diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php index bf828ed22aa0e..fa4f6d557009e 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php @@ -163,7 +163,9 @@ private function addAccessControlSection(ArrayNodeDefinition $rootNode) ->prototype('array') ->fixXmlConfig('ip') ->fixXmlConfig('method') + ->fixXmlConfig('role') ->children() + ->scalarNode('matcher')->defaultNull()->end() ->scalarNode('requires_channel')->defaultNull()->end() ->scalarNode('path') ->defaultNull() @@ -180,9 +182,6 @@ private function addAccessControlSection(ArrayNodeDefinition $rootNode) ->prototype('scalar')->end() ->end() ->scalarNode('allow_if')->defaultNull()->end() - ->end() - ->fixXmlConfig('role') - ->children() ->arrayNode('roles') ->beforeNormalization()->ifString()->then(function ($v) { return preg_split('/\s*,\s*/', $v); })->end() ->prototype('scalar')->end() diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php index 4398a2a36d433..e191e71235feb 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php @@ -195,13 +195,11 @@ private function createAuthorization($config, ContainerBuilder $container) )); foreach ($config['access_control'] as $access) { - $matcher = $this->createRequestMatcher( - $container, - $access['path'], - $access['host'], - $access['methods'], - $access['ips'] - ); + if (null !== $access['matcher']) { + $matcher = new Reference($access['matcher']); + } else { + $matcher = $this->createRequestMatcher($container, $access['path'], $access['host'], $access['methods'], $access['ips']); + } $attributes = $access['roles']; if ($access['allow_if']) { diff --git a/src/Symfony/Component/HttpFoundation/ChainRequestMatcher.php b/src/Symfony/Component/HttpFoundation/ChainRequestMatcher.php new file mode 100644 index 0000000000000..e64a9e4c4a34f --- /dev/null +++ b/src/Symfony/Component/HttpFoundation/ChainRequestMatcher.php @@ -0,0 +1,42 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\HttpFoundation; + +/** + * @author Roland Franssen + */ +class ChainRequestMatcher implements RequestMatcherInterface +{ + private $matchers; + + /** + * @param RequestMatcherInterface[] $matchers + */ + public function __construct(array $matchers) + { + $this->matchers = $matchers; + } + + /** + * {@inheritdoc} + */ + public function matches(Request $request) + { + foreach ($this->matchers as $matcher) { + if (!$matcher->matches($request)) { + return false; + } + } + + return true; + } +}