8000 Merge branch '4.4' into 5.0 · symfony/symfony@a92ffff · GitHub
[go: up one dir, main page]
Skip to content

Commit a92ffff

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '4.4' into 5.0
* 4.4: [HttpFoundation] Do not set the default Content-Type based on the Accept header [Security] Fix access_control behavior with unanimous decision strategy
2 parents 6b0ad43 + dca3434 commit a92ffff

File tree

8 files changed

+76
-16
lines changed

8 files changed

+76
-16
lines changed

src/Symfony/Component/ErrorHandler/ErrorRenderer/SerializerErrorRenderer.php

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\ErrorHandler\ErrorRenderer;
1313

1414
use Symfony\Component\ErrorHandler\Exception\FlattenException;
15+
use Symfony\Component\HttpFoundation\Request;
1516
use Symfony\Component\HttpFoundation\RequestStack;
1617
use Symfony\Component\Serializer\Exception\NotEncodableValueException;
1718
use Symfony\Component\Serializer\SerializerInterface;
@@ -30,6 +31,7 @@ class SerializerErrorRenderer implements ErrorRendererInterface
3031

3132
/**
3233
* @param string|callable(FlattenException) $format The format as a string or a callable that should return it
34 8000 +
* formats not supported by Request::getMimeTypes() should be given as mime types
3335
* @param bool|callable $debug The debugging mode as a boolean or a callable that should return it
3436
*/
3537
public function __construct(SerializerInterface $serializer, $format, ErrorRendererInterface $fallbackErrorRenderer = null, $debug = false)
@@ -57,11 +59,16 @@ public function render(\Throwable $exception): FlattenException
5759

5860
try {
5961
$format = \is_string($this->format) ? $this->format : ($this->format)($flattenException);
62+
$headers = [
63+
'Content-Type' => Request::getMimeTypes($format)[0] ?? $format,
64+
'Vary' => 'Accept',
65+
];
6066

6167
return $flattenException->setAsString($this->serializer->serialize($flattenException, $format, [
6268
'exception' => $exception,
6369
'debug' => \is_bool($this->debug) ? $this->debug : ($this->debug)($exception),
64-
]));
70+
]))
71+
->setHeaders($flattenException->getHeaders() + $headers);
6572
} catch (NotEncodableValueException $e) {
6673
return $this->fallbackErrorRenderer->render($exception);
6774
}

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1561,7 +1561,9 @@ public function isNoCache()
15611561
* Gets the preferred format for the response by inspecting, in the following order:
15621562
* * the request format set using setRequestFormat
15631563
* * the values of the Accept HTTP header
1564-
* * the content type of the body of the request.
1564+
*
1565+
* Note that if you use this method, you should send the "Vary: Accept" header
1566+
* in the response to prevent any issues with intermediary HTTP caches.
15651567
*/
15661568
public function getPreferredFormat(?string $default = 'html'): ?string
15671569
{

src/Symfony/Component/HttpFoundation/Response.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -266,7 +266,7 @@ public function prepare(Request $request)
266266
} else {
267267
// Content-type based on the Request
268268
if (!$headers->has('Content-Type')) {
269-
$format = $request->getPreferredFormat(null);
269+
$format = $request->getRequestFormat(null);
270270
if (null !== $format && $mimeType = $request->getMimeType($format)) {
271271
$headers->set('Content-Type', $mimeType);
272272
}

src/Symfony/Component/HttpFoundation/Tests/ResponseTest.php

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -497,12 +497,25 @@ public function testPrepareDoesNothingIfRequestFormatIsNotDefined()
497497
$this->assertEquals('text/html; charset=UTF-8', $response->headers->get('content-type'));
498498
}
499499

500+
/**
501+
* Same URL cannot produce different Content-Type based on the value of the Accept header,
502+
* unless explicitly stated in the response object.
503+
*/
504+
public function testPrepareDoesNotSetContentTypeBasedOnRequestAcceptHeader()
505+
{
506+
$response = new Response('foo');
507+
$request = Request::create('/');
508+
$request->headers->set('Accept', 'application/json');
509+
$response->prepare($request);
510+
511+
$this->assertSame('text/html; charset=UTF-8', $response->headers->get('content-type'));
512+
}
513+
500514
public function testPrepareSetContentType()
501515
{
502516
$response = new Response('foo');
503517
$request = Request::create('/');
504518
$request->setRequestFormat('json');
505-
$request->headers->remove('accept');
506519

507520
$response->prepare($request);
508521

src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -54,11 +54,16 @@ public function __construct(iterable $voters = [], string $strategy = self::STRA
5454
}
5555

5656
/**
57+
* @param bool $allowMultipleAttributes Whether to allow passing multiple values to the $attributes array
58+
*
5759
* {@inheritdoc}
5860
*/
59-
public function decide(TokenInterface $token, array $attributes, $object = null)
61+
public function decide(TokenInterface $token, array $attributes, $object = null/*, bool $allowMultipleAttributes = false*/)
6062
{
61-
if (\count($attributes) > 1) {
63+
$allowMultipleAttributes = 3 < func_num_args() && func_get_arg(3);
64+
65+
// Special case for AccessListener, do not remove the right side of the condition before 6.0
66+
if (\count($attributes) > 1 && !$allowMultipleAttributes) {
6267
throw new InvalidArgumentException(sprintf('Passing more than one Security attribute to "%s()" is not supported.', __METHOD__));
6368
}
6469

src/Symfony/Component/Security/Http/Firewall/AccessListener.php

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -85,15 +85,7 @@ public function authenticate(RequestEvent $event)
8585
$this->tokenStorage->setToken($token);
8686
}
8787

88-
$granted = false;
89-
foreach ($attributes as $key => $value) {
90-
if ($this->accessDecisionManager->decide($token, [$key => $value], $request)) {
91-
$granted = true;
92-
break;
93-
}
94-
}
95-
96-
if (!$granted) {
88+
if (!$this->accessDecisionManager->decide($token, $attributes, $request, true)) {
9789
$exception = new AccessDeniedException();
9890
$exception->setAttributes($attributes);
9991
$exception->setSubject($request);

src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
use Symfony\Component\HttpKernel\Event\RequestEvent;
1717
use Symfony\Component\HttpKernel\HttpKernelInterface;
1818
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
19+
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
1920
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
2021
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
2122
use Symfony\Component\Security\Http\AccessMapInterface;
@@ -227,4 +228,44 @@ public function testHandleWhenTheSecurityTokenStorageHasNoToken()
227228

228229
$listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MASTER_REQUEST));
229230
}
231+
232+
public function testHandleMWithultipleAttributesShouldBeHandledAsAnd()
233+
{
234+
$request = new Request();
235+
236+
$accessMap = $this->getMockBuilder('Symfony\Component\Security\Http\AccessMapInterface')->ge F42D tMock();
237+
$accessMap
238+
->expects($this->any())
239+
->method('getPatterns')
240+
->with($this->equalTo($request))
241+
->willReturn([['foo' => 'bar', 'bar' => 'baz'], null])
242+
;
243+
244+
$authenticatedToken = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
245+
$authenticatedToken
246+
->expects($this->any())
247+
->method('isAuthenticated')
248+
->willReturn(true)
249+
;
250+
251+
$tokenStorage = new TokenStorage();
252+
$tokenStorage->setToken($authenticatedToken);
253+
254+
$accessDecisionManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface')->getMock();
255+
$accessDecisionManager
256+
->expects($this->once())
257+
->method('decide')
258+
->with($this->equalTo($authenticatedToken), $this->equalTo(['foo' => 'bar', 'bar' => 'baz']), $this->equalTo($request), true)
259+
->willReturn(true)
260+
;
261+
262+
$listener = new AccessListener(
263+
$tokenStorage,
264+
$accessDecisionManager,
265+
$accessMap,
266+
$this->createMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')
267+
);
268+
269+
$listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MASTER_REQUEST));
270+
}
230271
}

src/Symfony/Component/Security/Http/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
],
1818
"require": {
1919
"php": "^7.2.5",
20-
"symfony/security-core": "^4.4|^5.0",
20+
"symfony/security-core": "^4.4.7|^5.0.7",
2121
"symfony/http-foundation": "^4.4.7|^5.0.7",
2222
"symfony/http-kernel": "^4.4|^5.0",
2323
"symfony/property-access": "^4.4|^5.0"

0 commit comments

Comments
 (0)
0