merged branch denderello/strategy-validation (PR #8710)

This PR was merged into the master branch.

Discussion
----------

[Security] Added a check for strategies in AccessDecisionManager

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #8646
| License       | MIT

Commits
-------

ee36380 [Security] Added a check for strategies in AccessDecisionManager

src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php

@@ -43,8 +43,13 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
             throw new \InvalidArgumentException('You must at least add one voter.');
         }
 
+        $strategyMethod = 'decide'.ucfirst($strategy);
+        if (!is_callable(array($this, $strategyMethod))) {
+            throw new \InvalidArgumentException(sprintf('The strategy "%s" is not supported.', $strategy));
+        }
+
         $this->voters = $voters;
-        $this->strategy = 'decide'.ucfirst($strategy);
+        $this->strategy = $strategyMethod;
         $this->allowIfAllAbstainDecisions = (Boolean) $allowIfAllAbstainDecisions;
         $this->allowIfEqualGrantedDeniedDecisions = (Boolean) $allowIfEqualGrantedDeniedDecisions;
     }

src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php

@@ -54,6 +54,14 @@ class AccessDecisionManagerTest extends \PHPUnit_Framework_TestCase
         $manager = new AccessDecisionManager(array());
     }
 
+    /**
+     * @expectedException \InvalidArgumentException
+     */
+    public function testSetUnsupportedStrategy()
+    {
+        new AccessDecisionManager(array($this->getVoter(VoterInterface::ACCESS_GRANTED)), 'fooBar');
+    }
+
     /**
      * @dataProvider getStrategyTests
      */