mades things more consistent for the end user

fabpot · fabpot · commit 984bd38568be · 2013-09-19T12:59:11.000+02:00
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml
@@ -31,5 +31,5 @@ security:
         - { path: ^/secured-by-one-ip$, ip: 10.10.10.10, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/secured-by-two-ips$, ips: [1.1.1.1, 2.2.2.2], roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/highly_protected_resource$, roles: IS_ADMIN }
-        - { path: ^/protected-via-expression$, allow_if: "(is_anonymous() and object.headers.get('user-agent') =~ '/Firefox/i') or has_role('ROLE_USER')" }
+        - { path: ^/protected-via-expression$, allow_if: "(is_anonymous() and request.headers.get('user-agent') =~ '/Firefox/i') or has_role('ROLE_USER')" }
         - { path: .*, roles: IS_AUTHENTICATED_FULLY }
diff --git a/src/Symfony/Component/DependencyInjection/ContainerBuilder.php b/src/Symfony/Component/DependencyInjection/ContainerBuilder.php
@@ -1008,7 +1008,7 @@ public function resolveServices($value)
         } elseif ($value instanceof Definition) {
             $value = $this->createService($value, null);
         } elseif ($value instanceof Expression) {
-            $value = $this->getExpressionLanguage()->evaluate($value, array('this' => $this));
+            $value = $this->getExpressionLanguage()->evaluate($value, array('container' => $this));
         }
 
         return $value;
diff --git a/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php b/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
@@ -1201,7 +1201,7 @@ private function dumpValue($value, $interpolate = true)
 
             return $this->getServiceCall((string) $value, $value);
         } elseif ($value instanceof Expression) {
-            return $this->getExpressionLanguage()->compile((string) $value, array('this'));
+            return $this->getExpressionLanguage()->compile((string) $value, array('container'));
         } elseif ($value instanceof Parameter) {
             return $this->dumpParameter($value);
         } elseif (true === $interpolate && is_string($value)) {
diff --git a/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php b/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php
@@ -16,6 +16,7 @@
 use Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
 use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
 use Symfony\Component\ExpressionLanguage\Expression;
+use Symfony\Component\HttpFoundation\Request;
 
 /**
  * ExpressionVoter votes based on the evaluation of an expression.
@@ -75,6 +76,13 @@ public function vote(TokenInterface $token, $object, array $attributes)
             'trust_resolver' => $this->trustResolver,
         );
 
+        // this is mainly to propose a better experience when the expression is used
+        // in an access control rule, as the developer does not know that it's going
+        // to be handled by this voter
+        if ($object instanceof Request) {
+            $variables['request'] = $object;
+        }
+
         $result = VoterInterface::ACCESS_ABSTAIN;
         foreach ($attributes as $attribute) {
             if (!$this->supportsAttribute($attribute)) {

Original file line number	Diff line number	Diff line change
`@@ -1008,7 +1008,7 @@ public function resolveServices($value)`
`1008`	`1008`	`} elseif ($value instanceof Definition) {`
`1009`	`1009`	`$value = $this->createService($value, null);`
`1010`	`1010`	`} elseif ($value instanceof Expression) {`
`1011`		`- $value = $this->getExpressionLanguage()->evaluate($value, array('this' => $this));`
	`1011`	`+ $value = $this->getExpressionLanguage()->evaluate($value, array('container' => $this));`
`1012`	`1012`	`}`
`1013`	`1013`
`1014`	`1014`	`return $value;`