feature #16755 [Security] add subject variable to expression context (xabbuh)
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] add subject variable to expression context
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #16600
| License | MIT
| Doc PR | TODO
Commits
-------
346943e
add subject variable to expression context
This commit is contained in:
commit
37ceef0260
@ -448,6 +448,9 @@ FrameworkBundle
|
||||
Security
|
||||
--------
|
||||
|
||||
* The `object` variable passed to expressions evaluated by the `ExpressionVoter`
|
||||
is deprecated. Instead use the new `subject` variable.
|
||||
|
||||
* The `AbstractVoter` class was deprecated. Instead, extend the `Voter` class and
|
||||
move your voting logic in the `supports($attribute, $subject)` and
|
||||
`voteOnAttribute($attribute, $object, TokenInterface $token)` methods.
|
||||
|
@ -102,6 +102,7 @@ class ExpressionVoter implements VoterInterface
|
||||
'token' => $token,
|
||||
'user' => $token->getUser(),
|
||||
'object' => $object,
|
||||
'subject' => $object,
|
||||
'roles' => array_map(function ($role) { return $role->getRole(); }, $roles),
|
||||
'trust_resolver' => $this->trustResolver,
|
||||
);
|
||||
|
Reference in New Issue
Block a user