Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[SecurityBundle] role_names variable instead of roles #40089

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 4, 2021
Merged

[SecurityBundle] role_names variable instead of roles #40089

merged 1 commit into from
Feb 4, 2021

Conversation

wickedOne
Copy link
Contributor

@wickedOne wickedOne commented Feb 4, 2021
edited
Loading

replaced the roles variable with role_names in order to fix cache warming

introduced @ d64372d

Q A
Branch? 4.4
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix #40087
License MIT
Doc PR symfony/symfony-docs#14923

@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 5.x branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@carsonbot
Copy link

Hey!

I did a quick review of this PR, I think most things looks good.

But you have made this PR towards a branch that is not maintained anymore. :/
Could you update the PR base branch to target one of these branches instead? 4.4, 5.2.

Cheers!

Carsonbot

@wickedOne wickedOne changed the base branch from 5.0 to 5.2 February 4, 2021 08:40
@nicolas-grekas nicolas-grekas changed the title role_names variable instead of roles [SecurityBundle] role_names variable instead of roles Feb 4, 2021
@nicolas-grekas nicolas-grekas added this to the 4.4 milestone Feb 4, 2021
@nicolas-grekas
Copy link
Member

That's for 4.4 I suppose?
Also, don't we miss auth_checker in the list?

symfony/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php

Lines 116 to 132 in 8bd81b5

$variables = [
'token' => $token,
'user' => $token->getUser(),
'object' => $subject,
'subject' => $subject,
'roles' => $roles,
'role_names' => $roleNames,
'trust_resolver' => $this->trustResolver,
'auth_checker' => $this->authChecker,
];
// this is mainly to propose a better experience when the expression is used
// in an access control rule, as the developer does not know that it's going
// to be handled by this voter
if ($subject instanceof Request) {
$variables['request'] = $subject;
}

@wickedOne
Copy link
Contributor Author

wickedOne commented Feb 4, 2021
edited
Loading

you're rigjt, both auth_checker and subject appear to be missing from the documentation and the auth_checker is missing as well in the cache warmer.

how do you suggest to proceed? fix these for the 4.4 branch and have the documentation corrected for both the 4.4 and 5.2 branch (as the roles attribute was deprecated in 5.0)?

@wouterj
Copy link
Member

wouterj commented Feb 4, 2021

If I'm correct, both roles and role_names exists in 4.4. So I think we need 2 PRs: one adding the missing vars in 4.4 and after that's merged, another PR removing roles in 5.2.

And we indeed need to add the missing vars to the documentation as well.

@wickedOne
Copy link
Contributor Author

ok, i'll update this one and change the base to 4.4

@nicolas-grekas
Copy link
Member

This PR targetting 4.4 would be enough as we'll be able to adjust for 5.2 when merging up.

@wickedOne wickedOne changed the base branch from 5.2 to 4.4 February 4, 2021 10:08
@wickedOne
Copy link
Contributor Author

wickedOne commented Feb 4, 2021
edited
Loading

updated and changed target (still have to update the docs tho)

@stof
Copy link
Member

stof commented Feb 4, 2021

IIRC, auth_checker was not documented because it was meant to be an internal implementation detail (used to implement the is_granted function which is what should be used)

@wickedOne @nicolas-grekas
[SecurityBundle] role_names variable instead of roles
58bb614 
replaced the roles variable with role_names in order to fix cache warming

fixes symfony#40087
nicolas-grekas
nicolas-grekas approved these changes Feb 4, 2021
View reviewed changes
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @stof, I removed auth_checker.

@nicolas-grekas
Copy link
Member

Thank you @wickedOne.

@nicolas-grekas nicolas-grekas merged commit 42b242c into symfony:4.4 Feb 4, 2021
@wickedOne wickedOne deleted the role_names branch February 4, 2021 11:24
@javiereguiluz javiereguiluz mentioned this pull request Feb 5, 2021
Merged
OskarStark added a commit to symfony/symfony-docs that referenced this pull request Feb 8, 2021
@OskarStark
minor #14933 [ExpressionLanguage][Security] Mention the "subject" exp…
60cd0f7 
…ression language variable (javiereguiluz)

This PR was merged into the 4.4 branch.

Discussion
----------

[ExpressionLanguage][Security] Mention the "subject" expression language variable

This was requested in symfony/symfony#40089

By the way, in my opinion providing two different ways of doing exactly the same is always confusing.

Commits
-------

4511683 Mention the "subject" expression language variable
This was referenced Mar 4, 2021
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@dunglas dunglas Awaiting requested review from dunglas

@jderusse jderusse Awaiting requested review from jderusse

@lyrixx lyrixx Awaiting requested review from lyrixx

@sroze sroze Awaiting requested review from sroze

@xabbuh xabbuh Awaiting requested review from xabbuh

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

@wouterj wouterj Awaiting requested review from wouterj wouterj is a code owner

Assignees
No one assigned
Labels
Bug Status: Reviewed
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
5 participants
@wickedOne @carsonbot @nicolas-grekas @wouterj @stof
Morty Proxy This is a proxified and sanitized view of the page, visit original site.