[3.0 Cleanup] Removal of the SecurityContext #12445
Conversation
|
It's correct that the |
|
@iltar thanks for preparing this PR and for your work on the security component of Symfony. However, I'd like to ask you to reconsider the title of this PR. The use of the "Extermination" word feels extremely strong and disturbing to me. If you agree, you could replace it with Removal. |
|
@javiereguiluz No problem! I've changed the title |
|
@iltar thanks for your quick response! |
| * | ||
| * @author Fabien Potencier <fabien@symfony.com> | ||
| */ | ||
| class SecurityExtension extends \Twig_Extension | ||
| { | ||
| private $context; | ||
| private $authorization; |
There was a problem hiding this comment.
it should be authorizationChecker, not authorization (it is not an authorization, it is a checker)
|
We should prepare the migration in a forward compatible way, to avoid people starting to work with 2.6 components to have to handle this BC break in 3.0. Constructors expecting a SecurityContextInterface should also accept a TokenStorageInterface or AuthorizationCheckerInterface (depending on the case), so that both the old and the new API are accepted. |
|
@stof to some degree I think it should be done. However, this will provide a lot of work for internal classes, that if overwritten by people, will only break things. Considering that just replacing it took me 8 hours, I don't mind keeping this PR open for a year for 3.0. I just don't think there will be any benefit doing this for 1 patch in 2.*. |
|
@iltar We are now ready to merge such PRs. Can you rebase on current master? Thanks. |
|
@fabpot I will start working on it |
|
Thanks. |
|
Seems like there are some unrelated test broken in the |
| @@ -511,6 +512,27 @@ UPGRADE FROM 2.x to 3.0 | |||
| ### Security | |||
|
|
|||
| * The `Resources/` directory was moved to `Core/Resources/` | |||
| * [BC BREAK] All usages of `SecurityContext` and `SecurityContextInterface` have been replaced by either the | |||
| `TokenStorageInterface` or `AuthorizationCheckerInterface`, this includes _all_ class. | |||
There was a problem hiding this comment.
Maybe change to "this includes all classes"?
There was a problem hiding this comment.
What does this includes all class mean ?
|
@iltar Can you rebase so that we can merge it? Thanks. |
|
@fabpot The tests are flaky. Sometimes it runs out of memory, sometimes I get failing tests and sometimes they all succeed. I think it might have been cache related, but not sure. |
|
@iltar Sorry to ask you this again but can you rebase? Ping me when it's done and I will merge right away. |
|
@fabpot rebase is done, I have no idea what phpunit did that made it unable to resolve a 2.8 dependency. I can't find the command that was executed that made fail so I cannot reproduce it myself, any way to find out which that was? No idea why 3.0 is tested against a 2.8 dependency |
|
@nicolas-grekas should know about this (https://travis-ci.org/symfony/symfony/jobs/80268574#L2143) |
| * [BC BREAK] All usages of `SecurityContext` and `SecurityContextInterface` have been replaced by either the | ||
| `TokenStorageInterface` or `AuthorizationCheckerInterface`, this includes _all_ class. | ||
| * [BC BREAK] Removed the `SecurityContext` class and `SecurityContextInterface` | ||
| * [BC BREAK] Constants from `SecurityContextInterface` are removed in favor of the constants in `Security` |
There was a problem hiding this comment.
Maybe provide a Fully qualified class-name for Security?
|
@iltar changing the composer.json in 2.8 will fix the issue: - "symfony/http-kernel": "~2.2|~3.0.0"
+ "symfony/http-kernel": "~2.8"this constraint should already come from framework-bundle since this is how it is there, but I guess composer has a bug here (mixing constraints from dev+not-dev+custom repository?) |
| @@ -1,6 +1,10 @@ | |||
| CHANGELOG | |||
| ========= | |||
|
|
|||
| 3.0.0 | |||
| ----- | |||
| * [BC BREAK] `SecurityExtension::__construct()` now uses `AuthorizationCheckerInterface` instead of `SecurityContextInterface` | |||
|
|
||
| return $mock; | ||
| } | ||
|
|
||
| protected function createPasswordEncoder($isPasswordValid = true) | ||
| { | ||
| return $this->getMock('Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface'); | ||
| return $this->getMock(PasswordEncoderInterface::class); |
There was a problem hiding this comment.
this should be reverted. It makes merging branches harder (2.8 will keep using the string for the next 3 year of maintenance) and it does not add any real value to counterpart the maintenance pain
|
I think it would be much easier to recreate the PR from scratch: 90% of the changes done in this PR have to be reverted. |
|
@stof I agree, it's becoming a mess because the PR is pretty old. I will get to this the start of next week. |
This PR was merged into the 3.0-dev branch. Discussion ---------- [3.0] Finish of the SecurityContext (follow-up pr) | Q | A | ------------- | --- | Fixed tickets | #12445 | License | MIT | Doc PR | ~ Because the original PR was getting too big for pretty much nothing (everything was already done in smaller commits over time), I have opened just this PR to confirm the changes by adding it to the CHANGELOG.md files. Commits ------- 351ebfc Updated CHANGELOG
As follow up for PR #11690 in 2.6, I have removed the
SecurityContext,SecurityContextInterfaceandsecurity.contextservice. I have split the parts in separate commits to make it easier to review but I can squash them if desired.I will submit the changes to the documentation when a branch is available to do so.Docs are already updated.