[Security] Fixed roles serialization on token from user object

eko · eko · commit 69a588fb2ed0 · 2016-08-29T20:46:42.000+02:00
diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
@@ -46,7 +46,7 @@ public function __construct(array $roles = array())
                 throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role)));
             }
 
-            $this->roles[] = $role;
+            $this->roles[] = clone $role;
         }
     }
 
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
@@ -14,6 +14,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
 use Symfony\Component\Security\Core\Role\Role;
 use Symfony\Component\Security\Core\Role\SwitchUserRole;
+use Symfony\Component\Security\Core\User\User;
 
 class TestUser
 {
@@ -96,6 +97,19 @@ public function testSerialize()
         $this->assertEquals($token->getAttributes(), $uToken->getAttributes());
     }
 
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new ConcreteToken($user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($roles, $user->getRoles());
+    }
+
     public function testSerializeParent()
     {
         $user = new TestUser('fabien');
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AnonymousTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/AnonymousTokenTest.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class AnonymousTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -42,4 +43,34 @@ public function testGetUser()
         $token = new AnonymousToken('foo', 'bar');
         $this->assertEquals('bar', $token->getUser());
     }
+
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new AnonymousToken('secret', $user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new AnonymousToken('secret', $user, $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
 }
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/PreAuthenticatedTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/PreAuthenticatedTokenTest.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class PreAuthenticatedTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -45,4 +46,34 @@ public function testEraseCredentials()
         $token->eraseCredentials();
         $this->assertEquals('', $token->getCredentials());
     }
+
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new PreAuthenticatedToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new PreAuthenticatedToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
 }
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememberMeTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememberMeTokenTest.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class RememberMeTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -52,6 +53,36 @@ public function testConstructorKeyCannotBeEmptyString()
         );
     }
 
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new RememberMeToken($user, 'password', 'providerKey');
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new RememberMeToken($user, 'password', 'providerKey');
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
+
     protected function getUser($roles = array('ROLE_FOO'))
     {
         $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Token/UsernamePasswordTokenTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Token/UsernamePasswordTokenTest.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Security\Core\User\User;
 
 class UsernamePasswordTokenTest extends \PHPUnit_Framework_TestCase
 {
@@ -50,6 +51,36 @@ public function testEraseCredentials()
         $this->assertEquals('', $token->getCredentials());
     }
 
+    public function testSerialize()
+    {
+        $user = new User('name', 'password', array('ROLE_FOO'));
+        $token = new UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertCount(1, $roles);
+
+        $role = $roles[0];
+        $this->assertInstanceOf('Symfony\Component\Security\Core\Role\RoleInterface', $role);
+        $this->assertEquals('ROLE_FOO', $role->getRole());
+    }
+
+    public function testSerializeWithRoleObjects()
+    {
+        $user = new User('name', 'password', array(new Role('ROLE_FOO')));
+        $token = new UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
+
+        $serialized = serialize($token);
+        $unserialized = unserialize($serialized);
+
+        $roles = $unserialized->getRoles();
+
+        $this->assertEquals($user->getRoles(), $roles);
+    }
+
     public function testToString()
     {
         $token = new UsernamePasswordToken('foo', '', 'foo', array('A', 'B'));

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ public function __construct(array $roles = array())`
`46`	`46`	`throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role)));`
`47`	`47`	`}`
`48`	`48`
`49`		`- $this->roles[] = $role;`
	`49`	`+ $this->roles[] = clone $role;`
`50`	`50`	`}`
`51`	`51`	`}`
`52`	`52`