Added IS_ANONYMOUS, IS_REMEMBERED, IS_IMPERSONATOR
This commit is contained in:
parent
f01bbc789c
commit
6c522a7d98
@ -5,6 +5,7 @@ CHANGELOG
|
||||
-----
|
||||
|
||||
* Added access decision strategy to override access decisions by voter service priority
|
||||
* Added `IS_ANONYMOUS`, `IS_REMEMBERED`, `IS_IMPERSONATOR`
|
||||
|
||||
5.0.0
|
||||
-----
|
||||
|
@ -12,6 +12,7 @@
|
||||
namespace Symfony\Component\Security\Core\Authorization\Voter;
|
||||
|
||||
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
|
||||
/**
|
||||
@ -28,6 +29,9 @@ class AuthenticatedVoter implements VoterInterface
|
||||
const IS_AUTHENTICATED_FULLY = 'IS_AUTHENTICATED_FULLY';
|
||||
const IS_AUTHENTICATED_REMEMBERED = 'IS_AUTHENTICATED_REMEMBERED';
|
||||
const IS_AUTHENTICATED_ANONYMOUSLY = 'IS_AUTHENTICATED_ANONYMOUSLY';
|
||||
const IS_ANONYMOUS = 'IS_ANONYMOUS';
|
||||
const IS_IMPERSONATOR = 'IS_IMPERSONATOR';
|
||||
const IS_REMEMBERED = 'IS_REMEMBERED';
|
||||
|
||||
private $authenticationTrustResolver;
|
||||
|
||||
@ -45,7 +49,10 @@ class AuthenticatedVoter implements VoterInterface
|
||||
foreach ($attributes as $attribute) {
|
||||
if (null === $attribute || (self::IS_AUTHENTICATED_FULLY !== $attribute
|
||||
&& self::IS_AUTHENTICATED_REMEMBERED !== $attribute
|
||||
&& self::IS_AUTHENTICATED_ANONYMOUSLY !== $attribute)) {
|
||||
&& self::IS_AUTHENTICATED_ANONYMOUSLY !== $attribute
|
||||
&& self::IS_ANONYMOUS !== $attribute
|
||||
&& self::IS_IMPERSONATOR !== $attribute
|
||||
&& self::IS_REMEMBERED !== $attribute)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -68,6 +75,18 @@ class AuthenticatedVoter implements VoterInterface
|
||||
|| $this->authenticationTrustResolver->isFullFledged($token))) {
|
||||
return VoterInterface::ACCESS_GRANTED;
|
||||
}
|
||||
|
||||
if (self::IS_REMEMBERED === $attribute && $this->authenticationTrustResolver->isRememberMe($token)) {
|
||||
return VoterInterface::ACCESS_GRANTED;
|
||||
}
|
||||
|
||||
if (self::IS_ANONYMOUS === $attribute && $this->authenticationTrustResolver->isAnonymous($token)) {
|
||||
return VoterInterface::ACCESS_GRANTED;
|
||||
}
|
||||
|
||||
if (self::IS_IMPERSONATOR === $attribute && $token instanceof SwitchUserToken) {
|
||||
return VoterInterface::ACCESS_GRANTED;
|
||||
}
|
||||
}
|
||||
|
||||
return $result;
|
||||
|
@ -49,6 +49,15 @@ class AuthenticatedVoterTest extends TestCase
|
||||
['fully', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_GRANTED],
|
||||
['remembered', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_DENIED],
|
||||
['anonymously', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_DENIED],
|
||||
|
||||
['fully', ['IS_ANONYMOUS'], VoterInterface::ACCESS_DENIED],
|
||||
['remembered', ['IS_ANONYMOUS'], VoterInterface::ACCESS_DENIED],
|
||||
['anonymously', ['IS_ANONYMOUS'], VoterInterface::ACCESS_GRANTED],
|
||||
|
||||
['fully', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_DENIED],
|
||||
['remembered', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_DENIED],
|
||||
['anonymously', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_DENIED],
|
||||
['impersonated', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_GRANTED],
|
||||
];
|
||||
}
|
||||
|
||||
@ -58,6 +67,8 @@ class AuthenticatedVoterTest extends TestCase
|
||||
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
|
||||
} elseif ('remembered' === $authenticated) {
|
||||
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken')->setMethods(['setPersistent'])->disableOriginalConstructor()->getMock();
|
||||
} elseif ('impersonated' === $authenticated) {
|
||||
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken')->disableOriginalConstructor()->getMock();
|
||||
} else {
|
||||
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken')->setConstructorArgs(['', ''])->getMock();
|
||||
}
|
||||
|
Reference in New Issue
Block a user