Skip to content

Commit f81e3e8

Browse files
chalasrchalasr
authored
feat(symfony): Deprecate the $exceptionOnNoToken parameter in ResourceAccessChecker::__construct() (#4900)
1 parent 2d70525 commit f81e3e8

File tree

3 files changed

+19
-5
lines changed

3 files changed

+19
-5
lines changed

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,9 @@
11
# Changelog
22

3+
## 2.7.0-rc.3
4+
5+
* Symfony: deprecate the `$exceptionOnNoToken` parameter in `ResourceAccessChecker::__construct()` (#4900)
6+
37
## 2.7.0-beta.5
48

59
* Serializer: ignore no-operation on SerializeListener (#4828)

src/Symfony/Security/ResourceAccessChecker.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,11 @@ public function __construct(ExpressionLanguage $expressionLanguage = null, Authe
4343
$this->roleHierarchy = $roleHierarchy;
4444
$this->tokenStorage = $tokenStorage;
4545
$this->authorizationChecker = $authorizationChecker;
46-
$this->exceptionOnNoToken = $exceptionOnNoToken;
46+
47+
if (5 < func_num_args()) {
48+
$this->exceptionOnNoToken = $exceptionOnNoToken;
49+
trigger_deprecation('api-platform/core', '2.7', 'The $exceptionOnNoToken parameter in "%s()" is deprecated and will always be false in 3.0, you should stop using it.', __METHOD__);
50+
}
4751
}
4852

4953
public function isGranted(string $resourceClass, string $expression, array $extraVariables = []): bool

tests/Symfony/Security/ResourceAccessCheckerTest.php

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
use ApiPlatform\Tests\Fixtures\TestBundle\Entity\Dummy;
2121
use PHPUnit\Framework\TestCase;
2222
use Prophecy\Argument;
23+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
2324
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
2425
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
2526
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -30,6 +31,7 @@
3031
*/
3132
class ResourceAccessCheckerTest extends TestCase
3233
{
34+
use ExpectDeprecationTrait;
3335
use ProphecyTrait;
3436

3537
/**
@@ -56,7 +58,7 @@ public function testIsGranted(bool $granted)
5658

5759
$tokenStorageProphecy->getToken()->willReturn($token);
5860

59-
$checker = new ResourceAccessChecker($expressionLanguageProphecy->reveal(), $authenticationTrustResolverProphecy->reveal(), null, $tokenStorageProphecy->reveal());
61+
$checker = new ResourceAccessChecker($expressionLanguageProphecy->reveal(), $authenticationTrustResolverProphecy->reveal(), null, $tokenStorageProphecy->reveal(), null, false);
6062
$this->assertSame($granted, $checker->isGranted(Dummy::class, 'is_granted("ROLE_ADMIN")'));
6163
}
6264

@@ -70,7 +72,7 @@ public function testSecurityComponentNotAvailable()
7072
$this->expectException(\LogicException::class);
7173
$this->expectExceptionMessage('The "symfony/security" library must be installed to use the "security" attribute.');
7274

73-
$checker = new ResourceAccessChecker($this->prophesize(ExpressionLanguage::class)->reveal());
75+
$checker = new ResourceAccessChecker($this->prophesize(ExpressionLanguage::class)->reveal(), null, null, null, null, false);
7476
$checker->isGranted(Dummy::class, 'is_granted("ROLE_ADMIN")');
7577
}
7678

@@ -83,19 +85,23 @@ public function testExpressionLanguageNotInstalled()
8385
$tokenStorageProphecy = $this->prophesize(TokenStorageInterface::class);
8486
$tokenStorageProphecy->getToken()->willReturn($this->prophesize(TokenInterface::class)->willImplement(Serializable::class)->reveal());
8587

86-
$checker = new ResourceAccessChecker(null, $authenticationTrustResolverProphecy->reveal(), null, $tokenStorageProphecy->reveal());
88+
$checker = new ResourceAccessChecker(null, $authenticationTrustResolverProphecy->reveal(), null, $tokenStorageProphecy->reveal(), null, false);
8789
$checker->isGranted(Dummy::class, 'is_granted("ROLE_ADMIN")');
8890
}
8991

92+
/**
93+
* @group legacy
94+
*/
9095
public function testNotBehindAFirewall()
9196
{
97+
$this->expectDeprecation('Since api-platform/core 2.7: The $exceptionOnNoToken parameter in "ApiPlatform\Symfony\Security\ResourceAccessChecker::__construct()" is deprecated and will always be false in 3.0, you should stop using it.');
9298
$this->expectException(\LogicException::class);
9399
$this->expectExceptionMessage('The current token must be set to use the "security" attribute (is the URL behind a firewall?).');
94100

95101
$authenticationTrustResolverProphecy = $this->prophesize(AuthenticationTrustResolverInterface::class);
96102
$tokenStorageProphecy = $this->prophesize(TokenStorageInterface::class);
97103

98-
$checker = new ResourceAccessChecker(null, $authenticationTrustResolverProphecy->reveal(), null, $tokenStorageProphecy->reveal());
104+
$checker = new ResourceAccessChecker(null, $authenticationTrustResolverProphecy->reveal(), null, $tokenStorageProphecy->reveal(), null, true);
99105
$checker->isGranted(Dummy::class, 'is_granted("ROLE_ADMIN")');
100106
}
101107

0 commit comments

Comments
 (0)