Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Commit 37ceef0

Browse filesBrowse files
committed
feature #16755 [Security] add subject variable to expression context (xabbuh)
This PR was merged into the 2.8 branch. Discussion ---------- [Security] add subject variable to expression context | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | #16600 | License | MIT | Doc PR | TODO Commits ------- 346943e add subject variable to expression context
2 parents 729b98c + 346943e commit 37ceef0
Copy full SHA for 37ceef0

File tree

2 files changed

+4
-0
lines changed
Filter options

2 files changed

+4
-0
lines changed

‎UPGRADE-2.8.md

Copy file name to clipboardExpand all lines: UPGRADE-2.8.md
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -448,6 +448,9 @@ FrameworkBundle
448448
Security
449449
--------
450450
451+
* The `object` variable passed to expressions evaluated by the `ExpressionVoter`
452+
is deprecated. Instead use the new `subject` variable.
453+
451454
* The `AbstractVoter` class was deprecated. Instead, extend the `Voter` class and
452455
move your voting logic in the `supports($attribute, $subject)` and
453456
`voteOnAttribute($attribute, $object, TokenInterface $token)` methods.

‎src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,7 @@ private function getVariables(TokenInterface $token, $object)
102102
'token' => $token,
103103
'user' => $token->getUser(),
104104
'object' => $object,
105+
'subject' => $object,
105106
'roles' => array_map(function ($role) { return $role->getRole(); }, $roles),
106107
'trust_resolver' => $this->trustResolver,
107108
);

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.