feature #15899 [3.0][Security] Remove deprecated features (WouterJ)
This PR was merged into the 3.0-dev branch. Discussion ---------- [3.0][Security] Remove deprecated features | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | yes | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits -------c3c5989
Remove more tests6f9e897
Remove AbstractVoter#isGranted() method6b6de15
Removed supports{Attribute,Class}() methods
This commit is contained in:
commit
aa2e7e4135
@ -72,38 +72,6 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
|
|||||||
return $this->{$this->strategy}($token, $attributes, $object);
|
return $this->{$this->strategy}($token, $attributes, $object);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* {@inheritdoc}
|
|
||||||
*/
|
|
||||||
public function supportsAttribute($attribute)
|
|
||||||
{
|
|
||||||
@trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.', E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
foreach ($this->voters as $voter) {
|
|
||||||
if ($voter->supportsAttribute($attribute)) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* {@inheritdoc}
|
|
||||||
*/
|
|
||||||
public function supportsClass($class)
|
|
||||||
{
|
|
||||||
@trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.', E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
foreach ($this->voters as $voter) {
|
|
||||||
if ($voter->supportsClass($class)) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Grants access if any voter returns an affirmative response.
|
* Grants access if any voter returns an affirmative response.
|
||||||
*
|
*
|
||||||
|
@ -30,26 +30,4 @@ interface AccessDecisionManagerInterface
|
|||||||
* @return bool true if the access is granted, false otherwise
|
* @return bool true if the access is granted, false otherwise
|
||||||
*/
|
*/
|
||||||
public function decide(TokenInterface $token, array $attributes, $object = null);
|
public function decide(TokenInterface $token, array $attributes, $object = null);
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks if the access decision manager supports the given attribute.
|
|
||||||
*
|
|
||||||
* @param string $attribute An attribute
|
|
||||||
*
|
|
||||||
* @return bool true if this decision manager supports the attribute, false otherwise
|
|
||||||
*
|
|
||||||
* @deprecated since version 2.8, to be removed in 3.0.
|
|
||||||
*/
|
|
||||||
public function supportsAttribute($attribute);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks if the access decision manager supports the given class.
|
|
||||||
*
|
|
||||||
* @param string $class A class name
|
|
||||||
*
|
|
||||||
* @return true if this decision manager can process the class
|
|
||||||
*
|
|
||||||
* @deprecated since version 2.8, to be removed in 3.0.
|
|
||||||
*/
|
|
||||||
public function supportsClass($class);
|
|
||||||
}
|
}
|
||||||
|
@ -21,32 +21,6 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
|||||||
*/
|
*/
|
||||||
abstract class AbstractVoter implements VoterInterface
|
abstract class AbstractVoter implements VoterInterface
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* {@inheritdoc}
|
|
||||||
*/
|
|
||||||
public function supportsAttribute($attribute)
|
|
||||||
{
|
|
||||||
@trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.', E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
return in_array($attribute, $this->getSupportedAttributes());
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* {@inheritdoc}
|
|
||||||
*/
|
|
||||||
public function supportsClass($class)
|
|
||||||
{
|
|
||||||
@trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.', E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
foreach ($this->getSupportedClasses() as $supportedClass) {
|
|
||||||
if ($supportedClass === $class || is_subclass_of($class, $supportedClass)) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Iteratively check all given attributes by calling isGranted.
|
* Iteratively check all given attributes by calling isGranted.
|
||||||
*
|
*
|
||||||
@ -93,35 +67,12 @@ abstract class AbstractVoter implements VoterInterface
|
|||||||
* To determine if the passed class is instance of the supported class, the
|
* To determine if the passed class is instance of the supported class, the
|
||||||
* isClassInstanceOf() method can be used.
|
* isClassInstanceOf() method can be used.
|
||||||
*
|
*
|
||||||
* This method will become abstract in 3.0.
|
|
||||||
*
|
|
||||||
* @param string $attribute An attribute
|
* @param string $attribute An attribute
|
||||||
* @param string $class The fully qualified class name of the passed object
|
* @param string $class The fully qualified class name of the passed object
|
||||||
*
|
*
|
||||||
* @return bool True if the attribute and class is supported, false otherwise
|
* @return bool True if the attribute and class is supported, false otherwise
|
||||||
*/
|
*/
|
||||||
protected function supports($attribute, $class)
|
abstract protected function supports($attribute, $class);
|
||||||
{
|
|
||||||
@trigger_error('The getSupportedClasses and getSupportedAttributes methods are deprecated since version 2.8 and will be removed in version 3.0. Overwrite supports instead.', E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
$classIsSupported = false;
|
|
||||||
foreach ($this->getSupportedClasses() as $supportedClass) {
|
|
||||||
if ($this->isClassInstanceOf($class, $supportedClass)) {
|
|
||||||
$classIsSupported = true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$classIsSupported) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!in_array($attribute, $this->getSupportedAttributes())) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A helper method to test if the actual class is instanceof or equal
|
* A helper method to test if the actual class is instanceof or equal
|
||||||
@ -137,30 +88,6 @@ abstract class AbstractVoter implements VoterInterface
|
|||||||
return $expectedClass === $actualClass || is_subclass_of($actualClass, $expectedClass);
|
return $expectedClass === $actualClass || is_subclass_of($actualClass, $expectedClass);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Return an array of supported classes. This will be called by supportsClass.
|
|
||||||
*
|
|
||||||
* @return array an array of supported classes, i.e. array('Acme\DemoBundle\Model\Product')
|
|
||||||
*
|
|
||||||
* @deprecated since version 2.8, to be removed in 3.0. Use supports() instead.
|
|
||||||
*/
|
|
||||||
protected function getSupportedClasses()
|
|
||||||
{
|
|
||||||
@trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.', E_USER_DEPRECATED);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return an array of supported attributes. This will be called by supportsAttribute.
|
|
||||||
*
|
|
||||||
* @return array an array of supported attributes, i.e. array('CREATE', 'READ')
|
|
||||||
*
|
|
||||||
* @deprecated since version 2.8, to be removed in 3.0. Use supports() instead.
|
|
||||||
*/
|
|
||||||
protected function getSupportedAttributes()
|
|
||||||
{
|
|
||||||
@trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.', E_USER_DEPRECATED);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Perform a single access check operation on a given attribute, object and (optionally) user
|
* Perform a single access check operation on a given attribute, object and (optionally) user
|
||||||
* It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass
|
* It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass
|
||||||
@ -170,38 +97,9 @@ abstract class AbstractVoter implements VoterInterface
|
|||||||
*
|
*
|
||||||
* @param string $attribute
|
* @param string $attribute
|
||||||
* @param object $object
|
* @param object $object
|
||||||
* @param UserInterface|string $user
|
|
||||||
*
|
|
||||||
* @deprecated This method will be removed in 3.0 - override voteOnAttribute instead.
|
|
||||||
*
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
protected function isGranted($attribute, $object, $user = null)
|
|
||||||
{
|
|
||||||
// forces isGranted() or voteOnAttribute() to be overridden
|
|
||||||
throw new \BadMethodCallException(sprintf('You must override the voteOnAttribute() method in "%s".', get_class($this)));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Perform a single access check operation on a given attribute, object and (optionally) user
|
|
||||||
* It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass
|
|
||||||
* $user can be one of the following:
|
|
||||||
* a UserInterface object (fully authenticated user)
|
|
||||||
* a string (anonymously authenticated user).
|
|
||||||
*
|
|
||||||
* This method will become abstract in 3.0.
|
|
||||||
*
|
|
||||||
* @param string $attribute
|
|
||||||
* @param object $object
|
|
||||||
* @param TokenInterface $token
|
* @param TokenInterface $token
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
protected function voteOnAttribute($attribute, $object, TokenInterface $token)
|
abstract protected function voteOnAttribute($attribute, $object, TokenInterface $token);
|
||||||
{
|
|
||||||
// the user should override this method, and not rely on the deprecated isGranted()
|
|
||||||
@trigger_error(sprintf("The AbstractVoter::isGranted() method is deprecated since 2.8 and won't be called anymore in 3.0. Override voteOnAttribute() in %s instead.", get_class($this)), E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
return $this->isGranted($attribute, $object, $token->getUser());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -24,28 +24,6 @@ interface VoterInterface
|
|||||||
const ACCESS_ABSTAIN = 0;
|
const ACCESS_ABSTAIN = 0;
|
||||||
const ACCESS_DENIED = -1;
|
const ACCESS_DENIED = -1;
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks if the voter supports the given attribute.
|
|
||||||
*
|
|
||||||
* @param string $attribute An attribute
|
|
||||||
*
|
|
||||||
* @return bool true if this Voter supports the attribute, false otherwise
|
|
||||||
*
|
|
||||||
* @deprecated since version 2.8, to be removed in 3.0.
|
|
||||||
*/
|
|
||||||
public function supportsAttribute($attribute);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks if the voter supports the given class.
|
|
||||||
*
|
|
||||||
* @param string $class A class name
|
|
||||||
*
|
|
||||||
* @return bool true if this Voter can process the class
|
|
||||||
*
|
|
||||||
* @deprecated since version 2.8, to be removed in 3.0.
|
|
||||||
*/
|
|
||||||
public function supportsClass($class);
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the vote for the given parameters.
|
* Returns the vote for the given parameters.
|
||||||
*
|
*
|
||||||
|
@ -16,42 +16,6 @@ use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
|
|||||||
|
|
||||||
class AccessDecisionManagerTest extends \PHPUnit_Framework_TestCase
|
class AccessDecisionManagerTest extends \PHPUnit_Framework_TestCase
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* @group legacy
|
|
||||||
*/
|
|
||||||
public function testSupportsClass()
|
|
||||||
{
|
|
||||||
$manager = new AccessDecisionManager(array(
|
|
||||||
$this->getVoterSupportsClass(true),
|
|
||||||
$this->getVoterSupportsClass(false),
|
|
||||||
));
|
|
||||||
$this->assertTrue($manager->supportsClass('FooClass'));
|
|
||||||
|
|
||||||
$manager = new AccessDecisionManager(array(
|
|
||||||
$this->getVoterSupportsClass(false),
|
|
||||||
$this->getVoterSupportsClass(false),
|
|
||||||
));
|
|
||||||
$this->assertFalse($manager->supportsClass('FooClass'));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @group legacy
|
|
||||||
*/
|
|
||||||
public function testSupportsAttribute()
|
|
||||||
{
|
|
||||||
$manager = new AccessDecisionManager(array(
|
|
||||||
$this->getVoterSupportsAttribute(true),
|
|
||||||
$this->getVoterSupportsAttribute(false),
|
|
||||||
));
|
|
||||||
$this->assertTrue($manager->supportsAttribute('foo'));
|
|
||||||
|
|
||||||
$manager = new AccessDecisionManager(array(
|
|
||||||
$this->getVoterSupportsAttribute(false),
|
|
||||||
$this->getVoterSupportsAttribute(false),
|
|
||||||
));
|
|
||||||
$this->assertFalse($manager->supportsAttribute('foo'));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException \InvalidArgumentException
|
* @expectedException \InvalidArgumentException
|
||||||
*/
|
*/
|
||||||
|
@ -54,27 +54,6 @@ class AbstractVoterTest extends \PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
$this->assertEquals($expectedVote, $voter->vote($this->token, $object, $attributes), $message);
|
$this->assertEquals($expectedVote, $voter->vote($this->token, $object, $attributes), $message);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @dataProvider getTests
|
|
||||||
* @group legacy
|
|
||||||
*/
|
|
||||||
public function testVoteLegacy(array $attributes, $expectedVote, $object, $message)
|
|
||||||
{
|
|
||||||
$voter = new AbstractVoterTest_LegacyVoter();
|
|
||||||
|
|
||||||
$this->assertEquals($expectedVote, $voter->vote($this->token, $object, $attributes), $message);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @group legacy
|
|
||||||
* @expectedException \BadMethodCallException
|
|
||||||
*/
|
|
||||||
public function testNoOverriddenMethodsThrowsException()
|
|
||||||
{
|
|
||||||
$voter = new AbstractVoterTest_NothingImplementedVoter();
|
|
||||||
$voter->vote($this->token, new \stdClass(), array('EDIT'));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
class AbstractVoterTest_Voter extends AbstractVoter
|
class AbstractVoterTest_Voter extends AbstractVoter
|
||||||
@ -90,36 +69,3 @@ class AbstractVoterTest_Voter extends AbstractVoter
|
|||||||
&& in_array($attribute, array('EDIT', 'CREATE'));
|
&& in_array($attribute, array('EDIT', 'CREATE'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class AbstractVoterTest_LegacyVoter extends AbstractVoter
|
|
||||||
{
|
|
||||||
protected function getSupportedClasses()
|
|
||||||
{
|
|
||||||
return array('stdClass');
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function getSupportedAttributes()
|
|
||||||
{
|
|
||||||
return array('EDIT', 'CREATE');
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function isGranted($attribute, $object, $user = null)
|
|
||||||
{
|
|
||||||
return 'EDIT' === $attribute;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
class AbstractVoterTest_NothingImplementedVoter extends AbstractVoter
|
|
||||||
{
|
|
||||||
protected function getSupportedClasses()
|
|
||||||
{
|
|
||||||
return array('stdClass');
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function getSupportedAttributes()
|
|
||||||
{
|
|
||||||
return array('EDIT', 'CREATE');
|
|
||||||
}
|
|
||||||
|
|
||||||
// this is a bad voter that hasn't overridden isGranted or voteOnAttribute
|
|
||||||
}
|
|
||||||
|
Reference in New Issue
Block a user