[Security] deprecate the RoleInterface #20801
Conversation
xabbuh
commented
Dec 6, 2016
| Q | A |
|---|---|
| Branch? | master |
| Bug fix? | no |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | |
| License | MIT |
| Doc PR |
| * @param RoleInterface[]|string[] $roles An array of roles | ||
| * @param UserInterface $user The user! | ||
| * @param string $providerKey The provider (firewall) key | ||
| * @param Role[]|string[] $roles An array of roles |
There was a problem hiding this comment.
same as before (Role|string)[] ?
There was a problem hiding this comment.
Of course, good catch @yceruto!
48507c6 to
807b60d
Compare
|
What about triggering a deprecation at least from the |
|
@ogizanagi But such a role would have triggered the deprecation already because of the |
|
Right. I forgot about this behavior. |
| @@ -18,6 +18,8 @@ | |||
| * supported by at least one AccessDecisionManager. | |||
| * | |||
| * @author Fabien Potencier <fabien@symfony.com> | |||
| * | |||
| * @deprecated The RoleInterface is deprecated since version 3.3 and will be removed in 4.0. Use the Symfony\Component\Security\Core\Role\Role class instead. | |||
There was a problem hiding this comment.
Extend the ... instead of Use the ...?
807b60d to
0393724
Compare
|
Thank you @xabbuh. |
This PR was merged into the 3.3-dev branch. Discussion ---------- [Security] deprecate the RoleInterface | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | | License | MIT | Doc PR | Commits ------- 0393724 [Security] deprecate the RoleInterface
|
@fabpot we talked about deprecating the usage of objects as roles entirely in the past, relying on strings only. Should we move forward on this topic ? |
|
@stof Indeed, that would be a fantastic move for 4.0. |
Where was this discussed? Can you pls link this, so others and me can understand why this is the better way? |
…es (xabbuh) This PR was merged into the 4.3-dev branch. Discussion ---------- [Security] deprecate the Role and SwitchUserRole classes | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | #20824 | License | MIT | Doc PR | symfony/symfony-docs#11047 In #20801, we deprecated the `RoleInterface`. The next logical step would be to also deprecate the `Role` class. However, we currently have the `SwitchUserRole` class (a sub-class of `Role`) that acts as an indicator to check whether or not the authenticated user switched to another user. This PR proposes an alternative solution to the usage of the special `SwitchUserRole` class by storing the original token inside the `UsernamePasswordToken`. This PR is not complete, but rather acts as a proof of concept of how we could get rid of the `Role` and the `SwitchUserRole` classes. Please share your opinions whether you think this is a valid approach and I will be happy to finalise the PR. Commits ------- d7aaa61 deprecate the Role and SwitchUserRole classes