Rewrote logic of AbstractVoter

wouterj · wouterj · commit 64fd6bd98207 · 2015-09-24T16:12:12.000+02:00
diff --git a/UPGRADE-3.0.md b/UPGRADE-3.0.md
@@ -680,6 +680,43 @@ UPGRADE FROM 2.x to 3.0
    ));
   ```
 
+ * The `AbstractVoter::getSupportedAttributes()` and `AbstractVoter::getSupportedClasses()`
+   methods have been removed in favor of `AbstractVoter::supports()`.
+
+   Before:
+
+   ```php
+   class MyVoter extends AbstractVoter
+   {
+       protected function getSupportedAttributes()
+       {
+           return array('CREATE', 'EDIT');
+       }
+
+       protected function getSupportedClasses()
+       {
+           return array('AppBundle\Entity\Post');
+       }
+
+       // ...
+   }
+   ```
+
+   After:
+
+   ```php
+   class MyVoter extends AbstractVoter
+   {
+       protected function supports($attribute, $class)
+       {
+           return $this->isClassInstanceOf($class, 'AppBundle\Entity\Post')
+               && in_array($attribute, array('CREATE', 'EDIT'));
+       }
+
+       // ...
+   }
+   ```
+
 ### Translator
 
  * The `Translator::setFallbackLocale()` method has been removed in favor of
diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md
@@ -12,9 +12,11 @@ CHANGELOG
    `Symfony\Component\Security\Http\Authentication\SimpleFormAuthenticatorInterface` instead
  * deprecated `Symfony\Component\Security\Core\Util\ClassUtils`, use
    `Symfony\Component\Security\Acl\Util\ClassUtils` instead
- * deprecated `supportsAttribute()` and `supportsClass()` attributes of
+ * deprecated `supportsAttribute()` and `supportsClass()` methods of
    `Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface` and
    `Symfony\Component\Security\Core\Authorization\Voter\VoterInterface`.
+ * deprecated `getSupportedAttributes()` and `getSupportedClasses()` methods of
+   `Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter`, use `supports()` instead.
 
 2.7.0
 -----
diff --git a/src/Symfony/Component/Security/Core/Authorization/Voter/AbstractVoter.php b/src/Symfony/Component/Security/Core/Authorization/Voter/AbstractVoter.php
@@ -26,6 +26,8 @@ abstract class AbstractVoter implements VoterInterface
      */
     public function supportsAttribute($attribute)
     {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+
         return in_array($attribute, $this->getSupportedAttributes());
     }
 
@@ -34,6 +36,8 @@ public function supportsAttribute($attribute)
      */
     public function supportsClass($class)
     {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+
         foreach ($this->getSupportedClasses() as $supportedClass) {
             if ($supportedClass === $class || is_subclass_of($class, $supportedClass)) {
                 return true;
@@ -58,12 +62,13 @@ public function supportsClass($class)
      */
     public function vote(TokenInterface $token, $object, array $attributes)
     {
-        if (!$object || !$this->supportsClass(get_class($object))) {
+        if (!$object) {
             return self::ACCESS_ABSTAIN;
         }
 
         // abstain vote by default in case none of the attributes are supported
         $vote = self::ACCESS_ABSTAIN;
+        $class = get_class($object);
 
         $reflector = new \ReflectionMethod($this, 'voteOnAttribute');
         $isNewOverwritten = $reflector->getDeclaringClass()->getName() !== 'Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter';
@@ -72,7 +77,7 @@ public function vote(TokenInterface $token, $object, array $attributes)
         }
 
         foreach ($attributes as $attribute) {
-            if (!$this->supportsAttribute($attribute)) {
+            if (!$this->supports($attribute, $class)) {
                 continue;
             }
 
@@ -95,19 +100,77 @@ public function vote(TokenInterface $token, $object, array $attributes)
         return $vote;
     }
 
+    /**
+     * Determines if the attribute and class are supported by this voter.
+     *
+     * To determine if the passed class is instance of the supported class, the
+     * isClassInstanceOf() method can be used.
+     *
+     * @param string $attribute An attribute
+     * @param string $class     The fully qualified class name of the passed object
+     *
+     * @return bool True if the attribute and class is supported, false otherwise
+     */
+    protected function supports($attribute, $class)
+    {
+        @trigger_error('The getSupportedClasses and getSupportedAttributes methods are deprecated since version 2.8 and will be removed in version 3.0. Overwrite supports instead.');
+
+        $classIsSupported = false;
+        foreach ($this->getSupportedClasses() as $supportedClass) {
+            if ($this->isClassInstanceOf($class, $supportedClass)) {
+                $classIsSupported = true;
+                break;
+            }
+        }
+
+        if (!$classIsSupported) {
+            return false;
+        }
+
+        if (!in_array($attribute, $this->getSupportedAttributes())) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * A helper method to test if the actual class is instanceof or equal
+     * to the expected class.
+     *
+     * @param string $actualClass   The actual class name
+     * @param string $expectedClass The expected class name
+     *
+     * @return bool
+     */
+    protected function isClassInstanceOf($actualClass, $expectedClass)
+    {
+        return $expectedClass === $actualClass || is_subclass_of($actualClass, $expectedClass);
+    }
+
     /**
      * Return an array of supported classes. This will be called by supportsClass.
      *
      * @return array an array of supported classes, i.e. array('Acme\DemoBundle\Model\Product')
+     *
+     * @deprecated since version 2.8, to be removed in 3.0. Use supports() instead.
      */
-    abstract protected function getSupportedClasses();
+    protected function getSupportedClasses()
+    {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+    }
 
     /**
      * Return an array of supported attributes. This will be called by supportsAttribute.
      *
      * @return array an array of supported attributes, i.e. array('CREATE', 'READ')
+     *
+     * @deprecated since version 2.8, to be removed in 3.0. Use supports() instead.
      */
-    abstract protected function getSupportedAttributes();
+    protected function getSupportedAttributes()
+    {
+        @trigger_error('The '.__METHOD__.' is deprecated since version 2.8 and will be removed in version 3.0.');
+    }
 
     /**
      * Perform a single access check operation on a given attribute, object and (optionally) user
diff --git a/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/AbstractVoterTest.php b/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/AbstractVoterTest.php
@@ -0,0 +1,56 @@
+<?php
+
+namespace Symfony\Component\Security\Core\Tests\Authorization\Voter;
+
+use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;
+use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
+
+class AbstractVoterTest_Voter extends AbstractVoter
+{
+    protected function isGranted($attribute, $object, $user = null)
+    {
+        return 'EDIT' === $attribute;
+    }
+
+    protected function supports($attribute, $class)
+    {
+        return $this->isClassInstanceOf($class, 'AbstractVoterTest_Object')
+            && in_array($attribute, array('EDIT', 'CREATE'));
+    }
+}
+
+class AbstractVoterTest extends \PHPUnit_Framework_TestCase
+{
+    protected $voter;
+    protected $object;
+    protected $token;
+
+    protected function setUp()
+    {
+        $this->voter = new AbstractVoterTest_Voter();
+        $this->object = $this->getMock('AbstractVoterTest_Object');
+        $this->token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+    }
+
+    public function testAttributeAndClassSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_GRANTED, $this->voter->vote($this->token, $this->object, array('EDIT')));
+        $this->assertEquals(VoterInterface::ACCESS_DENIED, $this->voter->vote($this->token, $this->object, array('CREATE')));
+    }
+
+    public function testAttributeNotSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_ABSTAIN, $this->voter->vote($this->token, $this->object, array('DELETE')));
+    }
+
+    public function testOneAttributeSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_GRANTED, $this->voter->vote($this->token, $this->object, array('DELETE', 'EDIT')));
+        $this->assertEquals(VoterInterface::ACCESS_DENIED, $this->voter->vote($this->token, $this->object, array('DELETE', 'CREATE')));
+    }
+
+    public function testClassNotSupported()
+    {
+        $this->assertEquals(VoterInterface::ACCESS_ABSTAIN, $this->voter->vote($this->token, $this->getMock('AbstractVoterTest_Object1'), array('EDIT')));
+    }
+}
diff --git a/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/LegacyAbstractVoterTest.php b/src/Symfony/Component/Security/Core/Tests/Authorization/Voter/LegacyAbstractVoterTest.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace Symfony\Component\Security\Core\Tests\Authorization\Voter;
+
+use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;
+
+class LegacyAbstractVoterTest_Voter extends AbstractVoter
+{
+    protected function getSupportedClasses()
+    {
+        return array('AbstractVoterTest_Object');
+    }
+
+    protected function getSupportedAttributes()
+    {
+        return array('EDIT', 'CREATE');
+    }
+
+    protected function isGranted($attribute, $object, $user = null)
+    {
+        return 'EDIT' === $attribute;
+    }
+}
+
+class LegacyAbstractVoterTest extends AbstractVoterTest
+{
+    protected function setUp()
+    {
+        parent::setUp();
+
+        $this->voter = new LegacyAbstractVoterTest_Voter();
+    }
+}
