Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit f21fb26

Browse files
ekoeko
committed
[Security] Fixed roles serialization on token from user object
1 parent 79e25a9 commit f21fb26

File tree

3 files changed

+16
-2
lines changed

3 files changed

+16
-2
lines changed

src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -150,7 +150,7 @@ public function serialize()
150150
array(
151151
is_object($this->user) ? clone $this->user : $this->user,
152152
$this->authenticated,
153-
$this->roles,
153+
array_map(function ($role) { return clone $role; }, $this->roles),
154154
$this->attributes,
155155
)
156156
);

src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -220,7 +220,7 @@ public function testAuthenticateWithPreservingRoleSwitchUserRole()
220220
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $authToken);
221221
$this->assertSame($user, $authToken->getUser());
222222
$this->assertContains(new Role('ROLE_FOO'), $authToken->getRoles(), '', false, false);
223-
$this->assertContains($switchUserRole, $authToken->getRoles());
223+
$this->assertContains($switchUserRole, $authToken->getRoles(), '', false, false);
224224
$this->assertEquals('foo', $authToken->getCredentials());
225225
$this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes');
226226
}

src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
1515
use Symfony\Component\Security\Core\Role\Role;
1616
use Symfony\Component\Security\Core\Role\SwitchUserRole;
17+
use Symfony\Component\Security\Core\User\User;
1718

1819
class TestUser
1920
{
@@ -96,6 +97,19 @@ public function testSerialize()
9697
$this->assertEquals($token->getAttributes(), $uToken->getAttributes());
9798
}
9899

100+
public function testSerializeWithRoleObjects()
101+
{
102+
$user = new User('name', 'password', array(new Role('ROLE_FOO'), new Role('ROLE_BAR')));
103+
$token = new ConcreteToken($user, $user->getRoles());
104+
105+
$serialized = serialize($token);
106+
$unserialized = unserialize($serialized);
107+
108+
$roles = $unserialized->getRoles();
109+
110+
$this->assertEquals($roles, $user->getRoles());
111+
}
112+
99113
public function testSerializeParent()
100114
{
101115
$user = new TestUser('fabien');

0 commit comments

Comments
 (0)