Deprecate the use of objects as security roles #20824
Comments
|
Note that the handling of the user switching needs to be refactored as it currently relies on a special role class. but the good news is that I implemented a similar feature at work in a way not relying on a custom role class. So I can refactor the Symfony system too. |
|
That info could also be stored in the token attributes |
|
@iltar this is exactly what my own implementation is doing. And it works totally fine (the hard part will be the BC layer) |
|
What could be done if I'm understanding its inner workings:
But I have to admit, never used the user switcher before, only a system where you can absorb roles to test stuff by impersonating. |
|
@iltar the complexity of the BC layer is related to the parts allowing to check whether we are currently switching or no (which should not be handled by a role at all) |
|
Just for understanding (don't want to re-ignit any discussion); why? Isn't it a step back going from objects to strings? |
|
@afoeder there's no real benefit of using objects instead of strings. Eventually it just leads to overhead because you have to call |
|
There totally is, Usage Search! The safety of having objects. Refactoring abilities. Maybe stuff a particular Role does. Just OO. |
|
We link custom data/privileges with user roles and people can define their own roles for a complex authorization system. Do we have to rework our code and move al that stuff to custom "roles" with their own voter? |
+1 on this. In every cross-linked issue here it is pointed out, that this step was dicussed, but I can not find the discussion. With just reading the issues and comments I do not get why forcing ithe remove of the OO for roles is needed here. Afaik the role-string always needs the "ROLE_"-prefix (or is this changed?) and with this interface + class i could add this prefix to my roles which i fetched from the database. |
…es (xabbuh) This PR was merged into the 4.3-dev branch. Discussion ---------- [Security] deprecate the Role and SwitchUserRole classes | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | #20824 | License | MIT | Doc PR | symfony/symfony-docs#11047 In #20801, we deprecated the `RoleInterface`. The next logical step would be to also deprecate the `Role` class. However, we currently have the `SwitchUserRole` class (a sub-class of `Role`) that acts as an indicator to check whether or not the authenticated user switched to another user. This PR proposes an alternative solution to the usage of the special `SwitchUserRole` class by storing the original token inside the `UsernamePasswordToken`. This PR is not complete, but rather acts as a proof of concept of how we could get rid of the `Role` and the `SwitchUserRole` classes. Please share your opinions whether you think this is a valid approach and I will be happy to finalise the PR. Commits ------- d7aaa61 deprecate the Role and SwitchUserRole classes
As discussed in #20801 (comment) we're ready to deprecate the use of objects as security roles and start using simple strings as roles.
The text was updated successfully, but these errors were encountered: