Geek Answers Handbook

Why does the Symfony2 Voter unanimous decision-making strategy cover the attributes passed?

I implemented a custom Symfony2 Voter and passed an array of attributes to the first parameter denyAccessUnlessGranted, as it was in my controller:

$attr = [
    'module' => 'userModule'
    'action' => 'edit'
];
$this->denyAccessUnlessGranted($attr, $this, 'Not authorize to edit user');

This works well if the solution manager approach is set to affirmative. However, when I switched to the approach unanimous, all of the sudden things didn't work out because of how my user selector was designed. I looked at the source code of Symfony and found that the reason is that the method for determining the voting result for an approach is unanimouslooped on attributes before calling all registered voters (instead of simply passing them to voters as a case for approaches affirmativeand consensus).

The following are snippets Symfony/Component/Security/Core/Authorization/AccessDecisionManager:

private function decideAffirmative(TokenInterface $token, array $attributes, $object = null)
{
    $deny = 0;
    foreach ($this->voters as $voter) {
        $result = $voter->vote($token, $object, $attributes);
        ...
     }
}

private function decideConsensus(TokenInterface $token, array $attributes, $object = null)
{
    foreach ($this->voters as $voter) {
        $result = $voter->vote($token, $object, $attributes);
        ...
    }
}


private function decideUnanimous(TokenInterface $token, array $attributes, $object = null)
{
    $grant = 0;
    // ***** THIS IS THE ISSUE: WHY LOOP THROUGH THE ATTRIBUTES ****
    foreach ($attributes as $attribute) {
        foreach ($this->voters as $voter) {
            $result = $voter->vote($token, $object, array($attribute));
            ...
        }
    }
 }

The decision maker unanimousis the third. What is the reason you need to scroll through attributes? This means that I will have to transcode my user voter depending on which decision-making strategy I use, which seems very strange to me.

PS: The implementation details of my custom voter are not really important for this question, so I decided not to list it here.

PS # 2: , Symfony2 (https://github.com/symfony/symfony/blob/2.8/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php). , Voter. , , , Symfony2.

+4
1

RoleVoter.

Voter:: Vote() VoterInterface:: ACCESS_GRANTED, , ( ). , , - VoterInterface:: ACCESS_GRANTED, .

, ( ); .

+1

More articles:


All Articles