Clarified single attribute to isGranted() a bit more

Also, allow the array type for a single attribute.
This commit is contained in:
Wouter J 2019-10-22 23:52:44 +02:00
parent c187fde429
commit e41e6b48a9
2 changed files with 4 additions and 9 deletions

View File

@ -14,7 +14,6 @@ namespace Symfony\Component\Security\Core\Authorization;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
/** /**
* AuthorizationChecker is the main authorization point of the Security component. * AuthorizationChecker is the main authorization point of the Security component.
@ -44,7 +43,7 @@ class AuthorizationChecker implements AuthorizationCheckerInterface
* *
* @throws AuthenticationCredentialsNotFoundException when the token storage has no authentication token * @throws AuthenticationCredentialsNotFoundException when the token storage has no authentication token
*/ */
final public function isGranted($attributes, $subject = null): bool final public function isGranted($attribute, $subject = null): bool
{ {
if (null === ($token = $this->tokenStorage->getToken())) { if (null === ($token = $this->tokenStorage->getToken())) {
throw new AuthenticationCredentialsNotFoundException('The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.'); throw new AuthenticationCredentialsNotFoundException('The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.');
@ -54,10 +53,6 @@ class AuthorizationChecker implements AuthorizationCheckerInterface
$this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token)); $this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));
} }
if (\is_array($attributes)) { return $this->accessDecisionManager->decide($token, [$attribute], $subject);
throw new InvalidArgumentException(sprintf('Passing an array of Security attributes to %s() is not supported.', __METHOD__));
}
return $this->accessDecisionManager->decide($token, [$attributes], $subject);
} }
} }

View File

@ -21,10 +21,10 @@ interface AuthorizationCheckerInterface
/** /**
* Checks if the attributes are granted against the current authentication token and optionally supplied subject. * Checks if the attributes are granted against the current authentication token and optionally supplied subject.
* *
* @param mixed $attributes * @param mixed $attribute A single attribute to vote on (can be of any type, string and instance of Expression are supported by the core)
* @param mixed $subject * @param mixed $subject
* *
* @return bool * @return bool
*/ */
public function isGranted($attributes, $subject = null); public function isGranted($attribute, $subject = null);
} }