Skip to content

Commit f335537

Browse files
GromNaNGromNaN
committed
Validate that _firewall_context attribute is in the map keys
1 parent 61c6340 commit f335537

File tree

2 files changed

+29
-4
lines changed

2 files changed

+29
-4
lines changed

src/Symfony/Bundle/SecurityBundle/Security/FirewallMap.php

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Bundle\SecurityBundle\Security;
1313

1414
use Psr\Container\ContainerInterface;
15+
use Symfony\Bundle\SecurityBundle\Security\FirewallContext
1516
use Symfony\Component\Security\Http\FirewallMapInterface;
1617
use Symfony\Component\HttpFoundation\Request;
1718

@@ -140,14 +141,19 @@ public function getFirewallConfig(Request $request)
140141
}
141142

142143
/**
143-
* @param Request $request
144-
*
145-
* @return \Symfony\Bundle\SecurityBundle\Security\FirewallContext
144+
* @return FirewallContext
146145
*/
147146
private function getFirewallContext(Request $request)
148147
{
149148
if ($request->attributes->has('_firewall_context')) {
150-
return $this->container->get($request->attributes->get('_firewall_context'));
149+
$storedContextId = $request->attributes->get('_firewall_context');
150+
foreach ($this->map as $contextId => $requestMatcher) {
151+
if ($contextId === $storedContextId) {
152+
return $this->container->get($contextId);
153+
}
154+
}
155+
156+
$request->attributes->remove('_firewall_context');
151157
}
152158

153159
foreach ($this->map as $contextId => $requestMatcher) {

src/Symfony/Bundle/SecurityBundle/Tests/Security/FirewallMapTest.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@
2020

2121
class FirewallMapTest extends TestCase
2222
{
23+
const ATTRIBUTE_FIREWALL_CONTEXT = '_firewall_context';
24+
2325
public function testGetListenersWithEmptyMap()
2426
{
2527
$request = new Request();
@@ -31,8 +33,24 @@ public function testGetListenersWithEmptyMap()
3133
$firewallMap = new FirewallMap($container, $map);
3234

3335
$this->assertEquals(array(array(), null), $firewallMap->getListeners($request));
36+
$this->assertNull($firewallMap->getFirewallConfig($request));
37+
$this->assertFalse($request->attributes->has(self::ATTRIBUTE_FIREWALL_CONTEXT));
38+
}
3439

40+
public function testGetListenersWithInvalidParameter()
41+
{
42+
$request = new Request();
43+
$request->attributes->set(self::ATTRIBUTE_FIREWALL_CONTEXT, 'foo');
44+
45+
$map = array();
46+
$container = $this->getMockBuilder(Container::class)->getMock();
47+
$container->expects($this->never())->method('get');
48+
49+
$firewallMap = new FirewallMap($container, $map);
50+
51+
$this->assertEquals(array(array(), null), $firewallMap->getListeners($request));
3552
$this->assertNull($firewallMap->getFirewallConfig($request));
53+
$this->assertFalse($request->attributes->has(self::ATTRIBUTE_FIREWALL_CONTEXT));
3654
}
3755

3856
public function testGetListeners()
@@ -57,5 +75,6 @@ public function testGetListeners()
5775

5876
$this->assertEquals(array('LISTENERS', 'EXCEPTION LISTENER'), $firewallMap->getListeners($request));
5977
$this->assertEquals('CONFIG', $firewallMap->getFirewallConfig($request));
78+
$this->assertEquals('security.firewall.map.context.foo', $request->attributes->get(self::ATTRIBUTE_FIREWALL_CONTEXT));
6079
}
6180
}

0 commit comments

Comments
 (0)