diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added IS_ANONYMOUS, IS_REMEMBERED, IS_IMPERSONATOR

This commit is contained in:
Jules Pietri 2019-03-21 20:52:38 +01:00 committed by Wouter de Jong
parent f01bbc789c
commit 6c522a7d98
3 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Symfony/Component/Security/CHANGELOG.md
View File

@ -5,6 +5,7 @@ CHANGELOG
----- -----
* Added access decision strategy to override access decisions by voter service priority * Added access decision strategy to override access decisions by voter service priority
* Added `IS_ANONYMOUS`, `IS_REMEMBERED`, `IS_IMPERSONATOR`
5.0.0 5.0.0
----- -----

21
src/Symfony/Component/Security/Core/Authorization/Voter/AuthenticatedVoter.php
View File

@ -12,6 +12,7 @@
namespace Symfony\Component\Security\Core\Authorization\Voter; namespace Symfony\Component\Security\Core\Authorization\Voter;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/** /**
@ -28,6 +29,9 @@ class AuthenticatedVoter implements VoterInterface
const IS_AUTHENTICATED_FULLY = 'IS_AUTHENTICATED_FULLY'; const IS_AUTHENTICATED_FULLY = 'IS_AUTHENTICATED_FULLY';
const IS_AUTHENTICATED_REMEMBERED = 'IS_AUTHENTICATED_REMEMBERED'; const IS_AUTHENTICATED_REMEMBERED = 'IS_AUTHENTICATED_REMEMBERED';
const IS_AUTHENTICATED_ANONYMOUSLY = 'IS_AUTHENTICATED_ANONYMOUSLY'; const IS_AUTHENTICATED_ANONYMOUSLY = 'IS_AUTHENTICATED_ANONYMOUSLY';
const IS_ANONYMOUS = 'IS_ANONYMOUS';
const IS_IMPERSONATOR = 'IS_IMPERSONATOR';
const IS_REMEMBERED = 'IS_REMEMBERED';
private $authenticationTrustResolver; private $authenticationTrustResolver;
@ -45,7 +49,10 @@ class AuthenticatedVoter implements VoterInterface
foreach ($attributes as $attribute) { foreach ($attributes as $attribute) {
if (null === $attribute || (self::IS_AUTHENTICATED_FULLY !== $attribute if (null === $attribute || (self::IS_AUTHENTICATED_FULLY !== $attribute
&& self::IS_AUTHENTICATED_REMEMBERED !== $attribute && self::IS_AUTHENTICATED_REMEMBERED !== $attribute
&& self::IS_AUTHENTICATED_ANONYMOUSLY !== $attribute)) { && self::IS_AUTHENTICATED_ANONYMOUSLY !== $attribute
&& self::IS_ANONYMOUS !== $attribute
&& self::IS_IMPERSONATOR !== $attribute
&& self::IS_REMEMBERED !== $attribute)) {
continue; continue;
} }
@ -68,6 +75,18 @@ class AuthenticatedVoter implements VoterInterface
|| $this->authenticationTrustResolver->isFullFledged($token))) { || $this->authenticationTrustResolver->isFullFledged($token))) {
return VoterInterface::ACCESS_GRANTED; return VoterInterface::ACCESS_GRANTED;
} }
if (self::IS_REMEMBERED === $attribute && $this->authenticationTrustResolver->isRememberMe($token)) {
return VoterInterface::ACCESS_GRANTED;
}
if (self::IS_ANONYMOUS === $attribute && $this->authenticationTrustResolver->isAnonymous($token)) {
return VoterInterface::ACCESS_GRANTED;
}
if (self::IS_IMPERSONATOR === $attribute && $token instanceof SwitchUserToken) {
return VoterInterface::ACCESS_GRANTED;
}
} }
return $result; return $result;

11
src/Symfony/Component/Security/Core/Tests/Authorization/Voter/AuthenticatedVoterTest.php
View File

@ -49,6 +49,15 @@ class AuthenticatedVoterTest extends TestCase
['fully', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_GRANTED], ['fully', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_GRANTED],
['remembered', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_DENIED], ['remembered', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_DENIED],
['anonymously', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_DENIED], ['anonymously', ['IS_AUTHENTICATED_FULLY'], VoterInterface::ACCESS_DENIED],
['fully', ['IS_ANONYMOUS'], VoterInterface::ACCESS_DENIED],
['remembered', ['IS_ANONYMOUS'], VoterInterface::ACCESS_DENIED],
['anonymously', ['IS_ANONYMOUS'], VoterInterface::ACCESS_GRANTED],
['fully', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_DENIED],
['remembered', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_DENIED],
['anonymously', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_DENIED],
['impersonated', ['IS_IMPERSONATOR'], VoterInterface::ACCESS_GRANTED],
]; ];
} }
@ -58,6 +67,8 @@ class AuthenticatedVoterTest extends TestCase
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
} elseif ('remembered' === $authenticated) { } elseif ('remembered' === $authenticated) {
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken')->setMethods(['setPersistent'])->disableOriginalConstructor()->getMock(); return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken')->setMethods(['setPersistent'])->disableOriginalConstructor()->getMock();
} elseif ('impersonated' === $authenticated) {
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken')->disableOriginalConstructor()->getMock();
} else { } else {
return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken')->setConstructorArgs(['', ''])->getMock(); return $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken')->setConstructorArgs(['', ''])->getMock();
} }