Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

[Security] Add the ability for voter to return decision reason#43147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Closed
yellow1912 wants to merge36 commits intosymfony:6.2fromyellow1912:5.4

Conversation

yellow1912
Copy link

@yellow1912yellow1912 commentedSep 23, 2021
edited
Loading

Sometimes we need to know why the voter makes a certain decision.
This changes allows us to return a vote object which contains a reason.

QA
Branch?5.4
Bug fix?no
New feature?yes
Deprecations?yes
TicketsFix#27995,#26343,#35592
LicenseMIT
Doc PRn/a

This is a PR continuing the work started by@maidmaid and@noniagriconomie in#35592

All the code is contributed by azjezz, I only merge the changes into 5.4 branch since he/she does not have time right now.
(Original PR:#40711)

The initial PR is meant to see if all tests passed (I expect tests to fail). More changes will come later since this PR contains BC.

maidmaid, noniagriconomie, gesof, chapterjason, Warxcell, and j-schumann reacted with thumbs up emoji
Sometimes we need to know why the voter makes a certain decision.This changes allows us to return a vote object which contains a reason.
@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has acontribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (seehttps://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (seehttps://symfony.com/releases)
  • Features and deprecations must be submitted against the 5.4 branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

We cannot use the interface at the moment because the new methodis not available in the interface yet.We also cannot put the new method inside the interface because itcan break current/old code.
@noniagriconomie
Copy link
Contributor

@yellow1912 thank you taking over this!
As I mentionned on the other PR, my "work" here is only PR review :)

Feel free to ping me when you consider this PR finaly reviewable, I will be glad to do so 👍

@yellow1912
Copy link
Author

@noniagriconomie can you check and let me know if there is anything else I should fix? I see unittests still fail but not entirely sure why, I see only notices.

@carsonbotcarsonbot changed the titleAdd the ability for voter to return decision reason[Security] Add the ability for voter to return decision reasonOct 7, 2021
@noniagriconomie
Copy link
Contributor

@yellow1912 unfortunatly, i may not be the best to answerif there is anything else I should fix here
maybe ping some core maintainers and/or code owners :)
but iirc the v5.4 is feature freezed

@yellow1912
Copy link
Author

@stof Please let me know if:

  1. There is anything else I should fix?
  2. Should I bump this to another branch if 5.4 is frozen? And which one should that be?

@chalasr
Copy link
Member

I'll take time to test this thoroughly during the last week of October. My main concern is about the BC layer, for 3rd party bundles especially, but I feel like we are quite close.

wouterj reacted with thumbs up emoji

@yellow1912
Copy link
Author

@chalasr Have you got the time to take a look at this? Once you checked everything I can update it to 6.x instead because it seems like 5.x is closed now.

@chalasr
Copy link
Member

@yellow1912 We will need to make this happen on 6.1, yes.

The core team' focus is currently about stabilizing core code/docs and syncing community projects for 5.4 and 6.0.

I will revisit this early in the 6.1 development stage. Thanks for your patience.

@derrabus
Copy link
Member

In the meantime, you can already rebase onto the 6.0 branch (6.1 is not open yet) which also means you can use all the juicy new PHP 8.0 features. 😎

chapterjason and Warxcell reacted with rocket emoji

@derrabusderrabus changed the base branch from5.4 to6.0November 11, 2021 17:29
@noniagriconomie
Copy link
Contributor

@yellow1912 I've reminded myself this PR, did you had time/energy to rebase it for sf v6?

thank you :)

@derrabusderrabus changed the base branch from6.0 to6.1January 18, 2022 12:36
@yellow1912
Copy link
Author

@yellow1912 I've reminded myself this PR, did you had time/energy to rebase it for sf v6?

thank you :)

I haven't got the time to do that, but I will try to finish it within the next 2 weeks, too many things on my disk at the moment.

@fabpotfabpot modified the milestones:6.1,6.2May 20, 2022
alamirault added a commit to alamirault/symfony that referenced this pull requestMay 26, 2022
@fabpot
Copy link
Member

fabpot commentedJul 22, 2022
edited
Loading

Closing in favor of#46493

@fabpotfabpot closed thisJul 22, 2022
fabpot added a commit that referenced this pull requestFeb 17, 2025
…e (nicolas-grekas)This PR was merged into the 7.3 branch.Discussion----------[Security] Add ability for voters to explain their vote| Q             | A| ------------- | ---| Branch?       | 7.3| Bug fix?      | no| New feature?  | no| Deprecations? | no| Issues        |Fix#27995,#26343,#35592,#43147| License       | MITThis PR takes over#58107, which itself took over from#46493, etc.It takes the only approach I could think of that would preserve BC.The visible tip of what this achieves is:![image](https://github.com/user-attachments/assets/67bd0678-868f-40ed-b2c6-3b1f10ffe101)![image](https://github.com/user-attachments/assets/715814d8-e4de-47f0-aa0e-c412092389ff)Internally, this provides a new access audit log infrastructure that relies on new `AccessDecision` and `Vote` objects.Note that I didn't add (nor fix) tests for now. I'll borrow (and credit) from#58107 /#46493 as much as possible.Commits-------c6eb9ae [Security] Add ability for voters to explain their vote
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

@stofstofstof requested changes

@chalasrchalasrchalasr left review comments

@noniagriconomienoniagriconomienoniagriconomie left review comments

@wouterjwouterjAwaiting requested review from wouterjwouterj is a code owner

Assignees
No one assigned
Projects
None yet
Milestone
6.2
Development

Successfully merging this pull request may close these issues.

[Security][DX] Be able to know why exactly SecurityVoter returns false
7 participants
@yellow1912@carsonbot@noniagriconomie@chalasr@derrabus@fabpot@stof
[8]ページ先頭
©2009-2025 Movatter.jp