NotificationsYou must be signed in to change notification settings
Fork9.6k
Star30.4k

Commitc6eb9ae

committed

[Security] Add ability for voters to explain their vote

1 parent6a6ebac commitc6eb9aeCopy full SHA for c6eb9ae

File tree

37 files changed

+491

-189

lines changed

UPGRADE-7.3.md
src/Symfony
- Bridge/Twig/Extension
  - SecurityExtension.php
- Bundle
  - FrameworkBundle
    - Controller
      - AbstractController.php
    - Tests/Controller
      - AbstractControllerTest.php
  - SecurityBundle
    - DataCollector
      - SecurityDataCollector.php
    - EventListener
      - VoteListener.php
    - Resources
      - config
        security_debug.php
      - views/Collector
        security.html.twig
    - Security.php
    - Tests/DataCollector
      - SecurityDataCollectorTest.php
- Component/Security
  - Core
    - Authorization
    - CHANGELOG.md
    - Event
      - VoteEvent.php
    - Exception
      - AccessDeniedException.php
    - Test
      - AccessDecisionStrategyTestCase.php
    - Tests
      - Authorization
        TraceableAccessDecisionManagerTest.php
        Voter
        VoterTest.php
      - Fixtures
        DummyVoter.php
  - Http
    - EventListener
      - IsGrantedAttributeListener.php
    - Firewall
      - AccessListener.php
      - SwitchUserListener.php
    - Tests
      - EventListener
        IsGrantedAttributeListenerTest.php
      - Firewall
        AccessListenerTest.php

37 files changed

+491

-189

lines changed

`‎UPGRADE-7.3.md`

Lines changed: 26 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,17 +16,19 @@ Ldap`
`16`	`16`	`Security`
`17`	`17`	`--------`
`18`	`18`
`19`		-* Deprecate`UserInterface::eraseCredentials()` and`TokenInterface::eraseCredentials()`,
	`19`	+* Deprecate`UserInterface::eraseCredentials()` and`TokenInterface::eraseCredentials()`;
`20`	`20`	erase credentials e.g. using`__serialize()` instead
`21`	`21`
`22`		`-Before`
	`22`	`+ Before:`
	`23`	`+`
`23`	`24`	```php
`24`	`25`	`public function eraseCredentials(): void`
`25`	`26`	`{`
`26`	`27`	`}`
`27`	`28`	```
`28`	`29`
`29`		`-After`
	`30`	`+ After:`
	`31`	`+`
`30`	`32`	```php
`31`	`33`	`#[\Deprecated]`
`32`	`34`	`public function eraseCredentials(): void`
`@@ -43,19 +45,36 @@ Security`
`43`	`45`	`}`
`44`	`46`	```
`45`	`47`
	`48`	+* Add argument`$vote` to`VoterInterface::vote()` and to`Voter::voteOnAttribute()`;
	`49`	`+ it should be used to report the reason of a vote. E.g:`
	`50`	`+`
	`51`	+```php
	`52`	`+ protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool`
	`53`	`+ {`
	`54`	`+ $vote ??= new Vote();`
	`55`	`+`
	`56`	`+ $vote->reasons[] = 'A brief explanation of why access is granted or denied, as appropriate.';`
	`57`	`+ }`
	`58`	+```
	`59`	`+`
	`60`	+* Add argument`$accessDecision` to`AccessDecisionManagerInterface::decide()` and`AuthorizationCheckerInterface::isGranted()`;
	`61`	`+ it should be used to report the reason of a decision, including all the related votes.`
	`62`	`+`
`46`	`63`	`Console`
`47`	`64`	`-------`
`48`	`65`
`49`		-* Omitting parameter types in callables configured via`Command::setCode` method is deprecated
	`66`	+* Omitting parameter types in callables configured via`Command::setCode()` method is deprecated
	`67`	`+`
	`68`	`+ Before:`
`50`	`69`
`51`		`-Before`
`52`	`70`	```php
`53`	`71`	`$command->setCode(function ($input, $output) {`
`54`	`72`	`// ...`
`55`	`73`	`});`
`56`	`74`	```
`57`	`75`
`58`		`-After`
	`76`	`+ After:`
	`77`	`+`
`59`	`78`	```php
`60`	`79`	`use Symfony\Component\Console\Input\InputInterface;`
`61`	`80`	`use Symfony\Component\Console\Output\OutputInterface;`
`@@ -119,6 +138,7 @@ Validator`
`119`	`138`	`}`
`120`	`139`	`}`
`121`	`140`	```
	`141`	`+`
`122`	`142`	`* Deprecate passing an array of options to the constructors of the constraint classes, pass each option as a dedicated argument instead`
`123`	`143`
`124`	`144`	`Before:`

`‎src/Symfony/Bridge/Twig/Extension/SecurityExtension.php`

Lines changed: 9 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@`
`12`	`12`	`namespaceSymfony\Bridge\Twig\Extension;`
`13`	`13`
`14`	`14`	`useSymfony\Component\Security\Acl\Voter\FieldVote;`
	`15`	`+useSymfony\Component\Security\Core\Authorization\AccessDecision;`
`15`	`16`	`useSymfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;`
`16`	`17`	`useSymfony\Component\Security\Core\Authorization\UserAuthorizationCheckerInterface;`
`17`	`18`	`useSymfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;`
`@@ -34,7 +35,7 @@ public function __construct(`
`34`	`35`	`) {`
`35`	`36`	`}`
`36`	`37`
`37`		`-publicfunctionisGranted(mixed$role,mixed$object =null, ?string$field =null):bool`
	`38`	`+publicfunctionisGranted(mixed$role,mixed$object =null, ?string$field =null, ?AccessDecision$accessDecision =null):bool`
`38`	`39`	`{`
`39`	`40`	`if (null ===$this->securityChecker) {`
`40`	`41`	`returnfalse;`
`@@ -49,13 +50,13 @@ public function isGranted(mixed $role, mixed $object = null, ?string $field = nu`
`49`	`50`	`}`
`50`	`51`
`51`	`52`	`try {`
`52`		`-return$this->securityChecker->isGranted($role,$object);`
	`53`	`+return$this->securityChecker->isGranted($role,$object,$accessDecision);`
`53`	`54`	`}catch (AuthenticationCredentialsNotFoundException) {`
`54`	`55`	`returnfalse;`
`55`	`56`	`}`
`56`	`57`	`}`
`57`	`58`
`58`		`-publicfunctionisGrantedForUser(UserInterface$user,mixed$attribute,mixed$subject =null, ?string$field =null):bool`
	`59`	`+publicfunctionisGrantedForUser(UserInterface$user,mixed$attribute,mixed$subject =null, ?string$field =null, ?AccessDecision$accessDecision =null):bool`
`59`	`60`	`{`
`60`	`61`	`if (!$this->userSecurityChecker) {`
`61`	`62`	`thrownew \LogicException(\sprintf('An instance of "%s" must be provided to use "%s()".', UserAuthorizationCheckerInterface::class,__METHOD__));`
`@@ -69,7 +70,11 @@ public function isGrantedForUser(UserInterface $user, mixed $attribute, mixed $s`
`69`	`70`	`$subject =newFieldVote($subject,$field);`
`70`	`71`	`}`
`71`	`72`
`72`		`-return$this->userSecurityChecker->isGrantedForUser($user,$attribute,$subject);`
	`73`	`+try {`
	`74`	`+return$this->userSecurityChecker->isGrantedForUser($user,$attribute,$subject,$accessDecision);`
	`75`	`+ }catch (AuthenticationCredentialsNotFoundException) {`
	`76`	`+returnfalse;`
	`77`	`+ }`
`73`	`78`	`}`
`74`	`79`
`75`	`80`	`publicfunctiongetImpersonateExitUrl(?string$exitTo =null):string`

`‎src/Symfony/Bundle/FrameworkBundle/Controller/AbstractController.php`

Lines changed: 33 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,7 @@`
`35`	`35`	`useSymfony\Component\Routing\Generator\UrlGeneratorInterface;`
`36`	`36`	`useSymfony\Component\Routing\RouterInterface;`
`37`	`37`	`useSymfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
	`38`	`+useSymfony\Component\Security\Core\Authorization\AccessDecision;`
`38`	`39`	`useSymfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;`
`39`	`40`	`useSymfony\Component\Security\Core\Exception\AccessDeniedException;`
`40`	`41`	`useSymfony\Component\Security\Core\User\UserInterface;`
`@@ -202,6 +203,21 @@ protected function isGranted(mixed $attribute, mixed $subject = null): bool`
`202`	`203`	`return$this->container->get('security.authorization_checker')->isGranted($attribute,$subject);`
`203`	`204`	`}`
`204`	`205`
	`206`	`+/**`
	`207`	`+ * Checks if the attribute is granted against the current authentication token and optionally supplied subject.`
	`208`	`+ */`
	`209`	`+protectedfunctiongetAccessDecision(mixed$attribute,mixed$subject =null):AccessDecision`
	`210`	`+ {`
	`211`	`+if (!$this->container->has('security.authorization_checker')) {`
	`212`	`+thrownew \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');`
	`213`	`+ }`
	`214`	`+`
	`215`	`+$accessDecision =newAccessDecision();`
	`216`	`+$accessDecision->isGranted =$this->container->get('security.authorization_checker')->isGranted($attribute,$subject,$accessDecision);`
	`217`	`+`
	`218`	`+return$accessDecision;`
	`219`	`+ }`
	`220`	`+`
`205`	`221`	`/**`
`206`	`222`	`* Throws an exception unless the attribute is granted against the current authentication token and optionally`
`207`	`223`	`* supplied subject.`
`@@ -210,12 +226,24 @@ protected function isGranted(mixed $attribute, mixed $subject = null): bool`
`210`	`226`	`*/`
`211`	`227`	`protectedfunctiondenyAccessUnlessGranted(mixed$attribute,mixed$subject =null,string$message ='Access Denied.'):void`
`212`	`228`	`{`
`213`		`-if (!$this->isGranted($attribute,$subject)) {`
`214`		`-$exception =$this->createAccessDeniedException($message);`
`215`		`-$exception->setAttributes([$attribute]);`
`216`		`-$exception->setSubject($subject);`
	`229`	`+if (class_exists(AccessDecision::class)) {`
	`230`	`+$accessDecision =$this->getAccessDecision($attribute,$subject);`
	`231`	`+$isGranted =$accessDecision->isGranted;`
	`232`	`+ }else {`
	`233`	`+$accessDecision =null;`
	`234`	`+$isGranted =$this->isGranted($attribute,$subject);`
	`235`	`+ }`
	`236`	`+`
	`237`	`+if (!$isGranted) {`
	`238`	`+$e =$this->createAccessDeniedException(3 >\func_num_args() &&$accessDecision ?$accessDecision->getMessage() :$message);`
	`239`	`+$e->setAttributes([$attribute]);`
	`240`	`+$e->setSubject($subject);`
	`241`	`+`
	`242`	`+if ($accessDecision) {`
	`243`	`+$e->setAccessDecision($accessDecision);`
	`244`	`+ }`
`217`	`245`
`218`		`-throw$exception;`
	`246`	`+throw$e;`
`219`	`247`	`}`
`220`	`248`	`}`
`221`	`249`

`‎src/Symfony/Bundle/FrameworkBundle/Tests/Controller/AbstractControllerTest.php`

Lines changed: 26 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,10 @@`
`40`	`40`	`useSymfony\Component\Routing\RouterInterface;`
`41`	`41`	`useSymfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;`
`42`	`42`	`useSymfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;`
	`43`	`+useSymfony\Component\Security\Core\Authorization\AccessDecision;`
`43`	`44`	`useSymfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;`
	`45`	`+useSymfony\Component\Security\Core\Authorization\Voter\Vote;`
	`46`	`+useSymfony\Component\Security\Core\Authorization\Voter\VoterInterface;`
`44`	`47`	`useSymfony\Component\Security\Core\Exception\AccessDeniedException;`
`45`	`48`	`useSymfony\Component\Security\Core\User\InMemoryUser;`
`46`	`49`	`useSymfony\Component\Security\Csrf\CsrfTokenManagerInterface;`
`@@ -352,7 +355,19 @@ public function testIsGranted()`
`352`	`355`	`publicfunctiontestdenyAccessUnlessGranted()`
`353`	`356`	`{`
`354`	`357`	`$authorizationChecker =$this->createMock(AuthorizationCheckerInterface::class);`
`355`		`-$authorizationChecker->expects($this->once())->method('isGranted')->willReturn(false);`
	`358`	`+$authorizationChecker`
	`359`	`+ ->expects($this->once())`
	`360`	`+ ->method('isGranted')`
	`361`	`+ ->willReturnCallback(function ($attribute,$subject, ?AccessDecision$accessDecision =null) {`
	`362`	`+if (class_exists(AccessDecision::class)) {`
	`363`	`+$this->assertInstanceOf(AccessDecision::class,$accessDecision);`
	`364`	`+$accessDecision->votes[] =$vote =newVote();`
	`365`	`+$vote->result = VoterInterface::ACCESS_DENIED;`
	`366`	`+$vote->reasons[] ='Why should I.';`
	`367`	`+ }`
	`368`	`+`
	`369`	`+returnfalse;`
	`370`	`+ });`
`356`	`371`
`357`	`372`	`$container =newContainer();`
`358`	`373`	`$container->set('security.authorization_checker',$authorizationChecker);`
`@@ -361,8 +376,17 @@ public function testdenyAccessUnlessGranted()`
`361`	`376`	`$controller->setContainer($container);`
`362`	`377`
`363`	`378`	`$this->expectException(AccessDeniedException::class);`
	`379`	`+$this->expectExceptionMessage('Access Denied.'.(class_exists(AccessDecision::class) ?' Why should I.' :''));`
`364`	`380`
`365`		`-$controller->denyAccessUnlessGranted('foo');`
	`381`	`+try {`
	`382`	`+$controller->denyAccessUnlessGranted('foo');`
	`383`	`+ }catch (AccessDeniedException$e) {`
	`384`	`+if (class_exists(AccessDecision::class)) {`
	`385`	`+$this->assertFalse($e->getAccessDecision()->isGranted);`
	`386`	`+ }`
	`387`	`+`
	`388`	`+throw$e;`
	`389`	`+ }`
`366`	`390`	`}`
`367`	`391`
`368`	`392`	`/**`

`‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -138,6 +138,7 @@ public function collect(Request $request, Response $response, ?\Throwable $excep`
`138`	`138`
`139`	`139`	`// collect voter details`
`140`	`140`	`$decisionLog =$this->accessDecisionManager->getDecisionLog();`
	`141`	`+`
`141`	`142`	`foreach ($decisionLogas$key =>$log) {`
`142`	`143`	`$decisionLog[$key]['voter_details'] = [];`
`143`	`144`	`foreach ($log['voterDetails']as$voterDetail) {`
`@@ -147,6 +148,7 @@ public function collect(Request $request, Response $response, ?\Throwable $excep`
`147`	`148`	`'class' =>$classData,`
`148`	`149`	`'attributes' =>$voterDetail['attributes'],// Only displayed for unanimous strategy`
`149`	`150`	`'vote' =>$voterDetail['vote'],`
	`151`	`+'reasons' =>$voterDetail['reasons'] ?? [],`
`150`	`152`	`];`
`151`	`153`	`}`
`152`	`154`	`unset($decisionLog[$key]['voterDetails']);`

`‎src/Symfony/Bundle/SecurityBundle/EventListener/VoteListener.php`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ public function __construct(`
`31`	`31`
`32`	`32`	`publicfunctiononVoterVote(VoteEvent$event):void`
`33`	`33`	`{`
`34`		`-$this->traceableAccessDecisionManager->addVoterVote($event->getVoter(),$event->getAttributes(),$event->getVote());`
	`34`	`+$this->traceableAccessDecisionManager->addVoterVote($event->getVoter(),$event->getAttributes(),$event->getVote(),$event->getReasons());`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`publicstaticfunctiongetSubscribedEvents():array`

`‎src/Symfony/Bundle/SecurityBundle/Resources/config/security_debug.php`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@`
`22`	`22`	`->args([`
`23`	`23`	`service('debug.security.access.decision_manager.inner'),`
`24`	`24`	`])`
	`25`	`+ ->tag('kernel.reset', ['method' =>'reset','on_invalid' =>'ignore'])`
`25`	`26`
`26`	`27`	`->set('debug.security.voter.vote_listener', VoteListener::class)`
`27`	`28`	`->args([`

`‎src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig`

Lines changed: 8 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -571,14 +571,19 @@`
`571`	`571`	`{%endif %}`
`572`	`572`	`<tdclass="font-normal text-small">`
`573`	`573`	`{%ifvoter_detail['vote']==constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_GRANTED') %}`
`574`		`-ACCESSGRANTED`
	`574`	`+ GRANTED`
`575`	`575`	`{%elseifvoter_detail['vote']==constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_ABSTAIN') %}`
`576`		`-ACCESSABSTAIN`
	`576`	`+ ABSTAIN`
`577`	`577`	`{%elseifvoter_detail['vote']==constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_DENIED') %}`
`578`		`-ACCESSDENIED`
	`578`	`+ DENIED`
`579`	`579`	`{%else %}`
`580`	`580`	`unknown ({{voter_detail['vote'] }})`
`581`	`581`	`{%endif %}`
	`582`	`+ {%ifvoter_detail['reasons']is notempty %}`
	`583`	`+ {%forvoter_reasoninvoter_detail['reasons'] %}`
	`584`	`+ <br>{{voter_reason }}`
	`585`	`+ {%endfor %}`
	`586`	`+ {%endif %}`
`582`	`587`	`</td>`
`583`	`588`	`</tr>`
`584`	`589`	`{%endfor %}`

`‎src/Symfony/Bundle/SecurityBundle/Security.php`

Lines changed: 5 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@`
`17`	`17`	`useSymfony\Component\HttpFoundation\Response;`
`18`	`18`	`useSymfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`19`	`19`	`useSymfony\Component\Security\Core\Authentication\Token\TokenInterface;`
	`20`	`+useSymfony\Component\Security\Core\Authorization\AccessDecision;`
`20`	`21`	`useSymfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;`
`21`	`22`	`useSymfony\Component\Security\Core\Authorization\UserAuthorizationCheckerInterface;`
`22`	`23`	`useSymfony\Component\Security\Core\Exception\LogicException;`
`@@ -58,10 +59,10 @@ public function getUser(): ?UserInterface`
`58`	`59`	`/**`
`59`	`60`	`* Checks if the attributes are granted against the current authentication token and optionally supplied subject.`
`60`	`61`	`*/`
`61`		`-publicfunctionisGranted(mixed$attributes,mixed$subject =null):bool`
	`62`	`+publicfunctionisGranted(mixed$attributes,mixed$subject =null, ?AccessDecision$accessDecision =null):bool`
`62`	`63`	`{`
`63`	`64`	`return$this->container->get('security.authorization_checker')`
`64`		`- ->isGranted($attributes,$subject);`
	`65`	`+ ->isGranted($attributes,$subject,$accessDecision);`
`65`	`66`	`}`
`66`	`67`
`67`	`68`	`publicfunctiongetToken(): ?TokenInterface`
`@@ -154,10 +155,10 @@ public function logout(bool $validateCsrfToken = true): ?Response`
`154`	`155`	`*`
`155`	`156`	`* This should be used over isGranted() when checking permissions against a user that is not currently logged in or while in a CLI context.`
`156`	`157`	`*/`
`157`		`-publicfunctionisGrantedForUser(UserInterface$user,mixed$attribute,mixed$subject =null):bool`
	`158`	`+publicfunctionisGrantedForUser(UserInterface$user,mixed$attribute,mixed$subject =null, ?AccessDecision$accessDecision =null):bool`
`158`	`159`	`{`
`159`	`160`	`return$this->container->get('security.user_authorization_checker')`
`160`		`- ->isGrantedForUser($user,$attribute,$subject);`
	`161`	`+ ->isGrantedForUser($user,$attribute,$subject,$accessDecision);`
`161`	`162`	`}`
`162`	`163`
`163`	`164`	`privatefunctiongetAuthenticator(?string$authenticatorName,string$firewallName):AuthenticatorInterface`

`‎src/Symfony/Bundle/SecurityBundle/Tests/DataCollector/SecurityDataCollectorTest.php`

Lines changed: 10 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,7 @@`
`28`	`28`	`useSymfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;`
`29`	`29`	`useSymfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager;`
`30`	`30`	`useSymfony\Component\Security\Core\Authorization\Voter\TraceableVoter;`
	`31`	`+useSymfony\Component\Security\Core\Authorization\Voter\Vote;`
`31`	`32`	`useSymfony\Component\Security\Core\Authorization\Voter\VoterInterface;`
`32`	`33`	`useSymfony\Component\Security\Core\Role\RoleHierarchy;`
`33`	`34`	`useSymfony\Component\Security\Core\User\InMemoryUser;`
`@@ -271,8 +272,8 @@ public function dispatch(object $event, ?string $eventName = null): object`
`271`	`272`	`'object' =>new \stdClass(),`
`272`	`273`	`'result' =>true,`
`273`	`274`	`'voter_details' => [`
`274`		`- ['class' =>$voter1::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_ABSTAIN],`
`275`		`- ['class' =>$voter2::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_ABSTAIN],`
	`275`	`+ ['class' =>$voter1::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_ABSTAIN,'reasons' => []],`
	`276`	`+ ['class' =>$voter2::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_ABSTAIN,'reasons' => []],`
`276`	`277`	`],`
`277`	`278`	`]];`
`278`	`279`
`@@ -360,19 +361,19 @@ public function dispatch(object $event, ?string $eventName = null): object`
`360`	`361`	`'object' =>new \stdClass(),`
`361`	`362`	`'result' =>false,`
`362`	`363`	`'voter_details' => [`
`363`		`- ['class' =>$voter1::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_DENIED],`
`364`		`- ['class' =>$voter1::class,'attributes' => ['edit'],'vote' => VoterInterface::ACCESS_DENIED],`
`365`		`- ['class' =>$voter2::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_GRANTED],`
`366`		`- ['class' =>$voter2::class,'attributes' => ['edit'],'vote' => VoterInterface::ACCESS_GRANTED],`
	`364`	`+ ['class' =>$voter1::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_DENIED,'reasons' => []],`
	`365`	`+ ['class' =>$voter1::class,'attributes' => ['edit'],'vote' => VoterInterface::ACCESS_DENIED,'reasons' => []],`
	`366`	`+ ['class' =>$voter2::class,'attributes' => ['view'],'vote' => VoterInterface::ACCESS_GRANTED,'reasons' => []],`
	`367`	`+ ['class' =>$voter2::class,'attributes' => ['edit'],'vote' => VoterInterface::ACCESS_GRANTED,'reasons' => []],`
`367`	`368`	`],`
`368`	`369`	`],`
`369`	`370`	`[`
`370`	`371`	`'attributes' => ['update'],`
`371`	`372`	`'object' =>new \stdClass(),`
`372`	`373`	`'result' =>true,`
`373`	`374`	`'voter_details' => [`
`374`		`- ['class' =>$voter1::class,'attributes' => ['update'],'vote' => VoterInterface::ACCESS_GRANTED],`
`375`		`- ['class' =>$voter2::class,'attributes' => ['update'],'vote' => VoterInterface::ACCESS_GRANTED],`
	`375`	`+ ['class' =>$voter1::class,'attributes' => ['update'],'vote' => VoterInterface::ACCESS_GRANTED,'reasons' => []],`
	`376`	`+ ['class' =>$voter2::class,'attributes' => ['update'],'vote' => VoterInterface::ACCESS_GRANTED,'reasons' => []],`
`376`	`377`	`],`
`377`	`378`	`],`
`378`	`379`	`];`
`@@ -461,7 +462,7 @@ private function getRoleHierarchy()`
`461`	`462`
`462`	`463`	`finalclass DummyVoterimplements VoterInterface`
`463`	`464`	`{`
`464`		`-publicfunctionvote(TokenInterface$token,mixed$subject,array$attributes):int`
	`465`	`+publicfunctionvote(TokenInterface$token,mixed$subject,array$attributes, ?Vote$vote =null):int`
`465`	`466`	`{`
`466`	`467`	`}`
`467`	`468`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commitc6eb9ae

File tree

37 files changed

37 files changed

`‎UPGRADE-7.3.md`

`‎src/Symfony/Bridge/Twig/Extension/SecurityExtension.php`

`‎src/Symfony/Bundle/FrameworkBundle/Controller/AbstractController.php`

`‎src/Symfony/Bundle/FrameworkBundle/Tests/Controller/AbstractControllerTest.php`

`‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php`

`‎src/Symfony/Bundle/SecurityBundle/EventListener/VoteListener.php`

`‎src/Symfony/Bundle/SecurityBundle/Resources/config/security_debug.php`

`‎src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig`

`‎src/Symfony/Bundle/SecurityBundle/Security.php`

`‎src/Symfony/Bundle/SecurityBundle/Tests/DataCollector/SecurityDataCollectorTest.php`

0 commit comments