From 09d07cd7dbba49f842731787a08e6e31c1b1e80c Mon Sep 17 00:00:00 2001
From: Alex Rock Ancelet <pierstoval@gmail.com>
Date: Wed, 27 Feb 2019 21:53:25 +0100
Subject: [PATCH] Make UserValueResolver accept any subtype of UserInterface

---
 .../SecurityBundle/SecurityUserValueResolver.php  |  3 ++-
 .../Http/Controller/UserValueResolver.php         |  3 ++-
 .../Tests/Controller/UserValueResolverTest.php    | 15 ++++++++++++++-
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/Symfony/Bundle/SecurityBundle/SecurityUserValueResolver.php b/src/Symfony/Bundle/SecurityBundle/SecurityUserValueResolver.php
index 476e24ee4e45..51ff483f531c 100644
--- a/src/Symfony/Bundle/SecurityBundle/SecurityUserValueResolver.php
+++ b/src/Symfony/Bundle/SecurityBundle/SecurityUserValueResolver.php
@@ -40,7 +40,8 @@ public function __construct(TokenStorageInterface $tokenStorage)
     public function supports(Request $request, ArgumentMetadata $argument)
     {
         // only security user implementations are supported
-        if (UserInterface::class !== $argument->getType()) {
+        $type = $argument->getType();
+        if (UserInterface::class !== $type && !is_subclass_of($type, UserInterface::class)) {
             return false;
         }
 
diff --git a/src/Symfony/Component/Security/Http/Controller/UserValueResolver.php b/src/Symfony/Component/Security/Http/Controller/UserValueResolver.php
index 221d8d8eada5..959b533f8c71 100644
--- a/src/Symfony/Component/Security/Http/Controller/UserValueResolver.php
+++ b/src/Symfony/Component/Security/Http/Controller/UserValueResolver.php
@@ -35,7 +35,8 @@ public function __construct(TokenStorageInterface $tokenStorage)
     public function supports(Request $request, ArgumentMetadata $argument)
     {
         // only security user implementations are supported
-        if (UserInterface::class !== $argument->getType()) {
+        $type = $argument->getType();
+        if (UserInterface::class !== $type && !is_subclass_of($type, UserInterface::class)) {
             return false;
         }
 
diff --git a/src/Symfony/Component/Security/Http/Tests/Controller/UserValueResolverTest.php b/src/Symfony/Component/Security/Http/Tests/Controller/UserValueResolverTest.php
index 8bcb960aa66e..2a50e0bab951 100644
--- a/src/Symfony/Component/Security/Http/Tests/Controller/UserValueResolverTest.php
+++ b/src/Symfony/Component/Security/Http/Tests/Controller/UserValueResolverTest.php
@@ -17,7 +17,6 @@
 use Symfony\Component\HttpKernel\Controller\ArgumentResolver\DefaultValueResolver;
 use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
-use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Http\Controller\UserValueResolver;
@@ -69,6 +68,20 @@ public function testResolve()
         $this->assertSame([$user], iterator_to_array($resolver->resolve(Request::create('/'), $metadata)));
     }
 
+    public function testResolveWithSubclass()
+    {
+        $user = $this->getMockForAbstractClass(DummySubUser::class);
+        $token = new UsernamePasswordToken($user, 'password', 'provider');
+        $tokenStorage = new TokenStorage();
+        $tokenStorage->setToken($token);
+
+        $resolver = new UserValueResolver($tokenStorage);
+        $metadata = new ArgumentMetadata('foo', DummySubUser::class, false, false, null);
+
+        $this->assertTrue($resolver->supports(Request::create('/'), $metadata));
+        $this->assertSame([$user], iterator_to_array($resolver->resolve(Request::create('/'), $metadata)));
+    }
+
     public function testIntegration()
     {
         $user = $this->getMockBuilder(UserInterface::class)->getMock();

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/30401.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/30401.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/30401.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/30401.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>