "is_granted('IS_AUTHENTICATED_FULLY')", false],
71+
[$rememberMeToken, "is_granted('IS_ANONYMOUS')", false],
72+
[$rememberMeToken, "is_granted('IS_REMEMBERED')", true],
73+
[$rememberMeToken, "is_granted('ROLE_FOO')", false],
74+
[$rememberMeToken, "is_granted('ROLE_USER')", true],
75+
76+
[$usernamePasswordToken, "is_granted('IS_AUTHENTICATED_ANONYMOUSLY')", true],
77+
[$usernamePasswordToken, "is_granted('IS_AUTHENTICATED_FULLY')", true],
78+
[$usernamePasswordToken, "is_granted('IS_ANONYMOUS')", false],
79+
[$usernamePasswordToken, "is_granted('IS_REMEMBERED')", false],
80+
[$usernamePasswordToken, "is_granted('ROLE_FOO')", false],
81+
[$usernamePasswordToken, "is_granted('ROLE_USER')", true],
82+
];
83+
}
84+
85+
/**
86+
* @dataProvider provideLegacyIsAuthenticated
87+
* @group legacy
88+
*/
89+
public function testLegacyIsAuthenticated($token, $expr, $expected)
90+
{
91+
$expressionLanguage = new ExpressionLanguage();
92+
93+
$context = [];
94+
$context['trust_resolver'] = new AuthenticationTrustResolver();
95+
$context['token'] = $token;
96+
97+
$this->expectDeprecation($expr.' is deprecated since version 5.1 and will be removed in 6.0. Use is_granted(\'%s\') instead.');
98+
99+
$this->assertEquals($expected, $expressionLanguage->evaluate($expr, $context));
100+
}
101+
102+
public function provideLegacyIsAuthenticated()
103+
{
104+
$roles = ['ROLE_USER', 'ROLE_ADMIN'];
105+
$user = new User('username', 'password', $roles);
106+
54107
$noToken = null;
55108
$anonymousToken = new AnonymousToken('firewall', 'anon.');
56109
$rememberMeToken = new RememberMeToken($user, 'providerkey', 'firewall');
@@ -66,21 +119,16 @@ public function provider()
66119
[$anonymousToken, 'is_authenticated()', false],
67120
[$anonymousToken, 'is_fully_authenticated()', false],
68121
[$anonymousToken, 'is_remember_me()', false],
69-
[$anonymousToken, "is_granted('ROLE_USER')", false],
70122

71123
[$rememberMeToken, 'is_anonymous()', false],
72124
[$rememberMeToken, 'is_authenticated()', true],
73125
[$rememberMeToken, 'is_fully_authenticated()', false],
74126
[$rememberMeToken, 'is_remember_me()', true],
75-
[$rememberMeToken, "is_granted('ROLE_FOO')", false],
76-
[$rememberMeToken, "is_granted('ROLE_USER')", true],
77127

78128
[$usernamePasswordToken, 'is_anonymous()', false],
79129
[$usernamePasswordToken, 'is_authenticated()', true],
80130
[$usernamePasswordToken, 'is_fully_authenticated()', true],
81131
[$usernamePasswordToken, 'is_remember_me()', false],
82-
[$usernamePasswordToken, "is_granted('ROLE_FOO')", false],
83-
[$usernamePasswordToken, "is_granted('ROLE_USER')", true],
84132
];
85133
}
86134
}

0 commit comments

Comments
 (0)