Skip to content

Commit

Permalink
[FrameworkBundle] Fix denyAccessUnlessGranted for mixed attributes
Browse files Browse the repository at this point in the history 
Fix AbstractController::denyAccessUnlessGranted() for attributes that aren't string or array. Always wrap the given single attribute into an array to not break the parameter type of AccessDeniedException#setAttributes() (which supports strings only for convenience).
  • Loading branch information
@delbertooo @nicolas-grekas
delbertooo authored and nicolas-grekas committed Feb 23, 2023
1 parent 1614722 commit 8762335
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 1 deletion.
2 changes: 1 addition & 1 deletion Controller/AbstractController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,7 @@ protected function denyAccessUnlessGranted($attribute, $subject = null, string $
{
if (!$this->isGranted($attribute, $subject)) {
$exception = $this->createAccessDeniedException($message);
$exception->setAttributes($attribute);
$exception->setAttributes([$attribute]);
$exception->setSubject($subject);

throw $exception;
Expand Down
34 changes: 34 additions & 0 deletions Tests/Controller/AbstractControllerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -387,6 +387,40 @@ public function testdenyAccessUnlessGranted()
$controller->denyAccessUnlessGranted('foo');
}

/**
* @dataProvider provideDenyAccessUnlessGrantedSetsAttributesAsArray
*/
public function testdenyAccessUnlessGrantedSetsAttributesAsArray($attribute, $exceptionAttributes)
{
$authorizationChecker = $this->createMock(AuthorizationCheckerInterface::class);
$authorizationChecker->method('isGranted')->willReturn(false);

$container = new Container();
$container->set('security.authorization_checker', $authorizationChecker);

$controller = $this->createController();
$controller->setContainer($container);

try {
$controller->denyAccessUnlessGranted($attribute);
$this->fail('there was no exception to check');
} catch (AccessDeniedException $e) {
$this->assertSame($exceptionAttributes, $e->getAttributes());
}
}

public static function provideDenyAccessUnlessGrantedSetsAttributesAsArray()
{
$obj = new \stdClass();
$obj->foo = 'bar';

return [
'string attribute' => ['foo', ['foo']],
'array attribute' => [[1, 3, 3, 7], [[1, 3, 3, 7]]],
'object attribute' => [$obj, [$obj]],
];
}

public function testRenderViewTwig()
{
$twig = $this->createMock(Environment::class);
Expand Down

0 comments on commit 8762335

Please sign in to comment.