Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feature #19034 [Security] make it possible to configure a custom acce…
…ss decision manager service (xabbuh) This PR was merged into the 3.4 branch. Discussion ---------- [Security] make it possible to configure a custom access decision manager service | Q | A | | --- | --- | | Branch? | 3.4 | | Bug fix? | no | | New feature? | yes | | BC breaks? | no | | Deprecations? | no | | Tests pass? | yes | | Fixed tickets | #942, #14049, #15295, #16828, #16843, | | License | MIT | | Doc PR | TODO | These changes will make it possible to let users define their own voting strategies without the need for custom compiler passes that replace the built-in `AccessDecisionManager` (see linked issues in the PR table for some use cases). Commits ------- e0913a2 add option to define the access decision manager
- Loading branch information
Showing
12 changed files
with
196 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
16 changes: 16 additions & 0 deletions
16
...undle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_default_strategy.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
<?php | ||
|
||
$container->loadFromExtension('security', array( | ||
'providers' => array( | ||
'default' => array( | ||
'memory' => array( | ||
'users' => array( | ||
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'), | ||
), | ||
), | ||
), | ||
), | ||
'firewalls' => array( | ||
'simple' => array('pattern' => '/login', 'security' => false), | ||
), | ||
)); |
19 changes: 19 additions & 0 deletions
19
...SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_service.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
<?php | ||
|
||
$container->loadFromExtension('security', array( | ||
'access_decision_manager' => array( | ||
'service' => 'app.access_decision_manager', | ||
), | ||
'providers' => array( | ||
'default' => array( | ||
'memory' => array( | ||
'users' => array( | ||
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'), | ||
), | ||
), | ||
), | ||
), | ||
'firewalls' => array( | ||
'simple' => array('pattern' => '/login', 'security' => false), | ||
), | ||
)); |
20 changes: 20 additions & 0 deletions
20
...e/Tests/DependencyInjection/Fixtures/php/access_decision_manager_service_and_strategy.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<?php | ||
|
||
$container->loadFromExtension('security', array( | ||
'access_decision_manager' => array( | ||
'service' => 'app.access_decision_manager', | ||
'strategy' => 'affirmative', | ||
), | ||
'providers' => array( | ||
'default' => array( | ||
'memory' => array( | ||
'users' => array( | ||
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'), | ||
), | ||
), | ||
), | ||
), | ||
'firewalls' => array( | ||
'simple' => array('pattern' => '/login', 'security' => false), | ||
), | ||
)); |
16 changes: 16 additions & 0 deletions
16
...undle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_default_strategy.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<srv:container xmlns="http://symfony.com/schema/dic/security" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xmlns:srv="http://symfony.com/schema/dic/services" | ||
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"> | ||
|
||
<config> | ||
<provider name="default"> | ||
<memory> | ||
<user name="foo" password="foo" roles="ROLE_USER" /> | ||
</memory> | ||
</provider> | ||
|
||
<firewall name="simple" pattern="/login" security="false" /> | ||
</config> | ||
</srv:container> |
18 changes: 18 additions & 0 deletions
18
...SecurityBundle/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_service.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<srv:container xmlns="http://symfony.com/schema/dic/security" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xmlns:srv="http://symfony.com/schema/dic/services" | ||
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"> | ||
|
||
<config> | ||
<access-decision-manager service="app.access_decision_manager" /> | ||
|
||
<provider name="default"> | ||
<memory> | ||
<user name="foo" password="foo" roles="ROLE_USER" /> | ||
</memory> | ||
</provider> | ||
|
||
<firewall name="simple" pattern="/login" security="false" /> | ||
</config> | ||
</srv:container> |
18 changes: 18 additions & 0 deletions
18
...e/Tests/DependencyInjection/Fixtures/xml/access_decision_manager_service_and_strategy.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<srv:container xmlns="http://symfony.com/schema/dic/security" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xmlns:srv="http://symfony.com/schema/dic/services" | ||
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"> | ||
|
||
<config> | ||
<access-decision-manager service="app.access_decision_manager" strategy="affirmative" /> | ||
|
||
<provider name="default"> | ||
<memory> | ||
<user name="foo" password="foo" roles="ROLE_USER" /> | ||
</memory> | ||
</provider> | ||
|
||
<firewall name="simple" pattern="/login" security="false" /> | ||
</config> | ||
</srv:container> |
8 changes: 8 additions & 0 deletions
8
...undle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_default_strategy.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
security: | ||
providers: | ||
default: | ||
memory: | ||
users: | ||
foo: { password: foo, roles: ROLE_USER } | ||
firewalls: | ||
simple: { pattern: /login, security: false } |
10 changes: 10 additions & 0 deletions
10
...SecurityBundle/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_service.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
security: | ||
access_decision_manager: | ||
service: app.access_decision_manager | ||
providers: | ||
default: | ||
memory: | ||
users: | ||
foo: { password: foo, roles: ROLE_USER } | ||
firewalls: | ||
simple: { pattern: /login, security: false } |
11 changes: 11 additions & 0 deletions
11
...e/Tests/DependencyInjection/Fixtures/yml/access_decision_manager_service_and_strategy.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
security: | ||
access_decision_manager: | ||
service: app.access_decision_manager | ||
strategy: affirmative | ||
providers: | ||
default: | ||
memory: | ||
users: | ||
foo: { password: foo, roles: ROLE_USER } | ||
firewalls: | ||
simple: { pattern: /login, security: false } |