Merge branch '5.1'
* 5.1: [Validator] use "allowedVariables" to configure the ExpressionLanguageSyntax constraint [Security] Fixed AbstractToken::hasUserChanged() [PropertyAccess] fix merge [DI] fix typo
This commit is contained in:
commit
608b770f1b
@ -172,7 +172,7 @@ class HttpClientDataCollectorTest extends TestCase
|
|||||||
|
|
||||||
foreach ($tracedRequests as $request) {
|
foreach ($tracedRequests as $request) {
|
||||||
$response = $httpClient->request($request['method'], $request['url'], $request['options'] ?? []);
|
$response = $httpClient->request($request['method'], $request['url'], $request['options'] ?? []);
|
||||||
$response->getContent(false); // To avoid exception in ResponseTrait::doDestruct
|
$response->getContent(false); // disables exceptions from destructors
|
||||||
}
|
}
|
||||||
|
|
||||||
return $httpClient;
|
return $httpClient;
|
||||||
|
@ -408,11 +408,11 @@ class PropertyAccessor implements PropertyAccessorInterface
|
|||||||
|
|
||||||
// handle uninitialized properties in PHP >= 7
|
// handle uninitialized properties in PHP >= 7
|
||||||
if (__FILE__ === $trace['file']
|
if (__FILE__ === $trace['file']
|
||||||
&& $access[self::ACCESS_NAME] === $trace['function']
|
&& $name === $trace['function']
|
||||||
&& $object instanceof $trace['class']
|
&& $object instanceof $trace['class']
|
||||||
&& preg_match((sprintf('/Return value (?:of .*::\w+\(\) )?must be of (?:the )?type (\w+), null returned$/')), $e->getMessage(), $matches)
|
&& preg_match((sprintf('/Return value (?:of .*::\w+\(\) )?must be of (?:the )?type (\w+), null returned$/')), $e->getMessage(), $matches)
|
||||||
) {
|
) {
|
||||||
throw new UninitializedPropertyException(sprintf('The method "%s::%s()" returned "null", but expected type "%3$s". Did you forget to initialize a property or to make the return type nullable using "?%3$s"?', false === strpos(\get_class($object), "@anonymous\0") ? \get_class($object) : (get_parent_class($object) ?: 'class').'@anonymous', $access[self::ACCESS_NAME], $matches[1]), 0, $e);
|
throw new UninitializedPropertyException(sprintf('The method "%s::%s()" returned "null", but expected type "%3$s". Did you forget to initialize a property or to make the return type nullable using "?%3$s"?', false === strpos(\get_class($object), "@anonymous\0") ? \get_class($object) : (get_parent_class($object) ?: key(class_implements($object)) ?: 'class').'@anonymous', $name, $matches[1]), 0, $e);
|
||||||
}
|
}
|
||||||
|
|
||||||
throw $e;
|
throw $e;
|
||||||
|
@ -270,10 +270,13 @@ abstract class AbstractToken implements TokenInterface
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
$currentUserRoles = array_map('strval', (array) $this->user->getRoles());
|
|
||||||
$userRoles = array_map('strval', (array) $user->getRoles());
|
$userRoles = array_map('strval', (array) $user->getRoles());
|
||||||
|
|
||||||
if (\count($userRoles) !== \count($currentUserRoles) || \count($userRoles) !== \count(array_intersect($userRoles, $currentUserRoles))) {
|
if ($this instanceof SwitchUserToken) {
|
||||||
|
$userRoles[] = 'ROLE_PREVIOUS_ADMIN';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (\count($userRoles) !== \count($this->getRoleNames()) || \count($userRoles) !== \count(array_intersect($userRoles, $this->getRoleNames()))) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -152,7 +152,7 @@ class AbstractTokenTest extends TestCase
|
|||||||
*/
|
*/
|
||||||
public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($user)
|
public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($user)
|
||||||
{
|
{
|
||||||
$token = new ConcreteToken(['ROLE_FOO']);
|
$token = new ConcreteToken();
|
||||||
$token->setAuthenticated(true);
|
$token->setAuthenticated(true);
|
||||||
$this->assertTrue($token->isAuthenticated());
|
$this->assertTrue($token->isAuthenticated());
|
||||||
|
|
||||||
@ -162,6 +162,21 @@ class AbstractTokenTest extends TestCase
|
|||||||
$token->setUser($user);
|
$token->setUser($user);
|
||||||
$this->assertTrue($token->isAuthenticated());
|
$this->assertTrue($token->isAuthenticated());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testIsUserChangedWhenSerializing()
|
||||||
|
{
|
||||||
|
$token = new ConcreteToken(['ROLE_ADMIN']);
|
||||||
|
$token->setAuthenticated(true);
|
||||||
|
$this->assertTrue($token->isAuthenticated());
|
||||||
|
|
||||||
|
$user = new SerializableUser('wouter', ['ROLE_ADMIN']);
|
||||||
|
$token->setUser($user);
|
||||||
|
$this->assertTrue($token->isAuthenticated());
|
||||||
|
|
||||||
|
$token = unserialize(serialize($token));
|
||||||
|
$token->setUser($user);
|
||||||
|
$this->assertTrue($token->isAuthenticated());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class TestUser
|
class TestUser
|
||||||
@ -179,6 +194,56 @@ class TestUser
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class SerializableUser implements UserInterface, \Serializable
|
||||||
|
{
|
||||||
|
private $roles;
|
||||||
|
private $name;
|
||||||
|
|
||||||
|
public function __construct($name, array $roles = [])
|
||||||
|
{
|
||||||
|
$this->name = $name;
|
||||||
|
$this->roles = $roles;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getUsername()
|
||||||
|
{
|
||||||
|
return $this->name;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getPassword()
|
||||||
|
{
|
||||||
|
return '***';
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getRoles()
|
||||||
|
{
|
||||||
|
if (empty($this->roles)) {
|
||||||
|
return ['ROLE_USER'];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->roles;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function eraseCredentials()
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getSalt()
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function serialize()
|
||||||
|
{
|
||||||
|
return serialize($this->name);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function unserialize($serialized)
|
||||||
|
{
|
||||||
|
$this->name = unserialize($serialized);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
class ConcreteToken extends AbstractToken
|
class ConcreteToken extends AbstractToken
|
||||||
{
|
{
|
||||||
private $credentials = 'credentials_value';
|
private $credentials = 'credentials_value';
|
||||||
|
@ -29,8 +29,7 @@ class ExpressionLanguageSyntax extends Constraint
|
|||||||
|
|
||||||
public $message = 'This value should be a valid expression.';
|
public $message = 'This value should be a valid expression.';
|
||||||
public $service;
|
public $service;
|
||||||
public $validateNames = true;
|
public $allowedVariables = null;
|
||||||
public $names = [];
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
|
@ -16,6 +16,7 @@ use Symfony\Component\ExpressionLanguage\SyntaxError;
|
|||||||
use Symfony\Component\Validator\Constraint;
|
use Symfony\Component\Validator\Constraint;
|
||||||
use Symfony\Component\Validator\ConstraintValidator;
|
use Symfony\Component\Validator\ConstraintValidator;
|
||||||
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
|
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
|
||||||
|
use Symfony\Component\Validator\Exception\UnexpectedValueException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Andrey Sevastianov <mrpkmail@gmail.com>
|
* @author Andrey Sevastianov <mrpkmail@gmail.com>
|
||||||
@ -39,7 +40,7 @@ class ExpressionLanguageSyntaxValidator extends ConstraintValidator
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!\is_string($expression)) {
|
if (!\is_string($expression)) {
|
||||||
throw new UnexpectedTypeException($expression, 'string');
|
throw new UnexpectedValueException($expression, 'string');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (null === $this->expressionLanguage) {
|
if (null === $this->expressionLanguage) {
|
||||||
@ -47,7 +48,7 @@ class ExpressionLanguageSyntaxValidator extends ConstraintValidator
|
|||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$this->expressionLanguage->lint($expression, ($constraint->validateNames ? ($constraint->names ?? []) : null));
|
$this->expressionLanguage->lint($expression, $constraint->allowedVariables);
|
||||||
} catch (SyntaxError $exception) {
|
} catch (SyntaxError $exception) {
|
||||||
$this->context->buildViolation($constraint->message)
|
$this->context->buildViolation($constraint->message)
|
||||||
->setParameter('{{ syntax_error }}', $this->formatValue($exception->getMessage()))
|
->setParameter('{{ syntax_error }}', $this->formatValue($exception->getMessage()))
|
||||||
|
@ -18,7 +18,7 @@ use Symfony\Component\Validator\Constraints\ExpressionLanguageSyntax;
|
|||||||
use Symfony\Component\Validator\Constraints\ExpressionLanguageSyntaxValidator;
|
use Symfony\Component\Validator\Constraints\ExpressionLanguageSyntaxValidator;
|
||||||
use Symfony\Component\Validator\Test\ConstraintValidatorTestCase;
|
use Symfony\Component\Validator\Test\ConstraintValidatorTestCase;
|
||||||
|
|
||||||
class ExpressionLanguageSyntaxTest extends ConstraintValidatorTestCase
|
class ExpressionLanguageSyntaxValidatorTest extends ConstraintValidatorTestCase
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @var \PHPUnit\Framework\MockObject\MockObject|ExpressionLanguage
|
* @var \PHPUnit\Framework\MockObject\MockObject|ExpressionLanguage
|
||||||
@ -45,6 +45,7 @@ class ExpressionLanguageSyntaxTest extends ConstraintValidatorTestCase
|
|||||||
|
|
||||||
$this->validator->validate($this->value, new ExpressionLanguageSyntax([
|
$this->validator->validate($this->value, new ExpressionLanguageSyntax([
|
||||||
'message' => 'myMessage',
|
'message' => 'myMessage',
|
||||||
|
'allowedVariables' => [],
|
||||||
]));
|
]));
|
||||||
|
|
||||||
$this->assertNoViolation();
|
$this->assertNoViolation();
|
||||||
@ -58,7 +59,6 @@ class ExpressionLanguageSyntaxTest extends ConstraintValidatorTestCase
|
|||||||
|
|
||||||
$this->validator->validate($this->value, new ExpressionLanguageSyntax([
|
$this->validator->validate($this->value, new ExpressionLanguageSyntax([
|
||||||
'message' => 'myMessage',
|
'message' => 'myMessage',
|
||||||
'validateNames' => false,
|
|
||||||
]));
|
]));
|
||||||
|
|
||||||
$this->assertNoViolation();
|
$this->assertNoViolation();
|
||||||
@ -73,6 +73,7 @@ class ExpressionLanguageSyntaxTest extends ConstraintValidatorTestCase
|
|||||||
|
|
||||||
$this->validator->validate($this->value, new ExpressionLanguageSyntax([
|
$this->validator->validate($this->value, new ExpressionLanguageSyntax([
|
||||||
'message' => 'myMessage',
|
'message' => 'myMessage',
|
||||||
|
'allowedVariables' => [],
|
||||||
]));
|
]));
|
||||||
|
|
||||||
$this->buildViolation('myMessage')
|
$this->buildViolation('myMessage')
|
Reference in New Issue
Block a user