[Security] Added a check for strategies in AccessDecisionManager

2013-08-09 15:30:49 +00:00 · 2013-08-09 15:30:49 +00:00 · ee36380524
commit ee36380524
parent 43e066f7ab
2 changed files with 14 additions and 1 deletions
--- a/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
+++ b/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
@ -43,8 +43,13 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
            throw new \InvalidArgumentException('You must at least add one voter.');
        }

+        $strategyMethod = 'decide'.ucfirst($strategy);
+        if (!is_callable(array($this, $strategyMethod))) {
+            throw new \InvalidArgumentException(sprintf('The strategy "%s" is not supported.', $strategy));
+        }
+
        $this->voters = $voters;
-        $this->strategy = 'decide'.ucfirst($strategy);
+        $this->strategy = $strategyMethod;
        $this->allowIfAllAbstainDecisions = (Boolean) $allowIfAllAbstainDecisions;
        $this->allowIfEqualGrantedDeniedDecisions = (Boolean) $allowIfEqualGrantedDeniedDecisions;
    }
--- a/src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php
+++ b/src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php
@ -54,6 +54,14 @@ class AccessDecisionManagerTest extends \PHPUnit_Framework_TestCase
        $manager = new AccessDecisionManager(array());
    }

+    /**
+     * @expectedException \InvalidArgumentException
+     */
+    public function testSetUnsupportedStrategy()
+    {
+        new AccessDecisionManager(array($this->getVoter(VoterInterface::ACCESS_GRANTED)), 'fooBar');
+    }
+
    /**
     * @dataProvider getStrategyTests
     */