NotificationsYou must be signed in to change notification settings
Fork9.7k
Star30.8k

Commita5a91a7

committed

bug#19725 [Security] $attributes can be anything, but RoleVoter assumes strings (Jonatan Männchen)

This PR was merged into the 2.7 branch.Discussion----------[Security] $attributes can be anything, but RoleVoter assumes strings| Q | A| ------------- | ---| Branch? | 2.7| Bug fix? | yes| New feature? | no| BC breaks? | yes| Deprecations? | no| Tests pass? | yes| Fixed tickets |#18042| License | MIT| Doc PR | reference to the documentation PR, if anyCommits-------ad3ac95 bug#18042 [Security] $attributes can be anything, but RoleVoter assumes strings

2 parentsd040748 +ad3ac95 commita5a91a7Copy full SHA for a5a91a7

File tree

2 files changed

+12

-1

lines changed

src/Symfony/Component/Security/Core
- Authorization/Voter
  - RoleVoter.php
- Tests/Authorization/Voter
  - RoleVoterTest.php

2 files changed

+12

-1

lines changed

`‎src/Symfony/Component/Security/Core/Authorization/Voter/RoleVoter.php‎`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@`
`12`	`12`	`namespaceSymfony\Component\Security\Core\Authorization\Voter;`
`13`	`13`
`14`	`14`	`useSymfony\Component\Security\Core\Authentication\Token\TokenInterface;`
	`15`	`+useSymfony\Component\Security\Core\Role\RoleInterface;`
`15`	`16`
`16`	`17`	`/**`
`17`	`18`	`* RoleVoter votes if any attribute starts with a given prefix.`
`@@ -37,7 +38,7 @@ public function __construct($prefix = 'ROLE_')`
`37`	`38`	`*/`
`38`	`39`	`publicfunctionsupportsAttribute($attribute)`
`39`	`40`	`{`
`40`		`-return0 ===strpos($attribute,$this->prefix);`
	`41`	`+returnis_string($attribute) &&0 ===strpos($attribute,$this->prefix);`
`41`	`42`	`}`
`42`	`43`
`43`	`44`	`/**`
`@@ -57,6 +58,10 @@ public function vote(TokenInterface $token, $object, array $attributes)`
`57`	`58`	`$roles =$this->extractRoles($token);`
`58`	`59`
`59`	`60`	`foreach ($attributesas$attribute) {`
	`61`	`+if ($attributeinstanceof RoleInterface) {`
	`62`	`+$attribute =$attribute->getRole();`
	`63`	`+ }`
	`64`	`+`
`60`	`65`	`if (!$this->supportsAttribute($attribute)) {`
`61`	`66`	`continue;`
`62`	`67`	`}`

`‎src/Symfony/Component/Security/Core/Tests/Authorization/Voter/RoleVoterTest.php‎`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,12 @@ public function getVoteTests()`
`43`	`43`	`array(array('ROLE_FOO'),array('ROLE_FOO'), VoterInterface::ACCESS_GRANTED),`
`44`	`44`	`array(array('ROLE_FOO'),array('FOO','ROLE_FOO'), VoterInterface::ACCESS_GRANTED),`
`45`	`45`	`array(array('ROLE_BAR','ROLE_FOO'),array('ROLE_FOO'), VoterInterface::ACCESS_GRANTED),`
	`46`	`+`
	`47`	`+// Test mixed Types`
	`48`	`+array(array(),array(array()), VoterInterface::ACCESS_ABSTAIN),`
	`49`	`+array(array(),array(new \stdClass()), VoterInterface::ACCESS_ABSTAIN),`
	`50`	`+array(array('ROLE_BAR'),array(newRole('ROLE_BAR')), VoterInterface::ACCESS_GRANTED),`
	`51`	`+array(array('ROLE_BAR'),array(newRole('ROLE_FOO')), VoterInterface::ACCESS_DENIED),`
`46`	`52`	`);`
`47`	`53`	`}`
`48`	`54`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commita5a91a7

File tree

2 files changed

2 files changed

`‎src/Symfony/Component/Security/Core/Authorization/Voter/RoleVoter.php‎`

`‎src/Symfony/Component/Security/Core/Tests/Authorization/Voter/RoleVoterTest.php‎`

0 commit comments