You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yesterday I was working on #23499 and #23906 And I think we have an issue with the current implementation of the expression in the workflow component (and also with other component).
I guess we can fix this by moving this check right here
But still, I'm not really happy with that.
The EL has two modes: a runtime and a compiled mode. But now I fail to see how someone could use the compiled mode with the current implementation (in the workflow, but also with the @Security annotation).
So, we do have checks for the runtime mode but not for the compiled mode (just above). So here it can lead to a fatal error.
Note: I did not check for the integration between the EL and the Router or the DIC. But I guess thing are optimized there (or it could be)
Note2: In Blackfire there are place where you can configure some expression and when I implemented this feature I did not used the pattern used in Symfony. I disabled the compiled mode and I used propre inject in the ExpressionLanguage class (or FunctionProvider, it's the same things). It was really simpler and flexible.
I would like to use propre injection in the workflow component, and if it's applicable also in other component.
What do you think ?
The text was updated successfully, but these errors were encountered:
xabbuh
added
RFC
RFC = Request For Comments (proposals about features that you want to be discussed)
Workflow
labels
Oct 6, 2017
Hello.
In different places place of Symfony, we can configure things with an expression. Some exemples:
Yesterday I was working on #23499 and #23906 And I think we have an issue with the current implementation of the expression in the workflow component (and also with other component).
With theses 2 PR if someone wants to use only
is_valid
and if the security is not enable of if the user is not connected he will get an exception: https://github.com/symfony/symfony/pull/23906/files#diff-7e071774bef81a2a6e1b4e5d81d8ace8R59 ; That's not cool.I guess we can fix this by moving this check right here
But still, I'm not really happy with that.
The EL has two modes: a runtime and a compiled mode. But now I fail to see how someone could use the compiled mode with the current implementation (in the workflow, but also with the
@Security
annotation).So, we do have checks for the runtime mode but not for the compiled mode (just above). So here it can lead to a fatal error.
So if it's not possible at all to use the compiled in theses uses case, why don't we use propose injection in classes like https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Workflow/EventListener/ExpressionLanguage.php or https://github.com/sensiolabs/SensioFrameworkExtraBundle/blob/master/Security/ExpressionLanguage.php insteand of relying of the presence or not of a special var? Obviously That would made the compiled mode unable to work.
Note: I did not check for the integration between the EL and the Router or the DIC. But I guess thing are optimized there (or it could be)
Note2: In Blackfire there are place where you can configure some expression and when I implemented this feature I did not used the pattern used in Symfony. I disabled the compiled mode and I used propre inject in the ExpressionLanguage class (or FunctionProvider, it's the same things). It was really simpler and flexible.
I would like to use propre injection in the workflow component, and if it's applicable also in other component.
What do you think ?
The text was updated successfully, but these errors were encountered: