Skip to content

Fix custom Roles in entity_provider cookbook. #2541

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 3, 2013
Merged

Fix custom Roles in entity_provider cookbook. #2541

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Fix custom Roles in entity_provider cookbook. 
The documentation seems to assume the implementation present in commit
symfony/symfony#1673, which reverted soon after due
to a potential, but undisclosed security hole (citation @schmittjoh in symfony/symfony@af70ac8).

This incorrect documentation has likely been the source of many
of the following issues:
* symfony/symfony#1538 - [ACL RoleSecurityIdentity] check if instance of Role
* symfony/symfony#1748 - Replace Role to RoleInterface for RoleSecurityIdentity
* symfony/symfony#4309 - Issue related to custom group (role) and ACL/ACE
* symfony/symfony#5026 - potential bug in Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity
* symfony/symfony#5076 - [Acl] altered the behaviour of RoleSecurityIdentity
* symfony/symfony#5171 - Fix/role security identity
* symfony/symfony#5303 - [Security] Check for RoleInterface instead of Role object in RoleSecurityIdentity
* symfony/symfony#5909 - Allow Custom Roles to implement the RoleInterface
* symfony/symfony#6012 - Securityidentity fix
  • Loading branch information
@m14t
m14t committed Apr 23, 2013
commit dd04a2ed9b46c6e8f56acf186ca61b68b5ed54df
7 changes: 3 additions & 4 deletions cookbook/security/entity_provider.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -592,21 +592,20 @@ The ``AcmeUserBundle:Group`` entity class defines three table fields (``id``,
``name`` and ``role``). The unique ``role`` field contains the role name used by
the Symfony security layer to secure parts of the application. The most
important thing to notice is that the ``AcmeUserBundle:Group`` entity class
implements the :class:`Symfony\\Component\\Security\\Core\\Role\\RoleInterface`
that forces it to have a ``getRole()`` method::
extends the :class:`Symfony\\Component\\Security\\Core\\Role\\Role`::

// src/Acme/Bundle/UserBundle/Entity/Group.php
namespace Acme\UserBundle\Entity;

use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\Role\Role;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;

/**
* @ORM\Table(name="acme_groups")
* @ORM\Entity()
*/
class Group implements RoleInterface
class Group extends Role
{
/**
* @ORM\Column(name="id", type="integer")
Expand Down