Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9b5173f

Browse files
committed
#40881 [Security] Allow ips parameter in access_control accept comma-separated string
1 parentd4844ef commit9b5173f

File tree

2 files changed

+62
-1
lines changed

2 files changed

+62
-1
lines changed

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php‎

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -872,7 +872,7 @@ private function createRequestMatcher(ContainerBuilder $container, string $path
872872
foreach ($ipsas$ip) {
873873
$container->resolveEnvPlaceholders($ip,null,$usedEnvs);
874874

875-
if (!$usedEnvs && !$this->isValidIp($ip)) {
875+
if (!$usedEnvs && !$this->isValidIps($ip)) {
876876
thrownew \LogicException(sprintf('The given value "%s" in the "security.access_control" config option is not a valid IP address.',$ip));
877877
}
878878

@@ -930,6 +930,25 @@ public function getConfiguration(array $config, ContainerBuilder $container)
930930
returnnewMainConfiguration($this->factories,$this->userProviderFactories);
931931
}
932932

933+
privatefunctionisValidIps($ips):bool
934+
{
935+
$ipsList =array_reduce((array)$ips,staticfunction (array$ips,string$ip) {
936+
returnarray_merge($ips,preg_split('/\s*,\s*/',$ip));
937+
}, []);
938+
939+
if (empty($ipsList)) {
940+
returnfalse;
941+
}
942+
943+
foreach ($ipsListas$cidr) {
944+
if (!$this->isValidIp($cidr)) {
945+
returnfalse;
946+
}
947+
}
948+
949+
returntrue;
950+
}
951+
933952
privatefunctionisValidIp(string$cidr):bool
934953
{
935954
$cidrParts =explode('/',$cidr);

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php‎

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -388,6 +388,33 @@ public function testRememberMeCookieInheritFrameworkSessionCookie($config, $same
388388
$this->assertEquals($secure,$definition->getArgument(3)['secure']);
389389
}
390390

391+
/**
392+
* @dataProvider acceptableIpsProvider
393+
*/
394+
publicfunctiontestAcceptableAccessControlIps($ips)
395+
{
396+
$container =$this->getRawContainer();
397+
398+
$container->loadFromExtension('security', [
399+
'providers' => [
400+
'default' => ['id' =>'foo'],
401+
],
402+
'firewalls' => [
403+
'some_firewall' => [
404+
'pattern' =>'/.*',
405+
'http_basic' => [],
406+
],
407+
],
408+
'access_control' => [
409+
['ips' =>$ips,'path' =>'/somewhere','roles' =>'IS_AUTHENTICATED_FULLY'],
410+
],
411+
]);
412+
413+
$container->compile();
414+
415+
$this->assertTrue(true,'Ip addresses is successfully consumed:'.(\is_string($ips) ?$ips :json_encode($ips)));
416+
}
417+
391418
publicfunctionsessionConfigurationProvider()
392419
{
393420
return [
@@ -408,6 +435,21 @@ public function sessionConfigurationProvider()
408435
];
409436
}
410437

438+
publicfunctionacceptableIpsProvider():iterable
439+
{
440+
yield [['127.0.0.1']];
441+
442+
yield ['127.0.0.1'];
443+
444+
yield ['127.0.0.1, 127.0.0.2'];
445+
446+
yield ['127.0.0.1/8, 127.0.0.2/16'];
447+
448+
yield [['127.0.0.1/8, 127.0.0.2/16']];
449+
450+
yield [['127.0.0.1/8','127.0.0.2/16']];
451+
}
452+
411453
publicfunctiontestSwitchUserWithSeveralDefinedProvidersButNoFirewallRootProviderConfigured()
412454
{
413455
$container =$this->getRawContainer();

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp