Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 3fbca7b

Browse filesBrowse files
nicolas-grekasnicolas-grekas
committed
bug #54248 [Security] Correctly initialize the voter property (aschempp)
This PR was squashed before being merged into the 5.4 branch. Discussion ---------- [Security] Correctly initialize the voter property | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | #54225 | License | MIT This fixes the basic issue that causes #54225. If `getVoters()` returns an empty array, the `$this->data['voters']` property is never initialized, and therefore returns an invalid value. `@fritzmg` or I will follow up if necessary with a fix about decorated access decision managers that cannot "provide" their voters for tracing. Commits ------- b184401 [Security] Correctly initialize the voter property
2 parents c9bce39 + b184401 commit 3fbca7b
Copy full SHA for 3fbca7b

File tree

Expand file treeCollapse file tree

2 files changed

+31
-0
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+31
-0
lines changed

‎src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ public function collect(Request $request, Response $response, ?\Throwable $excep
145145
// collect voters and access decision manager information
146146
if ($this->accessDecisionManager instanceof TraceableAccessDecisionManager) {
147147
$this->data['voter_strategy'] = $this->accessDecisionManager->getStrategy();
148+
$this->data['voters'] = [];
148149

149150
foreach ($this->accessDecisionManager->getVoters() as $voter) {
150151
if ($voter instanceof TraceableVoter) {

‎src/Symfony/Bundle/SecurityBundle/Tests/DataCollector/SecurityDataCollectorTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DataCollector/SecurityDataCollectorTest.php
+30Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -400,6 +400,36 @@ public function dispatch(object $event, ?string $eventName = null): object
400400
$this->assertSame($dataCollector->getVoterStrategy(), $strategy, 'Wrong value returned by getVoterStrategy');
401401
}
402402

403+
public function testGetVotersIfAccessDecisionManagerHasNoVoters()
404+
{
405+
$strategy = MainConfiguration::STRATEGY_AFFIRMATIVE;
406+
407+
$accessDecisionManager = $this->createMock(TraceableAccessDecisionManager::class);
408+
409+
$accessDecisionManager
410+
->method('getStrategy')
411+
->willReturn($strategy);
412+
413+
$accessDecisionManager
414+
->method('getVoters')
415+
->willReturn([]);
416+
417+
$accessDecisionManager
418+
->method('getDecisionLog')
419+
->willReturn([[
420+
'attributes' => ['view'],
421+
'object' => new \stdClass(),
422+
'result' => true,
423+
'voterDetails' => [],
424+
]]);
425+
426+
$dataCollector = new SecurityDataCollector(null, null, null, $accessDecisionManager, null, null, true);
427+
428+
$dataCollector->collect(new Request(), new Response());
429+
430+
$this->assertEmpty($dataCollector->getVoters());
431+
}
432+
403433
public static function provideRoles(): array
404434
{
405435
return [

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.