Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Security] Add #[IsGranted()]#46907

Merged
nicolas-grekas merged 1 commit into
symfony:6.2from
nicolas-grekas:sec-granted-attr
Jul 12, 2022
Merged

[Security] Add #[IsGranted()]#46907
nicolas-grekas merged 1 commit into
symfony:6.2from
nicolas-grekas:sec-granted-attr

Conversation

@nicolas-grekas

Copy link
Copy Markdown
Member
Q A
Branch? 6.2
Bug fix? no
New feature? yes
Deprecations? no
Tickets Part of #44705
License MIT
Doc PR -

Extracted from #45415 (and modernized a lot).

I did not implement the proposals from Stof to keep this first iteration simple. I'd appreciate help to improve the attribute in a follow up PR 🙏

namespace Symfony\Component\Security\Http\Attribute;

/**
* @author Ryan Weaver <[email protected]>

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm getting credit without even opening a PR 😎

Comment thread src/Symfony/Component/Security/Http/EventListener/IsGrantedAttributeListener.php Outdated
@chalasr

chalasr commented Jul 11, 2022

Copy link
Copy Markdown
Member

I did not implement the proposals from Stof to keep this first iteration simple

👍 just to be sure, the proposal you're talking about is the expression-language related part of #45415 (comment)?

@nicolas-grekas

Copy link
Copy Markdown
Member Author

the proposal you're talking about is the expression-language related part

yep

@nicolas-grekas nicolas-grekas merged commit 3edca67 into symfony:6.2 Jul 12, 2022
@nicolas-grekas nicolas-grekas deleted the sec-granted-attr branch July 12, 2022 07:11
* @author Ryan Weaver <[email protected]>
*/
#[\Attribute(\Attribute::IS_REPEATABLE | \Attribute::TARGET_CLASS | \Attribute::TARGET_METHOD | \Attribute::TARGET_FUNCTION)]
class IsGranted

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should probably be final, because the usage of $event->getAttributes()[IsGranted::class] means that the listener does not support subclasses of that attribute.

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see #46915

@ZhukV

ZhukV commented Aug 22, 2022

Copy link
Copy Markdown
Contributor

Maybe add possible to use BackedEnum?

enum AdminRoles: string
{
  case PostList = 'ROLE_POST_LIST';
  case PostEdit = 'ROLE_POST_EDIT;
}

class MyControllers
{
  #[IsGranted(AdminRoles::PostList)]
  public function handleAction(): Response
  {
  }
}

@wouterj

wouterj commented Aug 22, 2022

Copy link
Copy Markdown
Member

No, see php/php-src#8825 and also https://peakd.com/hive-168588/@crell/on-the-use-of-enums . Enums in PHP are meant to limit accepted values, and Symfony cannot limit accepted roles (as an application is free to define their own set of roles). As such, Symfony can not support enums here.

In PHP 8.2, you will be able to do #[IsGranted(AdminRoles::PostList->value)].

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.