8000 Merge branch '5.0' · symfony/symfony@3987914 · GitHub
[go: up one dir, main page]
Skip to content

Commit 3987914

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '5.0'
* 5.0: [HttpFoundation] Do not set the default Content-Type based on the Accept header [Security] Fix access_control behavior with unanimous decision strategy
2 parents 8ea7c26 + a92ffff commit 3987914

File tree

8 files changed

+76
-16
lines changed

8 files changed

+76
-16
lines changed

src/Symfony/Component/ErrorHandler/ErrorRenderer/SerializerErrorRenderer.php

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\ErrorHandler\ErrorRenderer;
1313

1414
use Symfony\Component\ErrorHandler\Exception\FlattenException;
15+
use Symfony\Component\HttpFoundation\Request;
1516
use Symfony\Component\HttpFoundation\RequestStack;
1617
use Symfony\Component\Serializer\Exception\NotEncodableValueException;
1718
use Symfony\Component\Serializer\SerializerInterface;
@@ -30,6 +31,7 @@ class SerializerErrorRenderer implements ErrorRendererInterface
3031

3132
/**
3233
* @param string|callable(FlattenException) $format The format as a string or a callable that should return it
34+
* formats not supported by Request::getMimeTypes() should be given as mime types
3335
* @param bool|callable $debug The debugging mode as a boolean or a callable that should return it
3436
*/
3537
public function __construct(SerializerInterface $serializer, $format, ErrorRendererInterface $fallbackErrorRenderer = null, $debug = false)
@@ -64,11 +66,16 @@ public function render(\Throwable $exception): FlattenException
6466

6567
try {
6668
$format = \is_string($this->format) ? $this->format : ($this->format)($flattenException);
69+
$headers = [
70+
'Content-Type' => Request::getMimeTypes($format)[0] ?? $format,
71+
'Vary' => 'Accept',
72+
];
6773

6874
return $flattenException->setAsString($this->serializer->serialize($flattenException, $format, [
6975
'exception' => $exception,
7076
'debug' => $debug,
71-
]));
77+
]))
78+
->setHeaders($flattenException->getHeaders() + $headers);
7279
} catch (NotEncodableValueException $e) {
7380
return $this->fallbackErrorRenderer->render($exception);
7481
}

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1566,7 +1566,9 @@ public function isNoCache()
15661566
* Gets the preferred format for the response by inspecting, in the following order:
15671567
* * the request format set using setRequestFormat
15681568
* * the values of the Accept HTTP header
1569-
* * the content type of the body of the request.
1569+
*
1570+
* Note that if you use this method, you should send the "Vary: Accept" header
1571+
* in the response to prevent any issues with intermediary HTTP caches.
15701572
*/
15711573
public function getPreferredFormat(?string $default = 'html'): ?string
15721574
{

src/Symfony/Component/HttpFoundation/Response.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -270,7 +270,7 @@ public function prepare(Request $request)
270270
} else {
271271
// Content-type based on the Request
272272
if (!$headers->has('Content-Type')) {
273-
$format = $request->getPreferredFormat(null);
273+
$format = $request->getRequestFormat(null);
274274
if (null !== $format && $mimeType = $request->getMimeType($format)) {
275275
$headers->set('Content-Type', $mimeType);
276276
}

src/Symfony/Component/HttpFoundation/Tests/ResponseTest.php

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -500,12 +500,25 @@ public function testPrepareDoesNothingIfRequestFormatIsNotDefined()
500500
$this->assertEquals('text/html; charset=UTF-8', $response->headers->get('content-type'));
501501
}
502502

503+
/**
504+
* Same URL cannot produce different Content-Type based on the value of the Accept header,
505+
* unless explicitly stated in the response object.
506+
*/
507+
public function testPrepareDoesNotSetContentTypeBasedOnRequestAcceptHeader()
508+
{
509+
$response = new Response('foo');
510+
$request = Request::create('/');
511+
$request->headers->set('Accept', 'application/json');
512+
$response->prepare($request);
513+
514+
$this->assertSame('text/html; charset=UTF-8', $response->headers->get('content-type'));
515+
}
516+
503517
public function testPrepareSetContentType()
504518
{
505519
$response = new Response('foo');
506520
$request = Request::create('/');
507521
$request->setRequestFormat('json');
508-
$request->headers->remove('accept');
509522

510523
$response->prepare($request);
511524

src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -55,11 +55,16 @@ public function __construct(iterable $voters = [], string $strategy = self::STRA
5555
}
5656

5757
/**
58+
* @param bool $allowMultipleAttributes Whether to allow passing multiple values to the $attributes array
59+
*
5860
* {@inheritdoc}
5961
*/
60-
public function decide(TokenInterface $token, array $attributes, $object = null)
62+
public function decide(TokenInterface $token, array $attributes, $object = null/*, bool $allowMultipleAttributes = false*/)
6163
{
62-
if (\count($attributes) > 1) {
64+
$allowMultipleAttributes = 3 < func_num_args() && func_get_arg(3);
65+
66+
// Special case for AccessListener, do not remove the right side of the condition before 6.0
67+
if (\count($attributes) > 1 && !$allowMultipleAttributes) {
6368
throw new InvalidArgumentException(sprintf('Passing more than one Security attribute to "%s()" is not supported.', __METHOD__));
6469
}
6570

src/Symfony/Component/Security/Http/Firewall/AccessListener.php

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -85,15 +85,7 @@ public function authenticate(RequestEvent $event)
8585
$this->tokenStorage->setToken($token);
8686
}
8787

88-
$granted = false;
89-
foreach ($attributes as $key => $value) {
90-
if ($this->accessDecisionManager->decide($token, [$key => $value], $request)) {
91-
$granted = true;
92-
break;
93-
}
94-
}
95-
96-
if (!$granted) {
88+
if (!$this->accessDecisionManager->decide($token, $attributes, $request, true)) {
9789
$exception = new AccessDeniedException();
9890
$exception->setAttributes($attributes);
9991
$exception->setSubject($request);

src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
use Symfony\Component\HttpKernel\Event\RequestEvent;
1717
use Symfony\Component\HttpKernel\HttpKernelInterface;
1818
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
19+
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
1920
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
2021
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
2122
use Symfony\Component\Security\Http\AccessMapInterface;
@@ -227,4 +228,44 @@ public function testHandleWhenTheSecurityTokenStorageHasNoToken()
227228

228229
$listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MASTER_REQUEST));
229230
}
231+
232+
public function testHandleMWithultipleAttributesShouldBeHandledAsAnd()
233+
{
234+
$request = new Request();
235+
236+
$accessMap = $this->getMockBuilder('Symfony\Component\Security\Http\AccessMapInterface')->getMock();
237+
$accessMap
238+
->expects($this->any())
239+
->method('getPatterns')
240+
->with($this->equalTo($request))
241+
->willReturn([['foo' => 'bar', 'bar' => 'baz'], null])
242+
;
243+
244+
$authenticatedToken = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
245+
$authenticatedToken
246+
->expects($this->any())
247+
->method('isAuthenticated')
248+
->willReturn(true)
249+
;
250+
251+
$tokenStorage = new TokenStorage();
252+
$tokenStorage->setToken($authenticatedToken);
253+
254+
$accessDecisionManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface')->getMock();
255+
$accessDecisionManager
256+
->expects($this->once())
257+
->method('decide')
258+
->with($this->equalTo($authenticatedToken), $this->equalTo(['foo' => 'bar', 'bar' => 'baz']), $this->equalTo($request), true)
259+
->willReturn(true)
260+
;
261+
262+
$listener = new AccessListener(
263+
$tokenStorage,
264+
$accessDecisionManager,
265+
$accessMap,
266+
$this->createMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')
267+
);
268+
269+
$listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MASTER_REQUEST));
270+
}
230271
}

src/Symfony/Component/Security/Http/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
],
1818
"require": {
1919
"php": "^7.2.5",
20-
"symfony/security-core": "^4.4|^5.0",
20+
"symfony/security-core": "^4.4.7|^5.0.7",
2121
"symfony/http-foundation": "^4.4.7|^5.0.7",
2222
"symfony/http-kernel": "^4.4|^5.0",
2323
"symfony/polyfill-php80": "^1.15",

0 commit comments

Comments
 (0)
0