Increase default firewall strategy for plugin legacy scripts #18138
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist before requesting a review
Description
With the proposed changes, the default strategy applied to plugins routes/scripts will be similar than the default strategy applied to the core GLPI routes/scripts:
For the few plugins that would want to specify a specific strategy, it will be possible to do this:
\Glpi\Http\Firewall::addPluginStrategyForLegacyScripts()
(e.g.Firewall::addPluginStrategyForLegacyScripts('myplugin', '#^/front/helpdesk_.*#', Firewall::STRATEGY_HELPDESK_ACCESS);
);\Glpi\Security\Attribute\SecurityStrategy
attribute on the correspondiing symfony route.This change corresponds to a TODO introduced in #15614.