diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
50,002 Commits 24 Branches 563 Tags 228 MiB
374d70568c
Commit Graph

7 Commits

Author SHA1 Message Date
Fabien Potencier
374d70568c feature #37620 [Security] Use NullToken while checking authorization (wouterj) 
This PR was merged into the 5.2-dev branch.

Discussion
----------

[Security] Use NullToken while checking authorization

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Tickets       | Fix #37523
| License       | MIT
| Doc PR        | tbd

This allows voters to grant access to unauthenticated users. E.g. some objects can be viewed by anyone, in this case the voter has to be able to grant access to unauthenticated users.

This *does break* the interface PHPdoc of `TokenInterface`: `getUser()` returns `null` instead of `string|UserInterface`. This is only true when using the new system, so not a real BC break. I think the only thing we can do to "guide" users is to add some custom handling for type errors related to `null` and `UserInterface` methods ("Did you forgot to check for `null` in the Voter?"). Is this something I should add to this PR?

Commits
-------

e37091541c Use NullToken while checking authorization
 2020-07-31 08:44:47 +02:00
dbrekelmans
c1344257f1 Fix getTranslationNodeVisitor() return type 2020-07-31 07:47:48 +02:00
Wouter de Jong
e37091541c Use NullToken while checking authorization 
This allows to e.g. have some objects that can be viewed by anyone (even unauthenticated users).
 2020-07-20 21:46:53 +02:00
Thomas Calvet
f64cbada89 [TwigBundle] Deprecate the public "twig" service to private 2020-06-24 16:45:15 +02:00
Nicolas Grekas
1bea690f4d [DI] deprecate Definition/Alias::setPrivate() 2020-06-22 10:12:56 +02:00
Fabien Potencier
6e28fdaa57 [Mime] Deprecate Address::fromString() 2020-06-09 17:54:11 +02:00
Christian Flothmann
ee169d5a0c deprecate the "allowEmptyString" option 2020-05-22 15:23:49 +02:00