Skip to content

Navigation Menu

Sign in

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[Security] Add retrieval of encompassing role names #53998

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: 7.3
Choose a base branch
Loading
from
Open

[Security] Add retrieval of encompassing role names #53998

wants to merge 1 commit into from
+39 −0

Conversation

PierreCapel
Copy link
Contributor

@PierreCapel PierreCapel commented Feb 19, 2024
edited by nicolas-grekas
Loading

Q A
Branch? 7.1
Bug fix? no
New feature? yes
Deprecations? no
License MIT

The aim of this method is to provide a handy way of getting the roles that encompass (or are parent of) an array of roles.

It is similar to the RoleHierarchyInterface::getReachableRoleNames(array $roles) but instead of retrieving the roles and children roles it retrieves the roles and parent roles.

A typical use case would be when we get a user role from a database and need to get all the roles that also have access to whatever this role can access.

Also what do you guys think of renaming the existinggetReachableRoleNames (that retrieves the "children roles" of an array of roles) as well as getEncompassingRoleNames (that retrieves the "parent roles" of an array of roles) to getParentRoles and getChildrenRoles in order to better reflect their intention ?

For the sake of this PR I tried to use a naming that is consistent with the existing getReachableRoleNames method.

@PierreCapel PierreCapel requested a review from chalasr as a code owner February 19, 2024 14:54
@carsonbot carsonbot added this to the 7.1 milestone Feb 19, 2024
@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 7.1 branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@PierreCapel PierreCapel force-pushed the security-get-encompassing-role-names branch 2 times, most recently from c48453b to f1cc872 Compare February 19, 2024 15:03
nicolas-grekas
nicolas-grekas reviewed Feb 20, 2024
View reviewed changes
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

random review :)

src/Symfony/Component/Security/Core/CHANGELOG.md Outdated Show resolved Hide resolved
src/Symfony/Component/Security/Core/Role/RoleHierarchy.php Outdated Show resolved Hide resolved
@PierreCapel PierreCapel force-pushed the security-get-encompassing-role-names branch from f1cc872 to a21bcee Compare February 20, 2024 13:06
@PierreCapel
[Security] Add retrieval of encompassing role names
983742e 
The aim of this method is to provide a handy way of getting the roles that encompass (or are parent of) an array of roles.

It is similar to the getReachableRoleNames from the same interface but instead of retrieving the children roles it retrieves the parent roles.

A typical use case would be when we get a user role from a database and need to get all the roles that also have access to what this role can access.
@PierreCapel PierreCapel force-pushed the security-get-encompassing-role-names branch from a21bcee to 983742e Compare February 20, 2024 13:08
94noni
94noni approved these changes Feb 22, 2024
View reviewed changes
Copy link
Contributor

@94noni 94noni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1
for renaming part, why not in a bc manner and on other PR I think :)

@Jean-Beru Jean-Beru mentioned this pull request Mar 8, 2024
Closed
@xabbuh xabbuh modified the milestones: 7.1, 7.2 May 15, 2024
@fabpot fabpot modified the milestones: 7.2, 7.3 Nov 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas left review comments

@94noni 94noni 94noni approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Feature Security Status: Reviewed
Projects
None yet
Milestone
7.3
Development

Successfully merging this pull request may close these issues.
6 participants
@PierreCapel @carsonbot @nicolas-grekas @94noni @fabpot @xabbuh
Morty Proxy This is a proxified and sanitized view of the page, visit original site.