[SecurityBundle] Fix disabling of RoleHierarchyVoter when passing empty hierarchy
This commit is contained in:
parent
5486c689cf
commit
96afff6a05
@ -168,7 +168,7 @@ class SecurityExtension extends Extension
|
||||
*/
|
||||
private function createRoleHierarchy($config, ContainerBuilder $container)
|
||||
{
|
||||
if (!isset($config['role_hierarchy'])) {
|
||||
if (!isset($config['role_hierarchy']) || 0 === count($config['role_hierarchy'])) {
|
||||
$container->removeDefinition('security.access.role_hierarchy_voter');
|
||||
|
||||
return;
|
||||
|
@ -94,6 +94,33 @@ class SecurityExtensionTest extends \PHPUnit_Framework_TestCase
|
||||
$container->compile();
|
||||
}
|
||||
|
||||
public function testDisableRoleHierarchyVoter()
|
||||
{
|
||||
$container = $this->getRawContainer();
|
||||
|
||||
$container->loadFromExtension('security', array(
|
||||
'providers' => array(
|
||||
'default' => array('id' => 'foo'),
|
||||
),
|
||||
|
||||
'role_hierarchy' => null,
|
||||
|
||||
'firewalls' => array(
|
||||
'some_firewall' => array(
|
||||
'pattern' => '/.*',
|
||||
'http_basic' => null,
|
||||
),
|
||||
),
|
||||
));
|
||||
|
||||
$container->compile();
|
||||
|
||||
$admDefinition = $container->getDefinition('security.access.decision_manager');
|
||||
$registeredVoters = array_map('strval', $admDefinition->getArgument(0));
|
||||
|
||||
$this->assertNotContains('security.access.role_hierarchy_voter', $registeredVoters);
|
||||
}
|
||||
|
||||
protected function getRawContainer()
|
||||
{
|
||||
$container = new ContainerBuilder();
|
||||
|
@ -33,4 +33,19 @@ class RoleHierarchyVoterTest extends RoleVoterTest
|
||||
array(array('ROLE_FOO'), array('ROLE_FOOBAR'), VoterInterface::ACCESS_GRANTED),
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider getVoteWithEmptyHierarchyTests
|
||||
*/
|
||||
public function testVoteWithEmptyHierarchy($roles, $attributes, $expected)
|
||||
{
|
||||
$voter = new RoleHierarchyVoter(new RoleHierarchy(array()));
|
||||
|
||||
$this->assertSame($expected, $voter->vote($this->getToken($roles), null, $attributes));
|
||||
}
|
||||
|
||||
public function getVoteWithEmptyHierarchyTests()
|
||||
{
|
||||
return parent::getVoteTests();
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user