Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security] Add argument $exceptionCode to #[IsGranted] #49721

Merged
merged 1 commit into from
Mar 20, 2023
Merged

[Security] Add argument $exceptionCode to #[IsGranted] #49721

merged 1 commit into from
Mar 20, 2023

Conversation

mazumba
Copy link

@mazumba mazumba commented Mar 17, 2023
edited
Loading

Q A
Branch? 6.3
Bug fix? no
New feature? yes
Deprecations? no
Tickets no
License MIT
Doc PR

In my current project, we transform HttpExceptions into a custom JsonResponse with fields like
success: false, message: "No access to account.", exceptionCode: 10010. To throw the exception, the IsGranted-attribute is used with a custom voter. The problem here is, that, in order to return a specific exception-code, we have to throw the Http-exception inside the voter, instead of just returning false as intended.
This is only viable in our case, since we have priority as our access decision strategy.

My suggestion here is to extend the properties of IsGranted by exceptionCode and throw a HttpException inside the IsGrantedListener, whenever the property is used. So the same behaviour as with the statusCode property.

Example:
#[IsGranted(attribute: 'ROLE_ADMIN', message: 'No access to account.', statusCode: 403, exceptionCode: 10010)]

@carsonbot carsonbot added this to the 6.3 milestone Mar 17, 2023
@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 6.3 branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@carsonbot carsonbot changed the title [Attribute] [Http] [Security] Add errorCode to IsGranted properties [Security] [Attribute] [Http] Add errorCode to IsGranted properties Mar 17, 2023
@nicolas-grekas nicolas-grekas changed the title [Security] [Attribute] [Http] Add errorCode to IsGranted properties [Security] Add argument $exceptionCode to #[IsGranted] Mar 20, 2023
@nicolas-grekas
Copy link
Member

Thank you @mazumba.

@nicolas-grekas nicolas-grekas merged commit d7abade into symfony:6.3 Mar 20, 2023
@nicolas-grekas nicolas-grekas mentioned this pull request Mar 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas left review comments

@ro0NL ro0NL ro0NL left review comments

@wouterj wouterj Awaiting requested review from wouterj

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Feature Security Status: Needs Review
Projects
None yet
Milestone
6.3
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mazumba @carsonbot @nicolas-grekas @ro0NL