bug #28793 [SecurityBundle] do not override custom access decision configs (xabbuh)
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] do not override custom access decision configs
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28766
| License | MIT
| Doc PR |
Commits
-------
7743146e55
do not override custom access decision configs
This commit is contained in:
commit
60f6e918c7
@ -66,9 +66,7 @@ class MainConfiguration implements ConfigurationInterface
|
|||||||
return false;
|
return false;
|
||||||
})
|
})
|
||||||
->then(function ($v) {
|
->then(function ($v) {
|
||||||
$v['access_decision_manager'] = array(
|
$v['access_decision_manager']['strategy'] = AccessDecisionManager::STRATEGY_AFFIRMATIVE;
|
||||||
'strategy' => AccessDecisionManager::STRATEGY_AFFIRMATIVE,
|
|
||||||
);
|
|
||||||
|
|
||||||
return $v;
|
return $v;
|
||||||
})
|
})
|
||||||
|
@ -555,11 +555,22 @@ abstract class CompleteConfigurationTest extends TestCase
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
|
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
|
||||||
* @expectedExceptionMessage "strategy" and "service" cannot be used together.
|
* @expectedExceptionMessage Invalid configuration for path "security.access_decision_manager": "strategy" and "service" cannot be used together.
|
||||||
*/
|
*/
|
||||||
public function testAccessDecisionManagerServiceAndStrategyCannotBeUsedAtTheSameTime()
|
public function testAccessDecisionManagerServiceAndStrategyCannotBeUsedAtTheSameTime()
|
||||||
{
|
{
|
||||||
$container = $this->getContainer('access_decision_manager_service_and_strategy');
|
$this->getContainer('access_decision_manager_service_and_strategy');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testAccessDecisionManagerOptionsAreNotOverriddenByImplicitStrategy()
|
||||||
|
{
|
||||||
|
$container = $this->getContainer('access_decision_manager_customized_config');
|
||||||
|
|
||||||
|
$accessDecisionManagerDefinition = $container->getDefinition('security.access.decision_manager');
|
||||||
|
|
||||||
|
$this->assertSame(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $accessDecisionManagerDefinition->getArgument(1));
|
||||||
|
$this->assertTrue($accessDecisionManagerDefinition->getArgument(2));
|
||||||
|
$this->assertFalse($accessDecisionManagerDefinition->getArgument(3));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -0,0 +1,20 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
$container->loadFromExtension('security', array(
|
||||||
|
'access_decision_manager' => array(
|
||||||
|
'allow_if_all_abstain' => true,
|
||||||
|
'allow_if_equal_granted_denied' => false,
|
||||||
|
),
|
||||||
|
'providers' => array(
|
||||||
|
'default' => array(
|
||||||
|
'memory' => array(
|
||||||
|
'users' => array(
|
||||||
|
'foo' => array('password' => 'foo', 'roles' => 'ROLE_USER'),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'firewalls' => array(
|
||||||
|
'simple' => array('pattern' => '/login', 'security' => false),
|
||||||
|
),
|
||||||
|
));
|
@ -0,0 +1,18 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<srv:container xmlns="http://symfony.com/schema/dic/security"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xmlns:srv="http://symfony.com/schema/dic/services"
|
||||||
|
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
|
||||||
|
|
||||||
|
<config>
|
||||||
|
<access-decision-manager allow-if-all-abstain="true" allow-if-equal-granted-denied="false" />
|
||||||
|
|
||||||
|
<provider name="default">
|
||||||
|
<memory>
|
||||||
|
<user name="foo" password="foo" roles="ROLE_USER" />
|
||||||
|
</memory>
|
||||||
|
</provider>
|
||||||
|
|
||||||
|
<firewall name="simple" pattern="/login" security="false" />
|
||||||
|
</config>
|
||||||
|
</srv:container>
|
@ -0,0 +1,11 @@
|
|||||||
|
security:
|
||||||
|
access_decision_manager:
|
||||||
|
allow_if_all_abstain: true
|
||||||
|
allow_if_equal_granted_denied: false
|
||||||
|
providers:
|
||||||
|
default:
|
||||||
|
memory:
|
||||||
|
users:
|
||||||
|
foo: { password: foo, roles: ROLE_USER }
|
||||||
|
firewalls:
|
||||||
|
simple: { pattern: /login, security: false }
|
Reference in New Issue
Block a user