-
-
Notifications
You must be signed in to change notification settings - Fork 237
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security: IAuthorizator needs IIdentity #941
base: master
Are you sure you want to change the base?
Conversation
👍 Chtělo by to pár testů :) |
@hosiplan: Ono v podstatě stačí upravit stávající testy, ale to bude chvíli trvat. Mezitím si pls přečti RFC. :-) |
Nette/Security/Permission.php
Outdated
@@ -644,68 +639,66 @@ public function isAllowed($role = self::ALL, $resource = self::ALL, $privilege = | |||
$this->checkResource($resource); | |||
} | |||
|
|||
foreach ($identity->getRoles() as $role) { | |||
$this->checkRole($role); | |||
if (NULL !== ($result = $this->isRoleAllowed($role, $resource, $privilege))) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
skaredy coding style, takovyto nikde nevyuzivame :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
V Permission je použitý hned na několika místech. Sice se mi to nelíbilo, ale nechci se pouštět do kompletní refaktorizace kódu Permission.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ajo, to je proto, že to David kopiroval z nějakyho jinyho frameworku :D
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LOL
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mas to v hlavicce... je to ze zendu :D
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ta implementace Permission se mi celkově moc nelíbí. Vlastně bych celou tu třídu nejradši vyhodil do addons. :-D
Přesunuto k diskusi na fórum. |
Nette/Security/Permission.php
Outdated
@@ -644,68 +649,75 @@ public function isAllowed($role = self::ALL, $resource = self::ALL, $privilege = | |||
$this->checkResource($resource); | |||
} | |||
|
|||
if (!$identity) { // quest | |||
$roles = array($this->questRole); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you even test it? This wouldn't work at all, there is no questRole, only guestRole (see @tomaswindsor's comment above).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope I did not test it yet.
Please review. |
@@ -16,8 +18,9 @@ require __DIR__ . '/../bootstrap.php'; | |||
|
|||
|
|||
Assert::exception(function() { | |||
$identity = new Identity(1, array('nonexistent')); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
indentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ups thanks :-)
Ještě jiný směr, kam by se to mohlo ubírat: http://forum.nette.org/cs/13458-security-iauthorizator-a-identita#p99180 |
@dg Even if the final implementation will be different, the first commit should be merged. This is taking as long as I was afraid it would so I've already implemented this as an extension. |
Hi there! I see two small User-related BC breaks:
|
This pull request is probably not going to be merged so it's useless to push the fix here. I will fix both in my extension though. |
991ba1a
to
e23de7a
Compare
489cca2
to
0b969cd
Compare
09a7d92
to
b9698a8
Compare
5a8c108
to
3aa3147
Compare
5feee0e
to
3fc1e40
Compare
688f189
to
1bc9d13
Compare
7215ae6
to
71b2047
Compare
See the RFC on Nette forum (czech only).