[Security] made sure that we always replace the security access denied exception to an HTTP one

2012-07-13 11:36:57 +02:00 · 2012-07-13 11:36:57 +02:00 · 46071f3238
parent 7dc89013eb
commit 46071f3238
1 changed files with 2 additions and 4 deletions
--- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@ -97,6 +97,8 @@ class ExceptionListener
                return;
            }
        } elseif ($exception instanceof AccessDeniedException) {
+            $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
+
            $token = $this->context->getToken();
            if (!$this->authenticationTrustResolver->isFullFledged($token)) {
                if (null !== $this->logger) {
@ -129,8 +131,6 @@ class ExceptionListener
                        $response = $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true);
                        $response->setStatusCode(403);
                    } else {
-                        $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
-
                        return;
                    }
                } catch (\Exception $e) {
@ -148,8 +148,6 @@ class ExceptionListener
                $this->logger->info(sprintf('Logout exception occurred; wrapping with AccessDeniedHttpException (%s)', $exception->getMessage()));
            }

-            $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
-
            return;
        } else {
            return;