New in Symfony 5.1: Simpler security attributes
Contributed by
Jules Pietri and
Wouter De Jong
in #31189.
Checking the status of users in Symfony applications (anonymous, logged in, etc.)
requires using security attributes such as IS_AUTHENTICATED_ANONYMOUSLY.
In Symfony 5.1 we've improved these attributes to make them more concise and
easier to read and write.
For example, to check for "Remember Me" users inside a controller:
1 2 3 4 5 6 7 8 9 | // BEFORE
if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
// ...
}
// AFTER
if ($this->isGranted('IS_REMEMBERED')) {
// ...
}
|
Another example, which checks anonymous users inside Twig templates:
1 2 3 4 5 6 7 8 9 | {# BEFORE #}
{% if is_granted('IS_AUTHENTICATED_ANONYMOUSLY') %}
{# ... #}
{% endif %}
{# AFTER #}
{% if is_granted('IS_ANONYMOUS') %}
{# ... #}
{% endif %}
|
The other security attribute (IS_AUTHENTICATED_FULLY) remains unchanged.
New Impersonation AttributeΒΆ
Contributed by
Wouter De Jong
in #35858.
User impersonation allows you to browse the application logged in as another
user. When impersonating other users, the currently logged in user gets a special
security role called ROLE_PREVIOUS_ADMIN automatically. This is how you can
detect if the current user is impersonating or not.
However, using security roles as attributes feels like a hack and moreover, the
role name is not perfectly clear. That's why in Symfony 5.1 we've deprecated
ROLE_PREVIOUS_ADMIN and introduced a new attribute called IS_IMPERSONATOR.
Your code and templates will be much easier to understand now:
1 2 3 4 5 6 7 8 9 | {# BEFORE #}
{% if is_granted('ROLE_PREVIOUS_ADMIN') %}
<a href="...">Exit impersonation</a>
{% endif %}
{# AFTER #}
{% if is_granted('IS_IMPERSONATOR') %}
<a href="...">Exit impersonation</a>
{% endif %}
|
About us
What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...
- Welcome to Symfony News !
- More About us
- Contact us on contact[at]symfony-news.com