diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
index 365638dc4aeb6..5b81d857e8f30 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -191,6 +191,12 @@ private function createAuthorization(array $config, ContainerBuilder $container)
$attributes[] = $this->createExpression($container, $access['allow_if']);
}
+ $emptyAccess = 0 === \count(array_filter($access));
+
+ if ($emptyAccess) {
+ throw new InvalidConfigurationException('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');
+ }
+
$container->getDefinition('security.access_map')
->addMethodCall('add', [$matcher, $attributes, $access['requires_channel']]);
}
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
index 48d44bf554f2e..9d96cbe36b5b7 100644
--- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
@@ -415,6 +415,56 @@ public function testSwitchUserWithSeveralDefinedProvidersButNoFirewallRootProvid
$this->assertEquals(new Reference('security.user.provider.concrete.second'), $container->getDefinition('security.authentication.switchuser_listener.foobar')->getArgument(1));
}
+ public function testInvalidAccessControlWithEmptyRow()
+ {
+ $container = $this->getRawContainer();
+
+ $container->loadFromExtension('security', [
+ 'providers' => [
+ 'default' => ['id' => 'foo'],
+ ],
+ 'firewalls' => [
+ 'some_firewall' => [
+ 'pattern' => '/.*',
+ 'http_basic' => [],
+ ],
+ ],
+ 'access_control' => [
+ [],
+ ['path' => '/admin', 'roles' => 'ROLE_ADMIN'],
+ ],
+ ]);
+
+ $this->expectException(InvalidConfigurationException::class);
+ $this->expectExceptionMessage('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');
+ $container->compile();
+ }
+
+ public function testValidAccessControlWithEmptyRow()
+ {
+ $container = $this->getRawContainer();
+
+ $container->loadFromExtension('security', [
+ 'providers' => [
+ 'default' => ['id' => 'foo'],
+ ],
+ 'firewalls' => [
+ 'some_firewall' => [
+ 'pattern' => '/.*',
+ 'http_basic' => [],
+ ],
+ ],
+ 'access_control' => [
+ ['path' => '^/login'],
+ ['path' => '^/', 'roles' => 'ROLE_USER'],
+ ],
+ ]);
+
+ $container->compile();
+
+ $this->assertTrue(true, 'extension throws an InvalidConfigurationException if there is one more more empty access control items');
+ }
+
protected function getRawContainer()
{
$container = new ContainerBuilder();
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy