[Security] Expose the required roles in AccessDeniedException

Nicofuma · Nicofuma · commit e8f46262a82e · 2016-07-29T17:08:58.000+02:00
diff --git a/Firewall/AccessListener.php b/Firewall/AccessListener.php
@@ -67,7 +67,11 @@ public function handle(GetResponseEvent $event)
         }
 
         if (!$this->accessDecisionManager->decide($token, $attributes, $request)) {
-            throw new AccessDeniedException();
+            $exception = new AccessDeniedException();
+            $exception->setAttributes($attributes);
+            $exception->setObject($request);
+
+            throw $exception;
         }
     }
 }
diff --git a/Firewall/SwitchUserListener.php b/Firewall/SwitchUserListener.php
@@ -122,7 +122,10 @@ private function attemptSwitchUser(Request $request)
         }
 
         if (false === $this->accessDecisionManager->decide($token, array($this->role))) {
-            throw new AccessDeniedException();
+            $exception = new AccessDeniedException();
+            $exception->setAttributes($this->role);
+
+            throw $exception;
         }
 
         $username = $request->get($this->usernameParameter);
diff --git a/composer.json b/composer.json
@@ -17,7 +17,7 @@
     ],
     "require": {
         "php": ">=5.5.9",
-        "symfony/security-core": "~2.8|~3.0",
+        "symfony/security-core": "~3.2",
         "symfony/event-dispatcher": "~2.8|~3.0",
         "symfony/http-foundation": "~2.8|~3.0",
         "symfony/http-kernel": "~2.8|~3.0",

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,11 @@ public function handle(GetResponseEvent $event)`
`67`	`67`	`}`
`68`	`68`
`69`	`69`	`if (!$this->accessDecisionManager->decide($token, $attributes, $request)) {`
`70`		`- throw new AccessDeniedException();`
	`70`	`+ $exception = new AccessDeniedException();`
	`71`	`+ $exception->setAttributes($attributes);`
	`72`	`+ $exception->setObject($request);`
	`73`	`+`
	`74`	`+ throw $exception;`
`71`	`75`	`}`
`72`	`76`	`}`
`73`	`77`	`}`
Original file line number	Diff line number	Diff line change
`@@ -122,7 +122,10 @@ private function attemptSwitchUser(Request $request)`
`122`	`122`	`}`
`123`	`123`
`124`	`124`	`if (false === $this->accessDecisionManager->decide($token, array($this->role))) {`
`125`		`- throw new AccessDeniedException();`
	`125`	`+ $exception = new AccessDeniedException();`
	`126`	`+ $exception->setAttributes($this->role);`
	`127`	`+`
	`128`	`+ throw $exception;`
`126`	`129`	`}`
`127`	`130`
`128`	`131`	`$username = $request->get($this->usernameParameter);`