Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit cd77f6f

Browse filesBrowse files
author
Robin Chalas
committed
Revert "bug symfony#30423 [Security] Rework firewall's access denied rule (dimabory)"
This reverts commit fd1408b, reversing changes made to b93d2bf.
1 parent b7bdf2c commit cd77f6f
Copy full SHA for cd77f6f

File tree

Expand file treeCollapse file tree

2 files changed

+10
-57
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+10
-57
lines changed

‎src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+3-1Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -131,6 +131,8 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
131131
} catch (\Exception $e) {
132132
$event->setException($e);
133133
}
134+
135+
return;
134136
}
135137

136138
if (null !== $this->logger) {
@@ -148,7 +150,7 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
148150
$subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
149151
$subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);
150152

151-
$event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST));
153+
$event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
152154
$event->allowCustomResponseCode();
153155
}
154156
} catch (\Exception $e) {

‎src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
+7-56Lines changed: 7 additions & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -130,8 +130,10 @@ public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAn
130130
{
131131
$event = $this->createEvent($exception);
132132

133-
$listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $this->createCustomAccessDeniedHandler(new Response('error')));
133+
$accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
134+
$accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error')));
134135

136+
$listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler);
135137
$listener->onKernelException($event);
136138

137139
$this->assertEquals('error', $event->getResponse()->getContent());
@@ -145,48 +147,13 @@ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \
145147
{
146148
$event = $this->createEvent($exception);
147149

148-
$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint());
149-
$listener->onKernelException($event);
150-
151-
$this->assertEquals('OK', $event->getResponse()->getContent());
152-
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
153-
}
154-
155-
/**
156-
* @dataProvider getAccessDeniedExceptionProvider
157-
*/
158-
public function testAccessDeniedExceptionNotFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null)
159-
{
160-
$event = $this->createEvent($exception);
161-
162-
$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint(), null, $this->createCustomAccessDeniedHandler(new Response('denied', 403)));
163-
$listener->onKernelException($event);
164-
165-
$this->assertEquals('denied', $event->getResponse()->getContent());
166-
$this->assertEquals(403, $event->getResponse()->getStatusCode());
167-
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
168-
}
169-
170-
/**
171-
* @dataProvider getAccessDeniedExceptionProvider
172-
*/
173-
public function testAccessDeniedExceptionNotFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null)
174-
{
175-
$kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
176-
$kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('Unauthorized', 401)));
177-
178-
$event = $this->createEvent($exception, $kernel);
179-
180-
$httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
181-
$httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error')));
150+
$tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
151+
$tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
182152

183-
$listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(true), $httpUtils, null, '/error');
153+
$listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint());
184154
$listener->onKernelException($event);
185155

186-
$this->assertTrue($event->isAllowingCustomResponseCode());
187-
188-
$this->assertEquals('Unauthorized', $event->getResponse()->getContent());
189-
$this->assertEquals(401, $event->getResponse()->getStatusCode());
156+
$this->assertEquals('OK', $event->getResponse()->getContent());
190157
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
191158
}
192159

@@ -201,22 +168,6 @@ public function getAccessDeniedExceptionProvider()
201168
];
202169
}
203170

204-
private function createTokenStorage()
205-
{
206-
$tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
207-
$tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
208-
209-
return $tokenStorage;
210-
}
211-
212-
private function createCustomAccessDeniedHandler(Response $response)
213-
{
214-
$accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
215-
$accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue($response));
216-
217-
return $accessDeniedHandler;
218-
}
219-
220171
private function createEntryPoint(Response $response = null)
221172
{
222173
$entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock();

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.