diff options
| author | Christian Flothmann <christian.flothmann@xabbuh.de> | 2015-11-30 11:00:36 +0100 |
|---|---|---|
| committer | Christian Flothmann <christian.flothmann@xabbuh.de> | 2015-11-30 11:38:54 +0100 |
| commit | 40457cde075728371efbc0c5427a6b7b96647655 (patch) | |
| tree | 66bac669f0a92fccea79be58c1992f2db184878b /Core | |
| parent | 7b07ea0cbd2ceb901b2b6bca0f6a76714285cd22 (diff) | |
| download | symfony-security-40457cde075728371efbc0c5427a6b7b96647655.zip symfony-security-40457cde075728371efbc0c5427a6b7b96647655.tar.gz symfony-security-40457cde075728371efbc0c5427a6b7b96647655.tar.bz2 | |
allow arbitrary types in VoterInterface::vote()
Diffstat (limited to 'Core')
| -rw-r--r-- | Core/Authorization/Voter/AuthenticatedVoter.php | 2 | ||||
| -rw-r--r-- | Core/Authorization/Voter/ExpressionVoter.php | 12 | ||||
| -rw-r--r-- | Core/Authorization/Voter/RoleVoter.php | 2 | ||||
| -rw-r--r-- | Core/Authorization/Voter/Voter.php | 6 | ||||
| -rw-r--r-- | Core/Authorization/Voter/VoterInterface.php | 4 |
5 files changed, 13 insertions, 13 deletions
diff --git a/Core/Authorization/Voter/AuthenticatedVoter.php b/Core/Authorization/Voter/AuthenticatedVoter.php index 762e9bc..dc1407b 100644 --- a/Core/Authorization/Voter/AuthenticatedVoter.php +++ b/Core/Authorization/Voter/AuthenticatedVoter.php @@ -44,7 +44,7 @@ class AuthenticatedVoter implements VoterInterface /** * {@inheritdoc} */ - public function vote(TokenInterface $token, $object, array $attributes) + public function vote(TokenInterface $token, $subject, array $attributes) { $result = VoterInterface::ACCESS_ABSTAIN; foreach ($attributes as $attribute) { diff --git a/Core/Authorization/Voter/ExpressionVoter.php b/Core/Authorization/Voter/ExpressionVoter.php index 0842856..c85ad9c 100644 --- a/Core/Authorization/Voter/ExpressionVoter.php +++ b/Core/Authorization/Voter/ExpressionVoter.php @@ -52,7 +52,7 @@ class ExpressionVoter implements VoterInterface /** * {@inheritdoc} */ - public function vote(TokenInterface $token, $object, array $attributes) + public function vote(TokenInterface $token, $subject, array $attributes) { $result = VoterInterface::ACCESS_ABSTAIN; $variables = null; @@ -62,7 +62,7 @@ class ExpressionVoter implements VoterInterface } if (null === $variables) { - $variables = $this->getVariables($token, $object); + $variables = $this->getVariables($token, $subject); } $result = VoterInterface::ACCESS_DENIED; @@ -74,7 +74,7 @@ class ExpressionVoter implements VoterInterface return $result; } - private function getVariables(TokenInterface $token, $object) + private function getVariables(TokenInterface $token, $subject) { if (null !== $this->roleHierarchy) { $roles = $this->roleHierarchy->getReachableRoles($token->getRoles()); @@ -85,7 +85,7 @@ class ExpressionVoter implements VoterInterface $variables = array( 'token' => $token, 'user' => $token->getUser(), - 'object' => $object, + 'object' => $subject, 'roles' => array_map(function ($role) { return $role->getRole(); }, $roles), 'trust_resolver' => $this->trustResolver, ); @@ -93,8 +93,8 @@ class ExpressionVoter implements VoterInterface // this is mainly to propose a better experience when the expression is used // in an access control rule, as the developer does not know that it's going // to be handled by this voter - if ($object instanceof Request) { - $variables['request'] = $object; + if ($subject instanceof Request) { + $variables['request'] = $subject; } return $variables; diff --git a/Core/Authorization/Voter/RoleVoter.php b/Core/Authorization/Voter/RoleVoter.php index 74e2363..b017c81 100644 --- a/Core/Authorization/Voter/RoleVoter.php +++ b/Core/Authorization/Voter/RoleVoter.php @@ -35,7 +35,7 @@ class RoleVoter implements VoterInterface /** * {@inheritdoc} */ - public function vote(TokenInterface $token, $object, array $attributes) + public function vote(TokenInterface $token, $subject, array $attributes) { $result = VoterInterface::ACCESS_ABSTAIN; $roles = $this->extractRoles($token); diff --git a/Core/Authorization/Voter/Voter.php b/Core/Authorization/Voter/Voter.php index 2674034..ba4d6af 100644 --- a/Core/Authorization/Voter/Voter.php +++ b/Core/Authorization/Voter/Voter.php @@ -24,20 +24,20 @@ abstract class Voter implements VoterInterface /** * {@inheritdoc} */ - public function vote(TokenInterface $token, $object, array $attributes) + public function vote(TokenInterface $token, $subject, array $attributes) { // abstain vote by default in case none of the attributes are supported $vote = self::ACCESS_ABSTAIN; foreach ($attributes as $attribute) { - if (!$this->supports($attribute, $object)) { + if (!$this->supports($attribute, $subject)) { continue; } // as soon as at least one attribute is supported, default is to deny access $vote = self::ACCESS_DENIED; - if ($this->voteOnAttribute($attribute, $object, $token)) { + if ($this->voteOnAttribute($attribute, $subject, $token)) { // grant access as soon as at least one attribute returns a positive response return self::ACCESS_GRANTED; } diff --git a/Core/Authorization/Voter/VoterInterface.php b/Core/Authorization/Voter/VoterInterface.php index 1697eaf..4bb7367 100644 --- a/Core/Authorization/Voter/VoterInterface.php +++ b/Core/Authorization/Voter/VoterInterface.php @@ -31,10 +31,10 @@ interface VoterInterface * ACCESS_GRANTED, ACCESS_DENIED, or ACCESS_ABSTAIN. * * @param TokenInterface $token A TokenInterface instance - * @param object|null $object The object to secure + * @param mixed $subject The subject to secure * @param array $attributes An array of attributes associated with the method being invoked * * @return int either ACCESS_GRANTED, ACCESS_ABSTAIN, or ACCESS_DENIED */ - public function vote(TokenInterface $token, $object, array $attributes); + public function vote(TokenInterface $token, $subject, array $attributes); } |