Skip to content
This repository was archived by the owner on May 31, 2024. It is now read-only.

Commit 140f8dd

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '3.1'
* 3.1: Minor fixes & cleanups [DependencyInjection] Add missing PHPDoc type Correct a typo in the ReflectionExtractor's description [HttpFoundation] JSONP callback validation [Console] Improved the explanation of the hasOption() method Uniformize exception vars according to our CS add missing use statement bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
2 parents c4b4d16 + 7549746 commit 140f8dd

File tree

2 files changed

+12
-1
lines changed

2 files changed

+12
-1
lines changed

Core/Authorization/Voter/RoleVoter.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\Security\Core\Authorization\Voter;
1313

1414
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
15+
use Symfony\Component\Security\Core\Role\RoleInterface;
1516

1617
/**
1718
* RoleVoter votes if any attribute starts with a given prefix.
@@ -41,7 +42,11 @@ public function vote(TokenInterface $token, $subject, array $attributes)
4142
$roles = $this->extractRoles($token);
4243

4344
foreach ($attributes as $attribute) {
44-
if (0 !== strpos($attribute, $this->prefix)) {
45+
if ($attribute instanceof RoleInterface) {
46+
$attribute = $attribute->getRole();
47+
}
48+
49+
if (!is_string($attribute) || 0 !== strpos($attribute, $this->prefix)) {
4550
continue;
4651
}
4752

Core/Tests/Authorization/Voter/RoleVoterTest.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,12 @@ public function getVoteTests()
3636
array(array('ROLE_FOO'), array('ROLE_FOO'), VoterInterface::ACCESS_GRANTED),
3737
array(array('ROLE_FOO'), array('FOO', 'ROLE_FOO'), VoterInterface::ACCESS_GRANTED),
3838
array(array('ROLE_BAR', 'ROLE_FOO'), array('ROLE_FOO'), VoterInterface::ACCESS_GRANTED),
39+
40+
// Test mixed Types
41+
array(array(), array(array()), VoterInterface::ACCESS_ABSTAIN),
42+
array(array(), array(new \stdClass()), VoterInterface::ACCESS_ABSTAIN),
43+
array(array('ROLE_BAR'), array(new Role('ROLE_BAR')), VoterInterface::ACCESS_GRANTED),
44+
array(array('ROLE_BAR'), array(new Role('ROLE_FOO')), VoterInterface::ACCESS_DENIED),
3945
);
4046
}
4147

0 commit comments

Comments
 (0)