pull-request reworks

- moved message from the general changelog to the security component's changelog - restored exception attributes that were mistakenly removed
symfony · jwmickey · Nov 21, 2017 · Nov 25, 2017 · Nov 26, 2017 · Dec 13, 2017
commit 730fd827145d0d40c9050a14852c166aa698b1fe
diff --git a/CHANGELOG-4.0.md b/CHANGELOG-4.0.md
@@ -1,8 +1,6 @@
 CHANGELOG for 4.0.x
 ===================
 
-* feature #25091 [Security] Add target user to SwitchUserListener (jwmickey)
-
 This changelog references the relevant changes (bug and security fixes) done
 in 4.0 minor versions.
 

diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md
@@ -18,6 +18,7 @@ CHANGELOG
  * removed HTTP digest authentication
  * removed `GuardAuthenticatorInterface` in favor of `AuthenticatorInterface`
  * removed `AbstractGuardAuthenticator::supports()`
+ * added target user to `SwitchUserListener`
 
 3.4.0
 -----

diff --git a/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php b/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
@@ -130,7 +130,9 @@ private function attemptSwitchUser(Request $request, $username)
         $user = $this->provider->loadUserByUsername($username);
 
         if (false === $this->accessDecisionManager->decide($token, array($this->role), $user)) {
-            throw new AccessDeniedException();
+            $exception = new AccessDeniedException();
+            $exception->setAttributes($this->role);
+            throw $exception;
         }
 
         if (null !== $thi
4187
s->logger) {