diff --git a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php index 6831e94d04..508d98b52f 100644 --- a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php +++ b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php @@ -12,6 +12,7 @@ namespace Symfony\Bundle\SecurityBundle\DataCollector; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Role\Role; use Symfony\Component\Security\Core\Role\RoleHierarchyInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; @@ -110,6 +111,14 @@ class SecurityDataCollector extends DataCollector implements LateDataCollectorIn // fail silently when the logout URL cannot be generated } + $extractRoles = function ($role) { + if (!$role instanceof RoleInterface && !$role instanceof Role) { + throw new \InvalidArgumentException(sprintf('Roles must be instances of %s or %s (%s given).', RoleInterface::class, Role::class, is_object($role) ? get_class($role) : gettype($role))); + } + + return $role->getRole(); + }; + $this->data = array( 'enabled' => true, 'authenticated' => $token->isAuthenticated(), @@ -117,8 +126,8 @@ class SecurityDataCollector extends DataCollector implements LateDataCollectorIn 'token_class' => $this->hasVarDumper ? new ClassStub(get_class($token)) : get_class($token), 'logout_url' => $logoutUrl, 'user' => $token->getUsername(), - 'roles' => array_map(function (RoleInterface $role) { return $role->getRole(); }, $assignedRoles), - 'inherited_roles' => array_map(function (RoleInterface $role) { return $role->getRole(); }, $inheritedRoles), + 'roles' => array_map($extractRoles, $assignedRoles), + 'inherited_roles' => array_map($extractRoles, $inheritedRoles), 'supports_role_hierarchy' => null !== $this->roleHierarchy, ); }