New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security] Rename $subject to $object #34764
Comments
I'm not a native English speaker, but I can argue that "subject" is used instead of "object" in e-mail domain too (where the subject should be the sender and the object should be the title of e-mail). |
@garak , as far as i know, the |
The evidence for the subject/object meaning in the access control domain can be found here: https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Access_Control_Systems
Same here: https://www.eit.lth.se/fileadmin/eit/courses/eit060/lect/Lect5.pdf. |
I understand why you dislike What about |
@romaricdrigon , that's a cool idea, I like it! Feels like it will resolve any problems with meaning. |
I think we renamed it from |
@jvasseur , I would disagree that nowadays PHP developers tend to judge about variable's type by its name in the first place. We all know that variable name is a semantic attribute in the first place, not a type declaration replacement. Variable name is the meaning of the value within the given context. I think that |
@wouterj , what do you think about this issue? |
Thank you for this suggestion. |
Friendly ping? Should this still be open? I will close if I don't hear anything. |
Hey, I didn't hear anything so I'm going to close it. Feel free to comment if this is still relevant, I can always reopen! |
User creates an article. User is the subject (the one who does the action) and article is the object (what action is applied to). See https://www.lexico.com/en/grammar/subjects-and-objects or any other resource on the topic.
Currently we have a wrong variable name in
Security
,VoterInterface
and exception classes. TheAccessDecisionManagerInterface
is nonetheless correct.I propose to replace
$subject
with$object
in4.3
and redeprecate (see #19969)AccessDeniedException::(g|s)etSubject
inmaster
.The text was updated successfully, but these errors were encountered: