[Security] Deprecate isGranted()/decide() on more than one attribute

wouterj · fabpot · commit a718b282c0e9 · 2019-09-24T17:21:01.000+02:00
diff --git a/Authorization/AccessDecisionManager.php b/Authorization/AccessDecisionManager.php
@@ -57,6 +57,10 @@ public function __construct(iterable $voters = [], string $strategy = self::STRA
      */
     public function decide(TokenInterface $token, array $attributes, $object = null)
     {
+        if (\count($attributes) > 1) {
+            @trigger_error('Passing more than one Security attribute to '.__METHOD__.' is deprecated since Symfony 4.4. Use multiple decide() calls or the expression language (e.g. "has_role(...) or has_role(...)") instead.', \E_USER_DEPRECATED);
+        }
+
         return $this->{$this->strategy}($token, $attributes, $object);
     }
 
diff --git a/Authorization/AuthorizationChecker.php b/Authorization/AuthorizationChecker.php
@@ -55,6 +55,8 @@ final public function isGranted($attributes, $subject = null): bool
 
         if (!\is_array($attributes)) {
             $attributes = [$attributes];
+        } else {
+            @trigger_error('Passing an array of Security attributes to '.__METHOD__.' is deprecated since Symfony 4.4. Use multiple isGranted() calls or the expression language (e.g. "has_role(...) or has_role(...)") instead.', \E_USER_DEPRECATED);
         }
 
         return $this->accessDecisionManager->decide($token, $attributes, $subject);
diff --git a/Tests/Authorization/AccessDecisionManagerTest.php b/Tests/Authorization/AccessDecisionManagerTest.php
@@ -37,7 +37,7 @@ public function testStrategies($strategy, $voters, $allowIfAllAbstainDecisions,
     /**
      * @dataProvider getStrategiesWith2RolesTests
      */
-    public function testStrategiesWith2Roles($token, $strategy, $voter, $expected)
+    public function testLegacyStrategiesWith2Roles($token, $strategy, $voter, $expected)
     {
         $manager = new AccessDecisionManager([$voter], $strategy);
 

Original file line number	Diff line number	Diff line change
`@@ -57,6 +57,10 @@ public function __construct(iterable $voters = [], string $strategy = self::STRA`
`57`	`57`	`*/`
`58`	`58`	`public function decide(TokenInterface $token, array $attributes, $object = null)`
`59`	`59`	`{`
	`60`	`+ if (\count($attributes) > 1) {`
	`61`	`+ @trigger_error('Passing more than one Security attribute to '.__METHOD__.' is deprecated since Symfony 4.4. Use multiple decide() calls or the expression language (e.g. "has_role(...) or has_role(...)") instead.', \E_USER_DEPRECATED);`
	`62`	`+ }`
	`63`	`+`
`60`	`64`	`return $this->{$this->strategy}($token, $attributes, $object);`
`61`	`65`	`}`
`62`	`66`
Original file line number	Diff line number	Diff line change
`@@ -55,6 +55,8 @@ final public function isGranted($attributes, $subject = null): bool`
`55`	`55`
`56`	`56`	`if (!\is_array($attributes)) {`
`57`	`57`	`$attributes = [$attributes];`
	`58`	`+ } else {`
	`59`	`+ @trigger_error('Passing an array of Security attributes to '.__METHOD__.' is deprecated since Symfony 4.4. Use multiple isGranted() calls or the expression language (e.g. "has_role(...) or has_role(...)") instead.', \E_USER_DEPRECATED);`
`58`	`60`	`}`
`59`	`61`
`60`	`62`	`return $this->accessDecisionManager->decide($token, $attributes, $subject);`
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ public function testStrategies($strategy, $voters, $allowIfAllAbstainDecisions,`
`37`	`37`	`/**`
`38`	`38`	`* @dataProvider getStrategiesWith2RolesTests`
`39`	`39`	`*/`
`40`		`- public function testStrategiesWith2Roles($token, $strategy, $voter, $expected)`
	`40`	`+ public function testLegacyStrategiesWith2Roles($token, $strategy, $voter, $expected)`
`41`	`41`	`{`
`42`	`42`	`$manager = new AccessDecisionManager([$voter], $strategy);`
`43`	`43`