symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
+12-6Lines changed: 12 additions & 6 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
+12-6Lines changed: 12 additions & 6 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/AbstractTokenCompareRoles/routing.yml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/AbstractTokenCompareRoles/routing.yml
-1Lines changed: 0 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/AbstractTokenCompareRoles/routing.yml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/AbstractTokenCompareRoles/routing.yml
-1Lines changed: 0 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
+1-7Lines changed: 1 addition & 7 deletions b/‎src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
+1-7Lines changed: 1 addition & 7 deletions
diff --git a/‎src/Symfony/Component/Security/Core/User/User.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/User/User.php
+1-9Lines changed: 1 addition & 9 deletions b/‎src/Symfony/Component/Security/Core/User/User.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/User/User.php
+1-9Lines changed: 1 addition & 9 deletions
@@ -37,22 +37,28 @@ public function testServiceIsFunctional()
     public function userWillBeMarkedAsChangedIfRolesHasChangedProvider()
     {
         return [
-            [User::class],
-            [UserWithoutEquatable::class],
+            [
+                new User('user1', 'test', ['ROLE_ADMIN']),
+                new User('user1', 'test', ['ROLE_USER']),
+            ],
+            [
+                new UserWithoutEquatable('user1', 'test', ['ROLE_ADMIN']),
+                new UserWithoutEquatable('user1', 'test', ['ROLE_USER']),
+            ],
         ];
     }
 
     /**
      * @dataProvider userWillBeMarkedAsChangedIfRolesHasChangedProvider
      */
-    public function testUserWillBeMarkedAsChangedIfRolesHasChanged($userClass)
+    public function testUserWillBeMarkedAsChangedIfRolesHasChanged(UserInterface $userWithAdminRole, UserInterface $userWithoutAdminRole)
     {
         $client = $this->createClient(['test_case' => 'AbstractTokenCompareRoles', 'root_config' => 'config.yml']);
         $client->disableReboot();
 
         /** @var ArrayUserProvider $userProvider */
         $userProvider = static::$kernel->getContainer()->get('security.user.provider.array');
-        $userProvider->addUser(new $userClass('user1', 'test', ['ROLE_ADMIN']));
+        $userProvider->addUser($userWithAdminRole);
 
         $client->request('POST', '/login', [
             '_username' => 'user1',
@@ -63,8 +69,8 @@ public function testUserWillBeMarkedAsChangedIfRolesHasChanged($userClass)
         $client->request('GET', '/admin');
         $this->assertEquals(200, $client->getResponse()->getStatusCode());
 
-        // revoking ROLE_ADMIN from user1
-        $userProvider->setUser('user1', new $userClass('user1', 'test', ['ROLE_USER']));
+        // updating user provider with same user but revoked ROLE_ADMIN from user1
+        $userProvider->setUser('user1', $userWithoutAdminRole);
 
         // user1 has lost ROLE_ADMIN and MUST be redirected away from secure page
         $client->request('GET', '/admin');
 
@@ -6,4 +6,3 @@ logout:
 
 admin_bundle:
   resource: '@SecuredPageBundle/Resources/config/routing.yml'
-
@@ -318,13 +318,7 @@ private function hasUserChanged(UserInterface $user)
         }
 
         $userRoles = array_map('strval', (array) $user->getRoles());
-        $rolesChanged =
-            (bool) \count(
-                array_merge(
-                    array_diff($this->getRoleNames(), $userRoles),
-                    array_diff($userRoles, $this->getRoleNames())
-                )
-            );
+        $rolesChanged = \count($userRoles) !== \count($this->getRoleNames()) || \count($userRoles) !== \count(array_intersect($userRoles, $this->getRoleNames()));
 
         if ($rolesChanged) {
             return true;
 
@@ -137,15 +137,7 @@ public function isEqualTo(UserInterface $user)
 
         $currentRoles = array_map('strval', (array) $this->getRoles());
         $newRoles = array_map('strval', (array) $user->getRoles());
-
-        $rolesChanged =
-            (bool) \count(
-                array_merge(
-                    array_diff($currentRoles, $newRoles),
-                    array_diff($newRoles, $currentRoles)
-                )
-            );
-
+        $rolesChanged = \count($currentRoles) !== \count($newRoles) || \count($currentRoles) !== \count(array_intersect($currentRoles, $newRoles));
         if ($rolesChanged) {
             return false;
         }