[Security] Add setVoters() on AccessDecisionManager

nicolas-grekas · nicolas-grekas · commit ce36374ada98 · 2015-05-23T11:58:34.000-07:00
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSecurityVotersPass.php
@@ -14,6 +14,7 @@
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
+use Symfony\Component\DependencyInjection\Exception\LogicException;
 
 /**
  * Adds all configured security voters to the access decision manager.
@@ -40,6 +41,10 @@ public function process(ContainerBuilder $container)
         $voters = iterator_to_array($voters);
         ksort($voters);
 
-        $container->getDefinition('security.access.decision_manager')->replaceArgument(0, array_values($voters));
+        if (!$voters) {
+            throw new LogicException('No security voters found. You need to tag at least one with "security.voter"');
+        }
+
+        $container->getDefinition('security.access.decision_manager')->addMethodCall('setVoters',  array(array_values($voters)));
     }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
@@ -103,9 +103,7 @@
         </service>
 
         <!-- Authorization related services -->
-        <service id="security.access.decision_manager" class="%security.access.decision_manager.class%" public="false">
-            <argument type="collection" />
-        </service>
+        <service id="security.access.decision_manager" class="%security.access.decision_manager.class%" public="false" />
 
         <service id="security.role_hierarchy" class="%security.role_hierarchy.class%" public="false">
             <argument>%security.role_hierarchy.roles%</argument>
diff --git a/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php b/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
@@ -41,12 +41,8 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
      *
      * @throws \InvalidArgumentException
      */
-    public function __construct(array $voters, $strategy = self::STRATEGY_AFFIRMATIVE, $allowIfAllAbstainDecisions = false, $allowIfEqualGrantedDeniedDecisions = true)
+    public function __construct(array $voters = array(), $strategy = self::STRATEGY_AFFIRMATIVE, $allowIfAllAbstainDecisions = false, $allowIfEqualGrantedDeniedDecisions = true)
     {
-        if (!$voters) {
-            throw new \InvalidArgumentException('You must at least add one voter.');
-        }
-
         $strategyMethod = 'decide'.ucfirst($strategy);
         if (!is_callable(array($this, $strategyMethod))) {
             throw new \InvalidArgumentException(sprintf('The strategy "%s" is not supported.', $strategy));
@@ -58,6 +54,16 @@ public function __construct(array $voters, $strategy = self::STRATEGY_AFFIRMATIV
         $this->allowIfEqualGrantedDeniedDecisions = (bool) $allowIfEqualGrantedDeniedDecisions;
     }
 
+    /**
+     * Configures the voters.
+     *
+     * @param VoterInterface[] $voters An array of VoterInterface instances
+     */
+    public function setVoters(array $voters)
+    {
+        $this->voters = $voters;
+    }
+
     /**
      * {@inheritdoc}
      */
diff --git a/src/Symfony/Component/Security/Core/Tests/Authorization/AccessDecisionManagerTest.php b/src/Symfony/Component/Security/Core/Tests/Authorization/AccessDecisionManagerTest.php
@@ -46,14 +46,6 @@ public function testSupportsAttribute()
         $this->assertFalse($manager->supportsAttribute('foo'));
     }
 
-    /**
-     * @expectedException \InvalidArgumentException
-     */
-    public function testSetVotersEmpty()
-    {
-        $manager = new AccessDecisionManager(array());
-    }
-
     /**
      * @expectedException \InvalidArgumentException
      */
