[Security] fixed session creation when none is needed (closes #6917)
This commit is contained in:
Fabien Potencier
parent
04cb480e30
commit
8ca00c598c
@ -70,7 +70,6 @@ class ContextListener implements ListenerInterface
|
||||
}
|
||||
|
||||
$request = $event->getRequest();
|
||||
|
||||
$session = $request->hasPreviousSession() ? $request->getSession() : null;
|
||||
|
||||
if (null === $session || null === $token = $session->get('_security_'.$this->contextKey)) {
|
||||
@ -117,7 +116,10 @@ class ContextListener implements ListenerInterface
|
||||
$this->logger->debug('Write SecurityContext in the session');
|
||||
}
|
||||
|
||||
if (null === $session = $event->getRequest()->getSession()) {
|
||||
$request = $event->getRequest();
|
||||
$session = $request->hasPreviousSession() ? $request->getSession() : null;
|
||||
|
||||
if (null === $session) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@ -82,17 +82,11 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase
|
||||
$this->assertFalse($session->has('_security_session'));
|
||||
}
|
||||
|
||||
protected function runSessionOnKernelResponse($newToken, $original = null)
|
||||
public function testOnKernelResponseWithoutSession()
|
||||
{
|
||||
$session = new Session(new MockArraySessionStorage());
|
||||
|
||||
if ($original !== null) {
|
||||
$session->set('_security_session', $original);
|
||||
}
|
||||
|
||||
$this->securityContext->setToken($newToken);
|
||||
|
||||
$this->securityContext->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit'));
|
||||
$request = new Request();
|
||||
$session = new Session(new MockArraySessionStorage());
|
||||
$request->setSession($session);
|
||||
|
||||
$event = new FilterResponseEvent(
|
||||
@ -105,25 +99,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase
|
||||
$listener = new ContextListener($this->securityContext, array(), 'session');
|
||||
$listener->onKernelResponse($event);
|
||||
|
||||
return $session;
|
||||
}
|
||||
|
||||
public function testOnKernelResponseWithoutSession()
|
||||
{
|
||||
$this->securityContext->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit'));
|
||||
$request = new Request();
|
||||
|
||||
$event = new FilterResponseEvent(
|
||||
$this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'),
|
||||
$request,
|
||||
HttpKernelInterface::MASTER_REQUEST,
|
||||
new Response()
|
||||
);
|
||||
|
||||
$listener = new ContextListener($this->securityContext, array(), 'session');
|
||||
$listener->onKernelResponse($event);
|
||||
|
||||
$this->assertFalse($request->hasSession());
|
||||
$this->assertFalse($session->isStarted());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -168,4 +144,30 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase
|
||||
array(null),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
protected function runSessionOnKernelResponse($newToken, $original = null)
|
||||
{
|
||||
$session = new Session(new MockArraySessionStorage());
|
||||
|
||||
if ($original !== null) {
|
||||
$session->set('_security_session', $original);
|
||||
}
|
||||
|
||||
$this->securityContext->setToken($newToken);
|
||||
|
||||
$request = new Request();
|
||||
$request->setSession($session);
|
||||
$request->cookies->set('MOCKSESSID', true);
|
||||
|
||||
$event = new FilterResponseEvent(
|
||||
$this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'),
|
||||
$request,
|
||||
HttpKernelInterface::MASTER_REQUEST,
|
||||
new Response()
|
||||
);
|
||||
|
||||
$listener = new ContextListener($this->securityContext, array(), 'session');
|
||||
$listener->onKernelResponse($event);
|
||||
|
||||
return $session;
|
||||
}}
|
||||
|
||||
Reference in New Issue
Block a user