diff options
| author | Johannes M. Schmitt <schmittjoh@gmail.com> | 2011-04-19 12:12:29 +0200 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2011-04-19 14:24:37 +0200 |
| commit | 796e653d28c6967f9920597070ef4fb8b65e82de (patch) | |
| tree | cedaeb2be17e75e14c4028f39cd6b99c5207cb3e | |
| parent | 72d6402d0f47a8dfa4502a22baba9056334f0f78 (diff) | |
| download | symfony-security-796e653d28c6967f9920597070ef4fb8b65e82de.zip symfony-security-796e653d28c6967f9920597070ef4fb8b65e82de.tar.gz symfony-security-796e653d28c6967f9920597070ef4fb8b65e82de.tar.bz2 | |
fixes a bug in the SwitchUserListener
| -rw-r--r-- | Http/Firewall/SwitchUserListener.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 5d69aa2..0977cb1 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Firewall; +use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserCheckerInterface; @@ -112,7 +113,9 @@ class SwitchUserListener implements ListenerInterface throw new \LogicException(sprintf('You are already switched to "%s" user.', $token->getUsername())); } - $this->accessDecisionManager->decide($token, array($this->role)); + if (false === $this->accessDecisionManager->decide($token, array($this->role))) { + throw new AccessDeniedException(); + } $username = $request->get($this->usernameParameter); |