bug #31142 Revert "bug #30423 [Security] Rework firewall's access den…

…ied rule (dimabory)" (chalasr) This PR was merged into the 3.4 branch. Discussion ---------- Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)" | Q | A | ------------- | --- | Branch? | 3.4 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? |no | Tests pass? | yes | Fixed tickets | #31136 | License | MIT | Doc PR | n/a Commits ------- cd77f6f Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
symfony · Apr 17, 2019 · 55a21fb · 55a21fb
2 parents 70166f0 + cd77f6f
commit 55a21fb
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 57 deletions.
diff --git a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@@ -131,6 +131,8 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
             } catch (\Exception $e) {
                 $event->setException($e);
             }
+
+            return;
         }
 
         if (null !== $this->logger) {
@@ -148,7 +150,7 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
                 $subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
                 $subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);
 
-                $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST));
+                $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
                 $event->allowCustomResponseCode();
             }
         } catch (\Exception $e) {

diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
@@ -130,8 +130,10 @@ public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAn
     {
         $event = $this->createEvent($exception);
 
-        $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $this->createCustomAccessDeniedHandler(new Response('error')));
+        $accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
+        $accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error')));
 
+        $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler);
         $listener->onKernelException($event);
 
         $this->assertEquals('error', $event->getResponse()->getContent());
@@ -145,48 +147,13 @@ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \
     {
         $event = $this->createEvent($exception);
 
-        $listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint());
-        $listener->onKernelException($event);
-
-        $this->assertEquals('OK', $event->getResponse()->getContent());
-        $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
-    }
-
-    /**
-     * @dataProvider getAccessDeniedExceptionProvider
-     */
-    public function testAccessDeniedExceptionNotFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null)
-    {
-        $event = $this->createEvent($exception);
-
-        $listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(false), null, $this->createEntryPoint(), null, $this->createCustomAccessDeniedHandler(new Response('denied', 403)));
-        $listener->onKernelException($event);
-
-        $this->assertEquals('denied', $event->getResponse()->getContent());
-        $this->assertEquals(403, $event->getResponse()->getStatusCode());
-        $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
-    }
-
-    /**
-     * @dataProvider getAccessDeniedExceptionProvider
-     */
-    public function testAccessDeniedExceptionNotFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null)
-    {
-        $kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
-        $kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('Unauthorized', 401)));
-
-        $event = $this->createEvent($exception, $kernel);
-
-        $httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
-        $httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error')));
+        $tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
+        $tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
 
-        $listener = $this->createExceptionListener($this->createTokenStorage(), $this->createTrustResolver(true), $httpUtils, null, '/error');
+        $listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint());
         $listener->onKernelException($event);
 
-        $this->assertTrue($event->isAllowingCustomResponseCode());
-
-        $this->assertEquals('Unauthorized', $event->getResponse()->getContent());
-        $this->assertEquals(401, $event->getResponse()->getStatusCode());
+        $this->assertEquals('OK', $event->getResponse()->getContent());
         $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious());
     }
 
@@ -201,22 +168,6 @@ public function getAccessDeniedExceptionProvider()
         ];
     }
 
-    private function createTokenStorage()
-    {
-        $tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
-        $tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
-
-        return $tokenStorage;
-    }
-
-    private function createCustomAccessDeniedHandler(Response $response)
-    {
-        $accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock();
-        $accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue($response));
-
-        return $accessDeniedHandler;
-    }
-
     private function createEntryPoint(Response $response = null)
     {
         $entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock();