From d1b73dbf144edc3a500c11ab2b6328e2a9b4723f Mon Sep 17 00:00:00 2001 From: Ville Mattila Date: Sun, 28 Apr 2013 12:53:16 +0300 Subject: [PATCH 1/2] Experimenting passing required roles in exception, refs #122 --- Exception/RequiredRolesMissingException.php | 46 +++++++++++++++++++ .../MethodSecurityInterceptor.php | 3 +- 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 Exception/RequiredRolesMissingException.php diff --git a/Exception/RequiredRolesMissingException.php b/Exception/RequiredRolesMissingException.php new file mode 100644 index 0000000..de945a3 --- /dev/null +++ b/Exception/RequiredRolesMissingException.php @@ -0,0 +1,46 @@ + + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +namespace JMS\SecurityExtraBundle\Exception; + +use Symfony\Component\Security\Core\Exception\AccessDeniedException; + +/** + * @author Ville Mattila + */ +class RequiredRolesMissingException extends AccessDeniedException +{ + protected $roles; + + protected $token; + + public function __construct($message, $roles, $token) { + parent::__construct($message); + + $this->roles = $roles; + $this->token = $token; + } + + public function getRoles() { + return $this->roles; + } + + public function getToken() { + return $this->token; + } +} \ No newline at end of file diff --git a/Security/Authorization/Interception/MethodSecurityInterceptor.php b/Security/Authorization/Interception/MethodSecurityInterceptor.php index 2a7db43..99b52b9 100644 --- a/Security/Authorization/Interception/MethodSecurityInterceptor.php +++ b/Security/Authorization/Interception/MethodSecurityInterceptor.php @@ -22,6 +22,7 @@ use CG\Proxy\MethodInterceptorInterface; use CG\Proxy\MethodInvocation; +use JMS\SecurityExtraBundle\Exception\RequiredRolesMissingException; use JMS\SecurityExtraBundle\Metadata\MethodMetadata; use JMS\SecurityExtraBundle\Security\Authentication\Token\RunAsUserToken; use JMS\SecurityExtraBundle\Security\Authorization\AfterInvocation\AfterInvocationManagerInterface; @@ -90,7 +91,7 @@ public function intercept(MethodInvocation $method) } if (!empty($metadata->roles) && false === $this->accessDecisionManager->decide($token, $metadata->roles, $method)) { - throw new AccessDeniedException('Token does not have the required roles.'); + throw new RequiredRolesMissingException('Token does not have the required roles.', $metadata->roles, $token); } if (!empty($metadata->paramPermissions)) { From 8caa486ab2a5d8e84ee101c1a8d3ef97ed804e54 Mon Sep 17 00:00:00 2001 From: Ville Mattila Date: Sun, 16 Jun 2013 20:02:54 +0300 Subject: [PATCH 2/2] PSR-2 coding standards --- Exception/RequiredRolesMissingException.php | 39 +++++++++++---------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/Exception/RequiredRolesMissingException.php b/Exception/RequiredRolesMissingException.php index de945a3..7695bda 100644 --- a/Exception/RequiredRolesMissingException.php +++ b/Exception/RequiredRolesMissingException.php @@ -25,22 +25,25 @@ */ class RequiredRolesMissingException extends AccessDeniedException { - protected $roles; - - protected $token; - - public function __construct($message, $roles, $token) { - parent::__construct($message); - - $this->roles = $roles; - $this->token = $token; - } - - public function getRoles() { - return $this->roles; - } - - public function getToken() { - return $this->token; - } + protected $roles; + + protected $token; + + public function __construct($message, $roles, $token) + { + parent::__construct($message); + + $this->roles = $roles; + $this->token = $token; + } + + public function getRoles() + { + return $this->roles; + } + + public function getToken() + { + return $this->token; + } } \ No newline at end of file