hdabo_sf: vendor/bundles/JMS/SecurityExtraBundle/Annotation/SatisfiesParentSecurityPolicy.php@1df556b2c0f9 (annotated)

0 7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	2
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	3	/*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	4	* Copyright 2010 Johannes M. Schmitt <schmittjoh@gmail.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	5	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	6	* Licensed under the Apache License, Version 2.0 (the "License");
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	7	* you may not use this file except in compliance with the License.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	8	* You may obtain a copy of the License at
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	9	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	10	* http://www.apache.org/licenses/LICENSE-2.0
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	11	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	12	* Unless required by applicable law or agreed to in writing, software
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	13	* distributed under the License is distributed on an "AS IS" BASIS,
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	14	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	15	* See the License for the specific language governing permissions and
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	16	* limitations under the License.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	17	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	18
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	19	namespace JMS\SecurityExtraBundle\Annotation;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	20
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	21	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	22	* This must be declared on classes which inherit from classes that have
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	23	* requested method invocation securing capabilities.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	24	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	25	* It indicates to the analyzer that the developer is aware of these security
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	26	* restrictions, and has applied them to the root class in an appropriate
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	27	* fashion.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	28	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	29	* We cannot do this automatically without properly analyzing the control flow,
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	30	* and in some cases it is not possible at all. See the following example:
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	31	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	32	* <code>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	33	* // child class
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	34	* public function editComment($commentId)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	35	* {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	36	* // retrieve comment from database
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	37	* $comment = $this->entityManager->find($commentId);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	38	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	39	* return parent::editComment($comment);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	40	* }
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	41	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	42	* // base class which is inherited from
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	43	* /**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	44	* * @SecureParam(name="comment", permissions="EDIT")
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	45	* *\/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	46	* public function editComment(Comment $comment)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	47	* {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	48	* // do some supposedly secure action
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	49	* }
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	50	* <code>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	51	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	52	* The above example can be rewritten so that we can apply security checks
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	53	* automatically:
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	54	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	55	* <code>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	56	* // child class
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	57	* public function editComment($commentId)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	58	* {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	59	* // retrieve comment from database
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	60	* $comment = $this->entityManager->find($commentId);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	61	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	62	* return $this->doEditComment($comment);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	63	* }
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	64	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	65	* // base class which is inherited from
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	66	* /**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	67	* * @SecureParam(name="comment", permissions="EDIT")
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	68	* *\/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	69	* protected function doEditComment(Comment $comment)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	70	* {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	71	* // do some secure action
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	72	* }
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	73	* </code>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	74	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	75	* @Annotation
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	76	* @Target("METHOD")
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	77	* @author Johannes M. Schmitt <schmittjoh@gmail.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	78	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	79	final class SatisfiesParentSecurityPolicy
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	80	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	81	}

author	ymh <ymh.work@gmail.com>
	Sun, 06 Nov 2011 23:44:37 +0100
changeset 27	1df556b2c0f9
parent 0	7f95f8617b0b
permissions	-rwxr-xr-x