Merge pull request #2107 from tarlepp/feat/remove-security-attribute

Chore(deprecations) - Refactored deprecated `#[Security(...)]` attribute to use core `#[IsGranted(...)]` attribute
tarlepp · Dec 27, 2022 · 41622d9 · 41622d9
2 parents 2170fcc + 02281dd
commit 41622d9
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 24 deletions.
diff --git a/src/Controller/v1/User/UserGroupsController.php b/src/Controller/v1/User/UserGroupsController.php
@@ -10,14 +10,13 @@
 
 use App\Entity\User;
 use App\Entity\UserGroup;
-use App\Resource\UserResource;
 use Nelmio\ApiDocBundle\Annotation\Model;
 use OpenApi\Annotations as OA;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Serializer\SerializerInterface;
 
 /**
@@ -87,18 +86,14 @@ public function __construct(
      *  )
      */
     #[Route(
-        path: '/v1/user/{requestUser}/groups',
+        path: '/v1/user/{user}/groups',
         requirements: [
-            'requestUser' => '%app.uuid_v1_regex%',
+            'user' => '%app.uuid_v1_regex%',
         ],
         methods: [Request::METHOD_GET],
     )]
-    #[Security('is_granted("IS_USER_HIMSELF", requestUser) or is_granted("ROLE_ROOT")')]
-    #[ParamConverter(
-        data: 'requestUser',
-        class: UserResource::class,
-    )]
-    public function __invoke(User $requestUser): JsonResponse
+    #[IsGranted(new Expression('is_granted("IS_USER_HIMSELF", object) or "ROLE_ROOT" in role_names'), 'user')]
+    public function __invoke(User $user): JsonResponse
     {
         $groups = [
             'groups' => [
@@ -107,7 +102,7 @@ public function __invoke(User $requestUser): JsonResponse
         ];
 
         return new JsonResponse(
-            $this->serializer->serialize($requestUser->getUserGroups()->getValues(), 'json', $groups),
+            $this->serializer->serialize($user->getUserGroups()->getValues(), 'json', $groups),
             json: true
         );
     }

diff --git a/src/Controller/v1/User/UserRolesController.php b/src/Controller/v1/User/UserRolesController.php
@@ -9,14 +9,13 @@
 namespace App\Controller\v1\User;
 
 use App\Entity\User;
-use App\Resource\UserResource;
 use App\Security\RolesService;
 use OpenApi\Annotations as OA;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 /**
  * Class UserRolesController
@@ -80,19 +79,15 @@ public function __construct(
      *  )
      */
     #[Route(
-        path: '/v1/user/{requestUser}/roles',
+        path: '/v1/user/{user}/roles',
         requirements: [
-            'requestUser' => '%app.uuid_v1_regex%',
+            'user' => '%app.uuid_v1_regex%',
         ],
         methods: [Request::METHOD_GET],
     )]
-    #[Security('is_granted("IS_USER_HIMSELF", requestUser) or is_granted("ROLE_ROOT")')]
-    #[ParamConverter(
-        data: 'requestUser',
-        class: UserResource::class,
-    )]
-    public function __invoke(User $requestUser): JsonResponse
+    #[IsGranted(new Expression('is_granted("IS_USER_HIMSELF", object) or "ROLE_ROOT" in role_names'), 'user')]
+    public function __invoke(User $user): JsonResponse
     {
-        return new JsonResponse($this->rolesService->getInheritedRoles($requestUser->getRoles()));
+        return new JsonResponse($this->rolesService->getInheritedRoles($user->getRoles()));
     }
 }