Skip to content

Commit

Permalink
Fix wrong roles comparison
Browse files Browse the repository at this point in the history
  • Loading branch information
@thlbaut @chalasr
thlbaut authored and chalasr committed May 22, 2020
1 parent 47180fe commit 7d2ad4b
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 6 deletions.
7 changes: 2 additions & 5 deletions src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
View file
Expand Up @@ -317,13 +317,10 @@ private function hasUserChanged(UserInterface $user): bool
return true;
}

$currentUserRoles = array_map('strval', (array) $this->user->getRoles());
$userRoles = array_map('strval', (array) $user->getRoles());

if ($this instanceof SwitchUserToken) {
$userRoles[] = 'ROLE_PREVIOUS_ADMIN';
}

if (\count($userRoles) !== \count($this->getRoleNames()) || \count($userRoles) !== \count(array_intersect($userRoles, $this->getRoleNames()))) {
if (\count($userRoles) !== \count($currentUserRoles) || \count($userRoles) !== \count(array_intersect($userRoles, $currentUserRoles))) {
return true;
}

Expand Down
2 changes: 1 addition & 1 deletion src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php
View file
Expand Up @@ -238,7 +238,7 @@ public function getUserChangesAdvancedUser()
*/
public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($user)
{
$token = new ConcreteToken();
$token = new ConcreteToken(['ROLE_FOO']);
$token->setAuthenticated(true);
$this->assertTrue($token->isAuthenticated());

Expand Down

0 comments on commit 7d2ad4b

Please sign in to comment.