0

我定义了一个选民,特别是voteOnAttribute如下方法:

 public function voteOnAttribute($attributes, $subject, TokenInterface $token) {

        $user = $token->getUser();

        if (!$user instanceof User) {
            return false;
            // return static::ACCESS_DENIED
        }
        if(!$subject instanceof PrivateResource) {
            throw new Exception('Media type mismatch : private resource expected here');
        }

        // Check company is elligible here
        if(!$subject->getCompanies()->contains($user->getCompany())){
            return false;
            // return static::ACCESS_DENIED
        }

        return static::ACCESS_GRANTED;
    }

为什么我不能在我的方法中使用VoterInterface常量 ( ACCESS_GRANTED, ACCESS_ABSTAIN, ACCESS_DENIED)?

如果我这样做,由于vote抽象类中的方法,不会强制执行拒绝访问决定Voter

public function vote(TokenInterface $token, $subject, array $attributes)
    {
        // abstain vote by default in case none of the attributes are supported
        $vote = self::ACCESS_ABSTAIN;

        foreach ($attributes as $attribute) {
            if (!$this->supports($attribute, $subject)) {
                continue;
            }

            // as soon as at least one attribute is supported, default is to deny access
            $vote = self::ACCESS_DENIED;

            if ($this->voteOnAttribute($attribute, $subject, $token)) {
                // grant access as soon as at least one attribute returns a positive response
                return self::ACCESS_GRANTED;
            }
        }

        return $vote;
    }

由于ACCESS_DENIED常量在 中设置为 -1 VoterInterface,因此if ($this->voteOnAttribute($attribute, $subject, $token))条件为真,即使返回值为 -1。

我在这里误会了什么?这些常量是否计划在我们的自定义voteOnAttribute方法中使用?

注意:我将选民策略设置unanimoussecurity.yml

4

1 回答 1

2

首先,我认为我误解了文档。

但是 symfony 版本之间的文档存在差异

假设您使用的是 symfony >= 2.7,您应该在 voteOnAttribute 中返回布尔值

于 2017-09-16T11:06:54.487 回答