Merge branch '4.2'

fabpot · fabpot · commit 38aba37e029c · 2019-04-10T21:42:49.000+02:00
* 4.2:
  fixed bad merge
  Show more accurate message in profiler when missing stopwatch
  CS Fixes: Not double split with one array argument
  [Serializer] Add default object class resolver
  Remove redundant animation prefixes
  Remove redundant `box-sizing` prefixes
  [VarExporter] support PHP7.4 __serialize &amp; __unserialize
  Rework firewall access denied rule
  MetadataAwareNameConverter: Do not assume that property names are strings
  [VarExporter] fix exporting classes with private constructors
  fixed CS
  Fix missing $extraDirs when open_basedir returns
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
@@ -133,8 +133,6 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
             } catch (\Exception $e) {
                 $event->setException($e);
             }
-
-            return;
         }
 
         if (null !== $this->logger) {
@@ -152,7 +150,7 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
                 $subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
                 $subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);
 
-                $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
+                $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST));
                 $event->allowCustomResponseCode();
             }
         } catch (\Exception $e) {
diff --git a/Http/Tests/Firewall/ExceptionListenerTest.php b/Http/Tests/Firewall/ExceptionListenerTest.php
@@ -131,10 +131,8 @@ public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAn
     {
         $event = $this->createEvent($exception);
 
-        $accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
-        $accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error')));
+        $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $this->createCustomAccessDeniedHandler(new Response('error')));
 
-        $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler);
         $listener->onKernelException($event);
 
         $this->assertEquals('error', $event->getResponse()->getContent());
@@ -148,16 +146,51 @@ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \
     {
         $event = $this->createEvent($exception);
 
-        $tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
-        $tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
-
-        $listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint());
+        $listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint());
         $listener->onKernelException($event);
 
         $this->assertEquals('OK', $event->getResponse()->getContent());
         $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
     }
 
+    /**
+     * @dataProvider getAccessDeniedExceptionProvider
+     */
+    public function testAccessDeniedExceptionNotFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null)
+    {
+        $event = $this->createEvent($exception);
+
+        $listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint(), null, $this->createCustomAccessDeniedHandler(new Response('denied', 403)));
+        $listener->onKernelException($event);
+
+        $this->assertEquals('denied', $event->getResponse()->getContent());
+        $this->assertEquals(403, $event->getResponse()->getStatusCode());
+        $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
+    }
+
+    /**
+     * @dataProvider getAccessDeniedExceptionProvider
+     */
+    public function testAccessDeniedExceptionNotFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null)
+    {
+        $kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
+        $kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('Unauthorized', 401)));
+
+        $event = $this->createEvent($exception, $kernel);
+
+        $httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
+        $httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error')));
+
+        $listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(true), $httpUtils, null, '/error');
+        $listener->onKernelException($event);
+
+        $this->assertTrue($event->isAllowingCustomResponseCode());
+
+        $this->assertEquals('Unauthorized', $event->getResponse()->getContent());
+        $this->assertEquals(401, $event->getResponse()->getStatusCode());
+        $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
+    }
+
     public function getAccessDeniedExceptionProvider()
     {
         return [
@@ -169,6 +202,22 @@ public function getAccessDeniedExceptionProvider()
         ];
     }
 
+    private function createTokenStorage()
+    {
+        $tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
+        $tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
+
+        return $tokenStorage;
+    }
+
+    private function createCustomAccessDeniedHandler(Response $response)
+    {
+        $accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
+        $accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue($response));
+
+        return $accessDeniedHandler;
+    }
+
     private function createEntryPoint(Response $response = null)
     {
         $entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock();

Original file line number	Diff line number	Diff line change
`@@ -133,8 +133,6 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event`
`133`	`133`	`} catch (\Exception $e) {`
`134`	`134`	`$event->setException($e);`
`135`	`135`	`}`
`136`		`-`
`137`		`- return;`
`138`	`136`	`}`
`139`	`137`
`140`	`138`	`if (null !== $this->logger) {`
`@@ -152,7 +150,7 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event`
`152`	`150`	`$subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);`
`153`	`151`	`$subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);`
`154`	`152`
`155`		`- $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));`
	`153`	`+ $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST));`
`156`	`154`	`$event->allowCustomResponseCode();`
`157`	`155`	`}`
`158`	`156`	`} catch (\Exception $e) {`