Merge branch '4.4' into 5.2

derrabus · derrabus · commit d258a71a00dd · 2021-04-13T16:17:49.000+02:00
* 4.4:
  [Serializer][Validator] Update some phpDoc relative to "getters"
  Update README.md
  [SecurityBundle] Empty line starting with dash under "access_control" causes all rules to be skipped
  [Cache] Apply NullAdapter as Null Object
diff --git a/DependencyInjection/SecurityExtension.php b/DependencyInjection/SecurityExtension.php
@@ -208,6 +208,12 @@ private function createAuthorization(array $config, ContainerBuilder $container)
                 $attributes[] = $this->createExpression($container, $access['allow_if']);
             }
 
+            $emptyAccess = 0 === \count(array_filter($access));
+
+            if ($emptyAccess) {
+                throw new InvalidConfigurationException('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');
+            }
+
             $container->getDefinition('security.access_map')
                       ->addMethodCall('add', [$matcher, $attributes, $access['requires_channel']]);
         }
diff --git a/Tests/DependencyInjection/SecurityExtensionTest.php b/Tests/DependencyInjection/SecurityExtensionTest.php
@@ -432,6 +432,56 @@ public function testSwitchUserWithSeveralDefinedProvidersButNoFirewallRootProvid
         $this->assertEquals(new Reference('security.user.provider.concrete.second'), $container->getDefinition('security.authentication.switchuser_listener.foobar')->getArgument(1));
     }
 
+    public function testInvalidAccessControlWithEmptyRow()
+    {
+        $container = $this->getRawContainer();
+
+        $container->loadFromExtension('security', [
+            'providers' => [
+                'default' => ['id' => 'foo'],
+            ],
+            'firewalls' => [
+                'some_firewall' => [
+                    'pattern' => '/.*',
+                    'http_basic' => [],
+                ],
+            ],
+            'access_control' => [
+                [],
+                ['path' => '/admin', 'roles' => 'ROLE_ADMIN'],
+            ],
+        ]);
+
+        $this->expectException(InvalidConfigurationException::class);
+        $this->expectExceptionMessage('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');
+        $container->compile();
+    }
+
+    public function testValidAccessControlWithEmptyRow()
+    {
+        $container = $this->getRawContainer();
+
+        $container->loadFromExtension('security', [
+            'providers' => [
+                'default' => ['id' => 'foo'],
+            ],
+            'firewalls' => [
+                'some_firewall' => [
+                    'pattern' => '/.*',
+                    'http_basic' => [],
+                ],
+            ],
+            'access_control' => [
+                ['path' => '^/login'],
+                ['path' => '^/', 'roles' => 'ROLE_USER'],
+            ],
+        ]);
+
+        $container->compile();
+
+        $this->assertTrue(true, 'extension throws an InvalidConfigurationException if there is one more more empty access control items');
+    }
+
     /**
      * @dataProvider provideEntryPointFirewalls
      */

Original file line number	Diff line number	Diff line change
`@@ -208,6 +208,12 @@ private function createAuthorization(array $config, ContainerBuilder $container)`
`208`	`208`	`$attributes[] = $this->createExpression($container, $access['allow_if']);`
`209`	`209`	`}`
`210`	`210`
	`211`	`+ $emptyAccess = 0 === \count(array_filter($access));`
	`212`	`+`
	`213`	`+ if ($emptyAccess) {`
	`214`	`+ throw new InvalidConfigurationException('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');`
	`215`	`+ }`
	`216`	`+`
`211`	`217`	`$container->getDefinition('security.access_map')`
`212`	`218`	`->addMethodCall('add', [$matcher, $attributes, $access['requires_channel']]);`
`213`	`219`	`}`