Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[Security] Add#[IsGranted()]#46907
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
55f1237 to0d540b2Compare| namespace Symfony\Component\Security\Http\Attribute; | ||
| /** | ||
| * @author Ryan Weaver <ryan@knpuniversity.com> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
I'm getting credit without even opening a PR 😎
src/Symfony/Component/Security/Http/EventListener/IsGrantedAttributeListener.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
0d540b2 tobf8d75eCompare
👍 just to be sure, the proposal you're talking about is the expression-language related part of#45415 (comment)? |
yep |
| * @author Ryan Weaver <ryan@knpuniversity.com> | ||
| */ | ||
| #[\Attribute(\Attribute::IS_REPEATABLE | \Attribute::TARGET_CLASS | \Attribute::TARGET_METHOD | \Attribute::TARGET_FUNCTION)] | ||
| class IsGranted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
should probably be final, because the usage of$event->getAttributes()[IsGranted::class] means that the listener does not support subclasses of that attribute.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
see#46915
Maybe add possible to use enum AdminRoles: string{case PostList ='ROLE_POST_LIST';case PostEdit = 'ROLE_POST_EDIT;}class MyControllers{ #[IsGranted(AdminRoles::PostList)] public function handleAction(): Response { }} |
No, seephp/php-src#8825 and alsohttps://peakd.com/hive-168588/@crell/on-the-use-of-enums . Enums in PHP are meant to limit accepted values, and Symfony cannot limit accepted roles (as an application is free to define their own set of roles). As such, Symfony can not support enums here. In PHP 8.2, you will be able to do |
Extracted from#45415 (and modernized a lot).
I did not implement the proposals from Stof to keep this first iteration simple. I'd appreciate help to improve the attribute in a follow up PR 🙏