From dfa7f5020e1274870ee815bb536d37b0e61d8046 Mon Sep 17 00:00:00 2001 From: Vincent Composieux Date: Mon, 29 Aug 2016 20:28:05 +0200 Subject: [PATCH] [Security] Fixed roles serialization on token from user object --- .../Core/Authentication/Token/AbstractToken.php | 2 +- .../Provider/UserAuthenticationProviderTest.php | 2 +- .../Authentication/Token/AbstractTokenTest.php | 16 +++++++++++++++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php index 7538648b13..48a4e52a48 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php @@ -150,7 +150,7 @@ abstract class AbstractToken implements TokenInterface array( is_object($this->user) ? clone $this->user : $this->user, $this->authenticated, - $this->roles, + array_map(function ($role) { return clone $role; }, $this->roles), $this->attributes, ) ); diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php index 05030543e6..6b6a661516 100644 --- a/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php +++ b/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php @@ -220,7 +220,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $authToken); $this->assertSame($user, $authToken->getUser()); $this->assertContains(new Role('ROLE_FOO'), $authToken->getRoles(), '', false, false); - $this->assertContains($switchUserRole, $authToken->getRoles()); + $this->assertContains($switchUserRole, $authToken->getRoles(), '', false, false); $this->assertEquals('foo', $authToken->getCredentials()); $this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes'); } diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php index 1a786d7c45..2eff28e009 100644 --- a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php +++ b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php @@ -14,6 +14,7 @@ namespace Symfony\Component\Security\Core\Tests\Authentication\Token; use Symfony\Component\Security\Core\Authentication\Token\AbstractToken; use Symfony\Component\Security\Core\Role\Role; use Symfony\Component\Security\Core\Role\SwitchUserRole; +use Symfony\Component\Security\Core\User\User; class TestUser { @@ -87,7 +88,7 @@ class AbstractTokenTest extends \PHPUnit_Framework_TestCase public function testSerialize() { - $token = $this->getToken(array('ROLE_FOO')); + $token = $this->getToken(array('ROLE_FOO', new Role('ROLE_BAR'))); $token->setAttributes(array('foo' => 'bar')); $uToken = unserialize(serialize($token)); @@ -96,6 +97,19 @@ class AbstractTokenTest extends \PHPUnit_Framework_TestCase $this->assertEquals($token->getAttributes(), $uToken->getAttributes()); } + public function testSerializeWithRoleObjects() + { + $user = new User('name', 'password', array(new Role('ROLE_FOO'), new Role('ROLE_BAR'))); + $token = new ConcreteToken($user, $user->getRoles()); + + $serialized = serialize($token); + $unserialized = unserialize($serialized); + + $roles = $unserialized->getRoles(); + + $this->assertEquals($roles, $user->getRoles()); + } + public function testSerializeParent() { $user = new TestUser('fabien');