symfony · fabpot · May 21, 2017 · May 21, 2017
diff --git a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
@@ -18,7 +18,6 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\DataCollector\DataCollector;
 use Symfony\Component\HttpKernel\DataCollector\LateDataCollectorInterface;
-use Symfony\Component\Security\Core\Role\RoleInterface;
 use Symfony\Component\Security\Http\Logout\LogoutUrlGenerator;
 use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
 use Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager;
@@ -111,23 +110,15 @@ public function collect(Request $request, Response $response, \Exception $except
                 // fail silently when the logout URL cannot be generated
             }
 
-            $extractRoles = function ($role) {
-                if (!$role instanceof RoleInterface && !$role instanceof Role) {
-                    throw new \InvalidArgumentException(sprintf('Roles must be instances of %s or %s (%s given).', RoleInterface::class, Role::class, is_object($role) ? get_class($role) : gettype($role)));
-                }
-
-                return $role->getRole();
-            };
-
             $this->data = array(
                 'enabled' => true,
                 'authenticated' => $token->isAuthenticated(),
                 'token' => $token,
                 'token_class' => $this->hasVarDumper ? new ClassStub(get_class($token)) : get_class($token),
                 'logout_url' => $logoutUrl,
                 'user' => $token->getUsername(),
-                'roles' => array_map($extractRoles, $assignedRoles),
-                'inherited_roles' => array_map($extractRoles, $inheritedRoles),
+                'roles' => array_map(function (Role $role) { return $role->getRole(); }, $assignedRoles),
+                'inherited_roles' => array_map(function (Role $role) { return $role->getRole(); }, $inheritedRoles),
                 'supports_role_hierarchy' => null !== $this->roleHierarchy,
             );
         }

diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md
@@ -4,6 +4,10 @@ CHANGELOG
 4.0.0
 -----
 
+ * The `AbstractFormLoginAuthenticator::onAuthenticationSuccess()` was removed.
+   You should implement this method yourself in your concrete authenticator.
+ * removed the `AccessDecisionManager::setVoters()` method
+ * removed the `RoleInterface`
  * added a sixth `string $context` argument to`LogoutUrlGenerator::registerListener()`
 
 3.3.0

diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
@@ -11,7 +11,6 @@
 
 namespace Symfony\Component\Security\Core\Authentication\Token;
 
-use Symfony\Component\Security\Core\Role\RoleInterface;
 use Symfony\Component\Security\Core\Role\Role;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\AdvancedUserInterface;
@@ -33,7 +32,7 @@ abstract class AbstractToken implements TokenInterface
     /**
      * Constructor.
      *
-     * @param (RoleInterface|string)[] $roles An array of roles
+     * @param (Role|string)[] $roles An array of roles
      *
      * @throws \InvalidArgumentException
      */
@@ -42,8 +41,8 @@ public function __construct(array $roles = array())
         foreach ($roles as $role) {
             if (is_string($role)) {
                 $role = new Role($role);
-            } elseif (!$role instanceof RoleInterface) {
-                throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role)));
+            } elseif (!$role instanceof Role) {
+                throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or Role instances, but got %s.', gettype($role)));
             }
 
             $this->roles[] = $role;

diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php
@@ -24,10 +24,10 @@ class PreAuthenticatedToken extends AbstractToken
     /**
      * Constructor.
      *
-     * @param string|object            $user        The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string
-     * @param mixed                    $credentials The user credentials
-     * @param string                   $providerKey The provider key
-     * @param (RoleInterface|string)[] $roles       An array of roles
+     * @param string|object   $user        The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string
+     * @param mixed           $credentials The user credentials
+     * @param string          $providerKey The provider key
+     * @param (Role|string)[] $roles       An array of roles
      */
     public function __construct($user, $credentials, $providerKey, array $roles = array())
     {

diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php b/src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php
@@ -11,7 +11,7 @@
 
 namespace Symfony\Component\Security\Core\Authentication\Token;
 
-use Symfony\Component\Security\Core\Role\RoleInterface;
+use Symfony\Component\Security\Core\Role\Role;
 
 /**
  * TokenInterface is the interface for the user authentication information.
@@ -33,7 +33,7 @@ public function __toString();
     /**
      * Returns the user roles.
      *
-     * @return RoleInterface[] An array of RoleInterface instances
+     * @return Role[] An array of Role instances
      */
     public function getRoles();
 

diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php
@@ -24,10 +24,10 @@ class UsernamePasswordToken extends AbstractToken
     /**
      * Constructor.
      *
-     * @param string|object            $user        The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
-     * @param string                   $credentials This usually is the password of the user
-     * @param string                   $providerKey The provider key
-     * @param (RoleInterface|string)[] $roles       An array of roles
+     * @param string|object   $user        The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
+     * @param string          $credentials This usually is the password of the user
+     * @param string          $providerKey The provider key
+     * @param (Role|string)[] $roles       An array of roles
      *
      * @throws \InvalidArgumentException
      */

diff --git a/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php b/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
@@ -52,20 +52,6 @@ public function __construct($voters = array(), $strategy = self::STRATEGY_AFFIRM
         $this->allowIfEqualGrantedDeniedDecisions = (bool) $allowIfEqualGrantedDeniedDecisions;
     }
 
-    /**
-     * Configures the voters.
-     *
-     * @param VoterInterface[] $voters An array of VoterInterface instances
-     *
-     * @deprecated since version 3.3, to be removed in 4.0. Pass the voters to the constructor instead.
-     */
-    public function setVoters(array $voters)
-    {
-        @trigger_error(sprintf('The %s() method is deprecated since version 3.3 and will be removed in 4.0. Pass the voters to the constructor instead.', __METHOD__), E_USER_DEPRECATED);
-
-        $this->voters = $voters;
-    }
-
     /**
      * {@inheritdoc}
      */

diff --git a/src/Symfony/Component/Security/Core/Authorization/DebugAccessDecisionManager.php b/src/Symfony/Component/Security/Core/Authorization/DebugAccessDecisionManager.php
diff --git a/src/Symfony/Component/Security/Core/Authorization/TraceableAccessDecisionManager.php b/src/Symfony/Component/Security/Core/Authorization/TraceableAccessDecisionManager.php
@@ -60,23 +60,6 @@ public function decide(TokenInterface $token, array $attributes, $object = null)
         return $result;
     }
 
-    /**
-     * {@inheritdoc}
-     *
-     * @deprecated since version 3.3, to be removed in 4.0. Pass voters to the decorated AccessDecisionManager instead.
-     */
-    public function setVoters(array $voters)
-    {
-        @trigger_error(sprintf('The %s() method is deprecated since version 3.3 and will be removed in 4.0. Pass voters to the decorated AccessDecisionManager instead.', __METHOD__), E_USER_DEPRECATED);
-
-        if (!method_exists($this->manager, 'setVoters')) {
-            return;
-        }
-
-        $this->voters = $voters;
-        $this->manager->setVoters($voters);
-    }
-
     /**
      * @return string
      */

diff --git a/src/Symfony/Component/Security/Core/Authorization/Voter/RoleVoter.php b/src/Symfony/Component/Security/Core/Authorization/Voter/RoleVoter.php
@@ -12,7 +12,7 @@
 namespace Symfony\Component\Security\Core\Authorization\Voter;
 
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
-use Symfony\Component\Security\Core\Role\RoleInterface;
+use Symfony\Component\Security\Core\Role\Role;
 
 /**
  * RoleVoter votes if any attribute starts with a given prefix.
@@ -42,7 +42,7 @@ public function vote(TokenInterface $token, $subject, array $attributes)
         $roles = $this->extractRoles($token);
 
         foreach ($attributes as $attribute) {
-            if ($attribute instanceof RoleInterface) {
+            if ($attribute instanceof Role) {
                 $attribute = $attribute->getRole();
             }
 

diff --git a/src/Symfony/Component/Security/Core/Role/Role.php b/src/Symfony/Component/Security/Core/Role/Role.php
@@ -16,7 +16,7 @@
  *
  * @author Fabien Potencier <[email protected]>
  */
-class Role implements RoleInterface
+class Role
 {
     private $role;
 
@@ -31,7 +31,9 @@ public function __construct($role)
     }
 
     /**
-     * {@inheritdoc}
+     * Returns a string representation of the role.
+     *
+     * @return string
      */
     public function getRole()
     {

diff --git a/src/Symfony/Component/Security/Core/Role/RoleHierarchyInterface.php b/src/Symfony/Component/Security/Core/Role/RoleHierarchyInterface.php
@@ -24,9 +24,9 @@ interface RoleHierarchyInterface
      * Reachable roles are the roles directly assigned but also all roles that
      * are transitively reachable from them in the role hierarchy.
      *
-     * @param RoleInterface[] $roles An array of directly assigned roles
+     * @param Role[] $roles An array of directly assigned roles
      *
-     * @return RoleInterface[] An array of all reachable roles
+     * @return Role[] An array of all reachable roles
      */
     public function getReachableRoles(array $roles);
 }
diff --git a/src/Symfony/Component/Security/Core/Role/RoleInterface.php b/src/Symfony/Component/Security/Core/Role/RoleInterface.php
diff --git a/src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php b/src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php
@@ -15,7 +15,6 @@
 use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Security\Http\Util\TargetPathTrait;
@@ -55,38 +54,6 @@ public function onAuthenticationFailure(Request $request, AuthenticationExceptio
         return new RedirectResponse($url);
     }
 
-    /**
-     * Override to change what happens after successful authentication.
-     *
-     * @param Request        $request
-     * @param TokenInterface $token
-     * @param string         $providerKey
-     *
-     * @return RedirectResponse
-     */
-    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
-    {
-        @trigger_error(sprintf('The AbstractFormLoginAuthenticator::onAuthenticationSuccess() implementation was deprecated in Symfony 3.1 and will be removed in Symfony 4.0. You should implement this method yourself in %s and remove getDefaultSuccessRedirectUrl().', get_class($this)), E_USER_DEPRECATED);
-
-        if (!method_exists($this, 'getDefaultSuccessRedirectUrl')) {
-            throw new \Exception(sprintf('You must implement onAuthenticationSuccess() or getDefaultSuccessRedirectUrl() in %s.', get_class($this)));
-        }
-
-        $targetPath = null;
-
-        // if the user hit a secure page and start() was called, this was
-        // the URL they were on, and probably where you want to redirect to
-        if ($request->getSession() instanceof SessionInterface) {
-            $targetPath = $this->getTargetPath($request->getSession(), $providerKey);
-        }
-
-        if (!$targetPath) {
-            $targetPath = $this->getDefaultSuccessRedirectUrl();
-        }
-
-        return new RedirectResponse($targetPath);
-    }
-
     public function supportsRememberMe()
     {
         return true;