Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit bbb1064

Browse filesBrowse files
xabbuhxabbuh
committed
[Security][Acl] enforce string identifiers
1 parent cff69aa commit bbb1064
Copy full SHA for bbb1064

File tree

Expand file treeCollapse file tree

2 files changed

+25
-3
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+25
-3
lines changed

‎src/Symfony/Component/Security/Acl/Domain/ObjectIdentity.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Acl/Domain/ObjectIdentity.php
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ final class ObjectIdentity implements ObjectIdentityInterface
3636
*/
3737
public function __construct($identifier, $type)
3838
{
39-
if (empty($identifier)) {
39+
if ('' === $identifier) {
4040
throw new \InvalidArgumentException('$identifier cannot be empty.');
4141
}
4242
if (empty($type)) {
@@ -66,7 +66,7 @@ public static function fromDomainObject($domainObject)
6666
if ($domainObject instanceof DomainObjectInterface) {
6767
return new self($domainObject->getObjectIdentifier(), ClassUtils::getRealClass($domainObject));
6868
} elseif (method_exists($domainObject, 'getId')) {
69-
return new self($domainObject->getId(), ClassUtils::getRealClass($domainObject));
69+
return new self((string) $domainObject->getId(), ClassUtils::getRealClass($domainObject));
7070
}
7171
} catch (\InvalidArgumentException $invalid) {
7272
throw new InvalidDomainObjectException($invalid->getMessage(), 0, $invalid);

‎src/Symfony/Component/Security/Tests/Acl/Domain/ObjectIdentityTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Tests/Acl/Domain/ObjectIdentityTest.php
+23-1Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,26 @@ public function testFromDomainObjectWithProxy()
6464
$this->assertEquals('Symfony\Component\Security\Tests\Acl\Domain\TestDomainObject', $id->getType());
6565
}
6666

67+
public function testFromDomainObjectWithoutInterfaceEnforcesStringIdentifier()
68+
{
69+
$domainObject = new TestDomainObject();
70+
$domainObject->id = 1;
71+
$id = ObjectIdentity::fromDomainObject($domainObject);
72+
73+
$this->assertSame('1', $id->getIdentifier());
74+
$this->assertEquals('Symfony\Component\Security\Tests\Acl\Domain\TestDomainObject', $id->getType());
75+
}
76+
77+
public function testFromDomainObjectWithoutInterfaceAllowsZeroAsIdentifier()
78+
{
79+
$domainObject = new TestDomainObject();
80+
$domainObject->id = '0';
81+
$id = ObjectIdentity::fromDomainObject($domainObject);
82+
83+
$this->assertSame('0', $id->getIdentifier());
84+
$this->assertEquals('Symfony\Component\Security\Tests\Acl\Domain\TestDomainObject', $id->getType());
85+
}
86+
6787
/**
6888
* @dataProvider getCompareData
6989
*/
@@ -89,14 +109,16 @@ public function getCompareData()
89109

90110
class TestDomainObject
91111
{
112+
public $id = 'getId()';
113+
92114
public function getObjectIdentifier()
93115
{
94116
return 'getObjectIdentifier()';
95117
}
96118

97119
public function getId()
98120
{
99-
return 'getId()';
121+
return $this->id;
100122
}
101123
}
102124
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.