diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php
index 83f60129e1..b97e376d1d 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php
@@ -31,10 +31,15 @@ class AddSecurityVotersPass implements CompilerPassInterface
return;
}
- $voters = array_map(function($id) {
- return new Reference($id);
- }, array_keys($container->findTaggedServiceIds('security.voter')));
+ $voters = new \SplPriorityQueue();
+ foreach ($container->findTaggedServiceIds('security.voter') as $id => $attributes) {
+ $priority = isset($attributes[0]['priority']) ? $attributes[0]['priority'] : 0;
+ $voters->insert(new Reference($id), $priority);
+ }
- $container->getDefinition('security.access.decision_manager')->setArgument(0, $voters);
+ $voters = iterator_to_array($voters);
+ ksort($voters);
+
+ $container->getDefinition('security.access.decision_manager')->setArgument(0, array_values($voters));
}
}
\ No newline at end of file
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
index e9167ac1a8..b07b061871 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -121,20 +121,17 @@ class SecurityExtension extends Extension
protected function createRoleHierarchy($config, ContainerBuilder $container)
{
if (!isset($config['role_hierarchy'])) {
+ $container->remove('security.access.role_hierarchy_voter');
+
return;
}
$container->setParameter('security.role_hierarchy.roles', $config['role_hierarchy']);
$container->remove('security.access.simple_role_voter');
- $container->getDefinition('security.access.role_hierarchy_voter')->addTag('security.voter');
}
protected function createAuthorization($config, ContainerBuilder $container)
{
- if (!isset($config['access_control'])) {
- return;
- }
-
foreach ($config['access_control'] as $access) {
$matcher = $this->createRequestMatcher(
$container,
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
index c4fc63c5c9..40f0abfe40 100644
--- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
+++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
@@ -87,16 +87,17 @@
-
+
-
+
+
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_acl.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_acl.xml
index 7682bc8683..6e293cc6a2 100644
--- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_acl.xml
+++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_acl.xml
@@ -73,7 +73,7 @@
%security.acl.voter.allow_if_object_identity_unavailable%
-
+