minor #50957 [Security] Remove unused code about ROLE_PREVIOUS_ADMIN (lyrixx)

fabpot · fabpot · commit d1d680ad3da3 · 2023-08-01T10:39:44.000+02:00
This PR was merged into the 7.0 branch.

Discussion
----------

[Security] Remove unused code about ROLE_PREVIOUS_ADMIN

| Q             | A
| ------------- | ---
| Branch?       | 7.0
| Bug fix?      | no
| New feature?  | no
| Deprecations? | no
| Tickets       |
| License       | MIT
| Doc PR        |

Commits
-------

e15c98aa61 [Security] Remove dead code about ROLE_PREVIOUS_ADMIN
diff --git a/Firewall/ContextListener.php b/Firewall/ContextListener.php
@@ -302,10 +302,6 @@ private static function hasUserChanged(UserInterface $originalUser, TokenInterfa
 
         $userRoles = array_map('strval', (array) $refreshedUser->getRoles());
 
-        if ($refreshedToken instanceof SwitchUserToken) {
-            $userRoles[] = 'ROLE_PREVIOUS_ADMIN';
-        }
-
         if (
             \count($userRoles) !== \count($refreshedToken->getRoleNames())
             || \count($userRoles) !== \count(array_intersect($userRoles, $refreshedToken->getRoleNames()))
diff --git a/Firewall/SwitchUserListener.php b/Firewall/SwitchUserListener.php
@@ -180,7 +180,6 @@ private function attemptSwitchUser(Request $request, string $username): ?TokenIn
         $this->userChecker->checkPostAuth($user);
 
         $roles = $user->getRoles();
-        $roles[] = 'ROLE_PREVIOUS_ADMIN';
         $originatedFromUri = str_replace('/&', '/?', preg_replace('#[&?]'.$this->usernameParameter.'=[^&]*#', '', $request->getRequestUri()));
         $token = new SwitchUserToken($user, $this->firewallName, $roles, $token, $originatedFromUri);
 
