Merge branch '3.0'

* 3.0: (24 commits) [Filesystem] Better error handling in remove() [DependencyInjection] Add coverage for invalid Expression in exportParameters [DependencyInjection] Add coverage for all invalid arguments in exportParameters anonymous services are always private [Form] FormValidator removed code related to removed option [Console] Correct time formatting. [WebProfilerBundle] Fixed error from unset twig variable Force profiler toolbar svg display [DependencyInjection] Resolve aliases before removing abstract services + add tests Fix Dom Crawler select option with empty value Remove unnecessary option assignment fix tests (use non-deprecated options) remove unused variable mock the proper method [PropertyAccess] Fix regression [HttpFoundation] Improve phpdoc [Logging] Add support for firefox in ChromePhpHandler Windows 10 version check in just one line Detect CLI color support for Windows 10 build 10586 [Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken ...
author: Christian Flothmann <christian.flothmann@xabbuh.de> 2016-04-12 20:27:47 +0200
committer: Christian Flothmann <christian.flothmann@xabbuh.de> 2016-04-12 20:27:47 +0200
commit: b83c13f9631a3ed5ce79975956eb15625c756f80 (patch)
tree: f327288b0836ce0a49b31eaccc352f3d208cedfc
parent: 2a3ff4c385a48668a2595bddb5ecbc45830c03cd (diff)
parent: 19d6c2b9c5fa4403c76bbd3c9b3fe46cb63819a8 (diff)
download: symfony-security-b83c13f9631a3ed5ce79975956eb15625c756f80.zip
symfony-security-b83c13f9631a3ed5ce79975956eb15625c756f80.tar.gz
symfony-security-b83c13f9631a3ed5ce79975956eb15625c756f80.tar.bz2
2 files changed, 55 insertions, 1 deletions
diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php
index 7c068fe..7de83d2 100644
--- a/Http/Firewall/SwitchUserListener.php
+++ b/Http/Firewall/SwitchUserListener.php
@@ -12,6 +12,7 @@
 namespace Symfony\Component\Security\Http\Firewall;
 
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
 use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
@@ -161,7 +162,7 @@ class SwitchUserListener implements ListenerInterface
             throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.');
         }
 
-        if (null !== $this->dispatcher) {
+        if (null !== $this->dispatcher && $original->getUser() instanceof UserInterface) {
             $user = $this->provider->refreshUser($original->getUser());
             $switchEvent = new SwitchUserEvent($request, $user);
             $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent);
diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php
index f43b564..28d73e0 100644
--- a/Http/Tests/Firewall/SwitchUserListenerTest.php
+++ b/Http/Tests/Firewall/SwitchUserListenerTest.php
@@ -158,6 +158,59 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase
         $listener->handle($this->event);
     }
 
+    public function testExitUserDoesNotDispatchEventWithStringUser()
+    {
+        $originalUser = 'anon.';
+        $this
+            ->userProvider
+            ->expects($this->never())
+            ->method('refreshUser');
+        $originalToken = $this->getToken();
+        $originalToken
+            ->expects($this->any())
+            ->method('getUser')
+            ->willReturn($originalUser);
+        $role = $this
+            ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
+            ->disableOriginalConstructor()
+            ->getMock();
+        $role
+            ->expects($this->any())
+            ->method('getSource')
+            ->willReturn($originalToken);
+        $this
+            ->tokenStorage
+            ->expects($this->any())
+            ->method('getToken')
+            ->willReturn($this->getToken(array($role)));
+        $this
+            ->request
+            ->expects($this->any())
+            ->method('get')
+            ->with('_switch_user')
+            ->willReturn('_exit');
+        $this
+            ->request
+            ->query
+            ->expects($this->any())
+            ->method('all')
+            ->will($this->returnValue(array()));
+        $this
+            ->request
+            ->expects($this->any())
+            ->method('getUri')
+            ->willReturn('/');
+
+        $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface');
+        $dispatcher
+            ->expects($this->never())
+            ->method('dispatch')
+        ;
+
+        $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher);
+        $listener->handle($this->event);
+    }
+
     /**
      * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException
      */
author	Christian Flothmann <christian.flothmann@xabbuh.de>	2016-04-12 20:27:47 +0200
committer	Christian Flothmann <christian.flothmann@xabbuh.de>	2016-04-12 20:27:47 +0200
commit	b83c13f9631a3ed5ce79975956eb15625c756f80 (patch)
tree	f327288b0836ce0a49b31eaccc352f3d208cedfc
parent	2a3ff4c385a48668a2595bddb5ecbc45830c03cd (diff)
parent	19d6c2b9c5fa4403c76bbd3c9b3fe46cb63819a8 (diff)
download	symfony-security-b83c13f9631a3ed5ce79975956eb15625c756f80.zip symfony-security-b83c13f9631a3ed5ce79975956eb15625c756f80.tar.gz symfony-security-b83c13f9631a3ed5ce79975956eb15625c756f80.tar.bz2