minor #33697 [Security] remove deprecated code paths (xabbuh)
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Security] remove deprecated code paths
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
2b6ce01a98
remove deprecated code paths
This commit is contained in:
commit
ec2afb7b43
|
@ -4,6 +4,23 @@ CHANGELOG
|
||||||
5.0.0
|
5.0.0
|
||||||
-----
|
-----
|
||||||
|
|
||||||
|
* Dropped support for passing more than one attribute to `AccessDecisionManager::decide()` and `AuthorizationChecker::isGranted()` (and indirectly the `is_granted()` Twig and ExpressionLanguage function):
|
||||||
|
|
||||||
|
**Before**
|
||||||
|
```php
|
||||||
|
if ($this->authorizationChecker->isGranted(['ROLE_USER', 'ROLE_ADMIN'])) {
|
||||||
|
// ...
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
**After**
|
||||||
|
```php
|
||||||
|
if ($this->authorizationChecker->isGranted(new Expression("has_role('ROLE_USER') or has_role('ROLE_ADMIN')"))) {}
|
||||||
|
// or:
|
||||||
|
if ($this->authorizationChecker->isGranted('ROLE_USER')
|
||||||
|
|| $this->authorizationChecker->isGranted('ROLE_ADMIN')
|
||||||
|
) {}
|
||||||
|
```
|
||||||
* Implementations of `Guard\AuthenticatorInterface::checkCredentials()` must return
|
* Implementations of `Guard\AuthenticatorInterface::checkCredentials()` must return
|
||||||
a boolean value now. Please explicitly return `false` to indicate invalid credentials.
|
a boolean value now. Please explicitly return `false` to indicate invalid credentials.
|
||||||
* The `LdapUserProvider` class has been removed, use `Symfony\Component\Ldap\Security\LdapUserProvider` instead.
|
* The `LdapUserProvider` class has been removed, use `Symfony\Component\Ldap\Security\LdapUserProvider` instead.
|
||||||
|
|
|
@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Core\Authorization;
|
||||||
|
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||||
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
|
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
|
||||||
|
use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* AccessDecisionManager is the base class for all access decision managers
|
* AccessDecisionManager is the base class for all access decision managers
|
||||||
|
@ -58,7 +59,7 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
|
||||||
public function decide(TokenInterface $token, array $attributes, $object = null)
|
public function decide(TokenInterface $token, array $attributes, $object = null)
|
||||||
{
|
{
|
||||||
if (\count($attributes) > 1) {
|
if (\count($attributes) > 1) {
|
||||||
@trigger_error('Passing more than one Security attribute to '.__METHOD__.' is deprecated since Symfony 4.4. Use multiple decide() calls or the expression language (e.g. "has_role(...) or has_role(...)") instead.', \E_USER_DEPRECATED);
|
throw new InvalidArgumentException(sprintf('Passing more than one Security attribute to %s() is not supported.', __METHOD__));
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->{$this->strategy}($token, $attributes, $object);
|
return $this->{$this->strategy}($token, $attributes, $object);
|
||||||
|
|
|
@ -14,6 +14,7 @@ namespace Symfony\Component\Security\Core\Authorization;
|
||||||
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||||
use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
|
use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
|
||||||
|
use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* AuthorizationChecker is the main authorization point of the Security component.
|
* AuthorizationChecker is the main authorization point of the Security component.
|
||||||
|
@ -53,12 +54,10 @@ class AuthorizationChecker implements AuthorizationCheckerInterface
|
||||||
$this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));
|
$this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!\is_array($attributes)) {
|
if (\is_array($attributes)) {
|
||||||
$attributes = [$attributes];
|
throw new InvalidArgumentException(sprintf('Passing an array of Security attributes to %s() is not supported.', __METHOD__));
|
||||||
} else {
|
|
||||||
@trigger_error('Passing an array of Security attributes to '.__METHOD__.' is deprecated since Symfony 4.4. Use multiple isGranted() calls or the expression language (e.g. "has_role(...) or has_role(...)") instead.', \E_USER_DEPRECATED);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->accessDecisionManager->decide($token, $attributes, $subject);
|
return $this->accessDecisionManager->decide($token, (array) $attributes, $subject);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Reference in New Issue