minor #48102 [Security] Remove special case for #[IsGranted()] subject (HypeMC)

chalasr · chalasr · commit 4d4c411a609e · 2022-11-04T13:06:11.000+01:00
This PR was merged into the 6.2 branch. Discussion ---------- [Security] Remove special case for `#[IsGranted()]` subject | Q | A | ------------- | --- | Branch? | 6.2 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | Fix #48080 (comment) | License | MIT | Doc PR | - Addresses a comment by `@stof` Instead of having `request` as a special case, an expression can be used instead: ```diff -#[IsGranted(attribute: 'SOME_ATTRIBUTE', subject: 'request')] +#[IsGranted(attribute: 'SOME_ATTRIBUTE', subject: new Expression('request'))] public function index() { } ``` Commits ------- 3e0ac4f [Security] Remove special case for #[IsGranted()] subject
diff --git a/src/Symfony/Component/Security/Http/EventListener/IsGrantedAttributeListener.php b/src/Symfony/Component/Security/Http/EventListener/IsGrantedAttributeListener.php
@@ -92,9 +92,6 @@ private function getIsGrantedSubject(string|Expression $subjectRef, Request $req
         }
 
         if (!\array_key_exists($subjectRef, $arguments)) {
-            if ('request' === $subjectRef) {
-                return $request;
-            }
             throw new RuntimeException(sprintf('Could not find the subject "%s" for the #[IsGranted] attribute. Try adding a "$%s" argument to your controller method.', $subjectRef, $subjectRef));
         }
 
diff --git a/src/Symfony/Component/Security/Http/Tests/EventListener/IsGrantedAttributeListenerTest.php b/src/Symfony/Component/Security/Http/Tests/EventListener/IsGrantedAttributeListenerTest.php
@@ -13,12 +13,12 @@
 
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\ExpressionLanguage\Expression;
+use Symfony\Component\ExpressionLanguage\ExpressionLanguage;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Event\ControllerArgumentsEvent;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
-use Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\Security\Http\EventListener\IsGrantedAttributeListener;
 use Symfony\Component\Security\Http\Tests\Fixtures\IsGrantedAttributeController;
@@ -363,7 +363,7 @@ public function testIsGrantedWithNestedExpressionInSubject()
         $listener->onKernelControllerArguments($event);
     }
 
-    public function testIsGrantedWithRequestAsSubjectAndNoArgument()
+    public function testIsGrantedWithRequestAsSubject()
     {
         $request = new Request();
 
@@ -375,33 +375,13 @@ public function testIsGrantedWithRequestAsSubjectAndNoArgument()
 
         $event = new ControllerArgumentsEvent(
             $this->createMock(HttpKernelInterface::class),
-            [new IsGrantedAttributeMethodsController(), 'withRequestAsSubjectAndNoArgument'],
+            [new IsGrantedAttributeMethodsController(), 'withRequestAsSubject'],
             [],
             $request,
             null
         );
 
-        $listener = new IsGrantedAttributeListener($authChecker);
-        $listener->onKernelControllerArguments($event);
-    }
-
-    public function testIsGrantedWithRequestAsSubjectAndArgument()
-    {
-        $authChecker = $this->createMock(AuthorizationCheckerInterface::class);
-        $authChecker->expects($this->once())
-            ->method('isGranted')
-            ->with('SOME_VOTER', 'foobar')
-            ->willReturn(true);
-
-        $event = new ControllerArgumentsEvent(
-            $this->createMock(HttpKernelInterface::class),
-            [new IsGrantedAttributeMethodsController(), 'withRequestAsSubjectAndArgument'],
-            ['foobar'],
-            new Request(),
-            null
-        );
-
-        $listener = new IsGrantedAttributeListener($authChecker);
+        $listener = new IsGrantedAttributeListener($authChecker, new ExpressionLanguage());
         $listener->onKernelControllerArguments($event);
     }
 }
diff --git a/src/Symfony/Component/Security/Http/Tests/Fixtures/IsGrantedAttributeMethodsController.php b/src/Symfony/Component/Security/Http/Tests/Fixtures/IsGrantedAttributeMethodsController.php
@@ -63,13 +63,8 @@ public function withNestedExpressionInSubject($post, $arg2Name)
     {
     }
 
-    #[IsGranted(attribute: 'SOME_VOTER', subject: 'request')]
-    public function withRequestAsSubjectAndNoArgument()
-    {
-    }
-
-    #[IsGranted(attribute: 'SOME_VOTER', subject: 'request')]
-    public function withRequestAsSubjectAndArgument($request)
+    #[IsGranted(attribute: 'SOME_VOTER', subject: new Expression('request'))]
+    public function withRequestAsSubject()
     {
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -92,9 +92,6 @@ private function getIsGrantedSubject(string\|Expression $subjectRef, Request $req`
`92`	`92`	`}`
`93`	`93`
`94`	`94`	`if (!\array_key_exists($subjectRef, $arguments)) {`
`95`		`- if ('request' === $subjectRef) {`
`96`		`- return $request;`
`97`		`- }`
`98`	`95`	`throw new RuntimeException(sprintf('Could not find the subject "%s" for the #[IsGranted] attribute. Try adding a "$%s" argument to your controller method.', $subjectRef, $subjectRef));`
`99`	`96`	`}`
`100`	`97`
Original file line number	Diff line number	Diff line change
`@@ -63,13 +63,8 @@ public function withNestedExpressionInSubject($post, $arg2Name)`
`63`	`63`	`{`
`64`	`64`	`}`
`65`	`65`
`66`		`- #[IsGranted(attribute: 'SOME_VOTER', subject: 'request')]`
`67`		`- public function withRequestAsSubjectAndNoArgument()`
`68`		`- {`
`69`		`- }`
`70`		`-`
`71`		`- #[IsGranted(attribute: 'SOME_VOTER', subject: 'request')]`
`72`		`- public function withRequestAsSubjectAndArgument($request)`
	`66`	`+ #[IsGranted(attribute: 'SOME_VOTER', subject: new Expression('request'))]`
	`67`	`+ public function withRequestAsSubject()`
`73`	`68`	`{`
`74`	`69`	`}`
`75`	`70`	`}`