diff options
| author | Nicolas Grekas <nicolas.grekas@gmail.com> | 2016-10-06 10:59:27 +0200 |
|---|---|---|
| committer | Nicolas Grekas <nicolas.grekas@gmail.com> | 2016-10-06 10:59:27 +0200 |
| commit | 140f8ddb315a6b858ca74d0380e31758bd85d27d (patch) | |
| tree | 0ef96f713415eac2567733f8f805425f04efc425 /Core | |
| parent | c4b4d164a5c6feb9a2d97ff6570f4015f73c48ed (diff) | |
| parent | 754974643b1a8b2f8ec632d35a08b72d777f1058 (diff) | |
| download | symfony-security-140f8ddb315a6b858ca74d0380e31758bd85d27d.zip symfony-security-140f8ddb315a6b858ca74d0380e31758bd85d27d.tar.gz symfony-security-140f8ddb315a6b858ca74d0380e31758bd85d27d.tar.bz2 | |
Merge branch '3.1'v3.2.0-BETA1
* 3.1:
Minor fixes & cleanups
[DependencyInjection] Add missing PHPDoc type
Correct a typo in the ReflectionExtractor's description
[HttpFoundation] JSONP callback validation
[Console] Improved the explanation of the hasOption() method
Uniformize exception vars according to our CS
add missing use statement
bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
Diffstat (limited to 'Core')
| -rw-r--r-- | Core/Authorization/Voter/RoleVoter.php | 7 | ||||
| -rw-r--r-- | Core/Tests/Authorization/Voter/RoleVoterTest.php | 6 |
2 files changed, 12 insertions, 1 deletions
diff --git a/Core/Authorization/Voter/RoleVoter.php b/Core/Authorization/Voter/RoleVoter.php index b017c81..d5f3176 100644 --- a/Core/Authorization/Voter/RoleVoter.php +++ b/Core/Authorization/Voter/RoleVoter.php @@ -12,6 +12,7 @@ namespace Symfony\Component\Security\Core\Authorization\Voter; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Role\RoleInterface; /** * RoleVoter votes if any attribute starts with a given prefix. @@ -41,7 +42,11 @@ class RoleVoter implements VoterInterface $roles = $this->extractRoles($token); foreach ($attributes as $attribute) { - if (0 !== strpos($attribute, $this->prefix)) { + if ($attribute instanceof RoleInterface) { + $attribute = $attribute->getRole(); + } + + if (!is_string($attribute) || 0 !== strpos($attribute, $this->prefix)) { continue; } diff --git a/Core/Tests/Authorization/Voter/RoleVoterTest.php b/Core/Tests/Authorization/Voter/RoleVoterTest.php index 9982bdf..45535ca 100644 --- a/Core/Tests/Authorization/Voter/RoleVoterTest.php +++ b/Core/Tests/Authorization/Voter/RoleVoterTest.php @@ -36,6 +36,12 @@ class RoleVoterTest extends \PHPUnit_Framework_TestCase array(array('ROLE_FOO'), array('ROLE_FOO'), VoterInterface::ACCESS_GRANTED), array(array('ROLE_FOO'), array('FOO', 'ROLE_FOO'), VoterInterface::ACCESS_GRANTED), array(array('ROLE_BAR', 'ROLE_FOO'), array('ROLE_FOO'), VoterInterface::ACCESS_GRANTED), + + // Test mixed Types + array(array(), array(array()), VoterInterface::ACCESS_ABSTAIN), + array(array(), array(new \stdClass()), VoterInterface::ACCESS_ABSTAIN), + array(array('ROLE_BAR'), array(new Role('ROLE_BAR')), VoterInterface::ACCESS_GRANTED), + array(array('ROLE_BAR'), array(new Role('ROLE_FOO')), VoterInterface::ACCESS_DENIED), ); } |