8000 bug #44805 [Security] fix unserializing session payloads from v4 (nic… · symfony/symfony@f075ce8 · GitHub
[go: up one dir, main page]
Skip to content

Commit f075ce8

Browse files
nicolas-grekasnicolas-grekas
committed
bug #44805 [Security] fix unserializing session payloads from v4 (nicolas-grekas)
This PR was merged into the 5.3 branch. Discussion ---------- [Security] fix unserializing session payloads from v4 | Q | A | ------------- | --- | Branch? | 5.3 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #44676 | License | MIT | Doc PR | - Replaces #44801 I propose to reintroduce these classes to ease transitioning to v5, then removing them in v6. Commits ------- d9e1e82 [Security] fix unserializing session payloads from v4
2 parents 6a5db15 + d9e1e82 commit f075ce8

File tree

3 files changed

+82
-0
lines changed

3 files changed

+82
-0
lines changed

src/Symfony/Component/Security/Core/Role/Role.php

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Core\Role;
13+
14+
/**
15+
* Allows migrating session payloads from v4.
16+
*
17+
* @internal
18+
*/
19+
class Role
20+
{
21+
private $role;
22+
23+
private function __construct()
24+
{
25+
}
26+
27+
public function __toString(): string
28+
{
29+
return $this->role;
30+
}
31+
}

src/Symfony/Component/Security/Core/Role/SwitchUserRole.php

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Core\Role;
13+
14+
/**
15+
* Allows migrating session payloads from v4.
16+
*
17+
* @internal
18+
*/
19+
class SwitchUserRole extends Role
20+
{
21+
private $deprecationTriggered;
22+
private $source;
23+
}

src/Symfony/Component/Security/Core/Tests/Role/LegacyRoleTest.php

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Core\Tests\Role;
13+
14+
use PHPUnit\Framework\TestCase;
15+
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
16+
17+
class LegacyRoleTest extends TestCase
18+
{
19+
public function testPayloadFromV4CanBeUnserialized()
20+
{
21+
$serialized = 'C:74:"Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken":236:{a:3:{i:0;N;i:1;s:4:"main";i:2;a:5:{i:0;s:2:"sf";i:1;b:1;i:2;a:1:{i:0;O:41:"Symfony\Component\Security\Core\Role\Role":1:{s:47:"Symfony\Component\Security\Core\Role\Role'."\0".'role'."\0".'";s:9:"ROLE_USER";}}i:3;a:0:{}i:4;a:1:{i:0;s:9:"ROLE_USER";}}}}';
22+
23+
$token = unserialize($serialized);
24+
25+
$this->assertInstanceOf(UsernamePasswordToken::class, $token);
26+
$this->assertSame(['ROLE_USER'], $token->getRoleNames());
27+
}
28+
}

0 commit comments

Comments
 (0)
0