Rewrote logic of AbstractVoter

wouterj · wouterj · commit 5bb4dd4db1f5 · 2015-08-09T14:59:23.000+02:00
diff --git a/src/Symfony/Component/Security/Core/Authorization/Voter/AbstractVoter.php b/src/Symfony/Component/Security/Core/Authorization/Voter/AbstractVoter.php
@@ -26,6 +26,8 @@ abstract class AbstractVoter implements VoterInterface
      */
     public function supportsAttribute($attribute)
     {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+
         return in_array($attribute, $this->getSupportedAttributes());
     }
 
@@ -34,6 +36,8 @@ public function supportsAttribute($attribute)
      */
     public function supportsClass($class)
     {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+
         foreach ($this->getSupportedClasses() as $supportedClass) {
             if ($supportedClass === $class || is_subclass_of($class, $supportedClass)) {
                 return true;
@@ -58,15 +62,16 @@ public function supportsClass($class)
      */
     public function vote(TokenInterface $token, $object, array $attributes)
     {
-        if (!$object || !$this->supportsClass(get_class($object))) {
+        if (!$object) {
             return self::ACCESS_ABSTAIN;
         }
 
         // abstain vote by default in case none of the attributes are supported
         $vote = self::ACCESS_ABSTAIN;
+        $class = get_class($object);
 
         foreach ($attributes as $attribute) {
-            if (!$this->supportsAttribute($attribute)) {
+            if (!$this->supports($attribute, $class)) {
                 continue;
             }
 
@@ -82,19 +87,57 @@ public function vote(TokenInterface $token, $object, array $attributes)
         return $vote;
     }
 
+    protected function supports($attribute, $class)
+    {
+        @trigger_error('The getSupportedClasses and getSupportedAttributes methods are deprecated since version 2.8 and will be removed in version 3.0. Overwrite supports instead.');
+
+        $classIsSupported = false;
+        foreach ($this->getSupportedClasses() as $supportedClass) {
+            if ($this->isClassInstanceOf($class, $supportedClass)) {
+                $classIsSupported = true;
+                break;
+            }
+        }
+
+        if (!$classIsSupported) {
+            return false;
+        }
+
+        if (!in_array($attribute, $this->getSupportedAttributes())) {
+            return false;
+        }
+
+        return true;
+    }
+
+    protected function isClassInstanceOf($actualClass, $expectedClass)
+    {
+        return $expectedClass === $actualClass || is_subclass_of($actualClass, $expectedClass);
+    }
+
     /**
      * Return an array of supported classes. This will be called by supportsClass
      *
      * @return array an array of supported classes, i.e. array('Acme\DemoBundle\Model\Product')
+     *
+     * @deprecated since version 2.8, to be removed in 3.0. Use supports() instead.
      */
-    abstract protected function getSupportedClasses();
+    protected function getSupportedClasses()
+    {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+    }
 
     /**
      * Return an array of supported attributes. This will be called by supportsAttribute
      *
      * @return array an array of supported attributes, i.e. array('CREATE', 'READ')
+     *
+     * @deprecated since version 2.8, to be removed in 3.0. Use supports() instead.
      */
-    abstract protected function getSupportedAttributes();
+    protected function getSupportedAttributes()
+    {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+    }
 
     /**
      * Perform a single access check operation on a given attribute, object and (optionally) user
diff --git a/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/AbstractVoterTest.php b/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/AbstractVoterTest.php
@@ -0,0 +1,57 @@
+<?php
+
+namespace Symfony\Component\Security\Core\Tests\Authorization\Voter;
+
+use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;
+use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+class AbstractVoterTest_Voter extends AbstractVoter
+{
+    protected function isGranted($attribute, $object, $user = null)
+    {
+        return 'EDIT' === $attribute;
+    }
+
+    protected function supports($attribute, $class)
+    {
+        return $this->isClassInstanceOf($class, 'AbstractVoterTest_Object')
+            && in_array($attribute, array('EDIT', 'CREATE'));
+    }
+}
+
+class AbstractVoterTest extends \PHPUnit_Framework_TestCase
+{
+    protected $voter;
+    protected $object;
+    protected $token;
+
+    protected function setUp()
+    {
+        $this->voter = new AbstractVoterTest_Voter();
+        $this->object = $this->getMock('AbstractVoterTest_Object');
+        $this->token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+    }
+
+    public function testAttributeAndClassSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_GRANTED, $this->voter->vote($this->token, $this->object, array('EDIT')));
+        $this->assertEquals(VoterInterface::ACCESS_DENIED, $this->voter->vote($this->token, $this->object, array('CREATE')));
+    }
+
+    public function testAttributeNotSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_ABSTAIN, $this->voter->vote($this->token, $this->object, array('DELETE')));
+    }
+
+    public function testOneAttributeSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_GRANTED, $this->voter->vote($this->token, $this->object, array('DELETE', 'EDIT')));
+        $this->assertEquals(VoterInterface::ACCESS_DENIED, $this->voter->vote($this->token, $this->object, array('DELETE', 'CREATE')));
+    }
+
+    public function testClassNotSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_ABSTAIN, $this->voter->vote($this->token, $this->getMock('AbstractVoterTest_Object1'), array('EDIT')));
+    }
+}
diff --git a/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/LegacyAbstractVoterTest.php b/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/LegacyAbstractVoterTest.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace Symfony\Component\Security\Core\Tests\Authorization\Voter;
+
+use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;
+
+class LegacyAbstractVoterTest_Voter extends AbstractVoter
+{
+    protected function getSupportedClasses()
+    {
+        return array('AbstractVoterTest_Object');
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function getSupportedAttributes()
+    {
+        return array('EDIT', 'CREATE');
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function isGranted($attribute, $object, $user = null)
+    {
+        return 'EDIT' === $attribute;
+    }
+}
+
+class LegacyAbstractVoterTest extends AbstractVoterTest
+{
+    protected function setUp()
+    {
+        parent::setUp();
+
+        $this->voter = new LegacyAbstractVoterTest_Voter();
+    }
+}
