[英]Symfony Voter constant usages
我定義了一個voteOnAttribute
,尤其是voteOnAttribute
方法:
public function voteOnAttribute($attributes, $subject, TokenInterface $token) {
$user = $token->getUser();
if (!$user instanceof User) {
return false;
// return static::ACCESS_DENIED
}
if(!$subject instanceof PrivateResource) {
throw new Exception('Media type mismatch : private resource expected here');
}
// Check company is elligible here
if(!$subject->getCompanies()->contains($user->getCompany())){
return false;
// return static::ACCESS_DENIED
}
return static::ACCESS_GRANTED;
}
為什么在我的方法中不能使用VoterInterface
常量( ACCESS_GRANTED
, ACCESS_ABSTAIN
, ACCESS_DENIED
)?
如果這樣做,由於抽象類Voter
的方法vote
,將不執行拒絕訪問的決定:
public function vote(TokenInterface $token, $subject, array $attributes)
{
// abstain vote by default in case none of the attributes are supported
$vote = self::ACCESS_ABSTAIN;
foreach ($attributes as $attribute) {
if (!$this->supports($attribute, $subject)) {
continue;
}
// as soon as at least one attribute is supported, default is to deny access
$vote = self::ACCESS_DENIED;
if ($this->voteOnAttribute($attribute, $subject, $token)) {
// grant access as soon as at least one attribute returns a positive response
return self::ACCESS_GRANTED;
}
}
return $vote;
}
由於在VoterInterface
ACCESS_DENIED
常量設置為-1,因此if ($this->voteOnAttribute($attribute, $subject, $token))
VoterInterface
為-1, if ($this->voteOnAttribute($attribute, $subject, $token))
條件也為true。
我在這里誤會什么? 這些常量是否計划在我們的自定義voteOnAttribute
方法中使用?
注意:我在security.yml
中將選民策略設置為unanimous
首先,我以為我誤解了文檔。
但是symfony版本之間的文檔有所不同
擴展Voter或實現VoterInterface
返回true或false
https://symfony.com/doc/current/security/voters.html
實現VoterInterface
返回常量ACCESS_ *
對於symfony> 2.5已過時
https://symfony.com/doc/2.4/cookbook/security/voters_data_permission.html
假設您正在使用symfony> = 2.7,則應該在voteOnAttribute中返回布爾值
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.