Skip to content

Commit 7d2ad4b

Browse files
thlbautchalasr
thlbaut
authored and
chalasr
committed
Fix wrong roles comparison
1 parent 47180fe commit 7d2ad4b

File tree

2 files changed

+3
-6
lines changed

2 files changed

+3
-6
lines changed

src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php

+2-5
Original file line numberDiff line numberDiff line change
@@ -317,13 +317,10 @@ private function hasUserChanged(UserInterface $user): bool
317317
return true;
318318
}
319319

320+
$currentUserRoles = array_map('strval', (array) $this->user->getRoles());
320321
$userRoles = array_map('strval', (array) $user->getRoles());
321322

322-
if ($this instanceof SwitchUserToken) {
323-
$userRoles[] = 'ROLE_PREVIOUS_ADMIN';
324-
}
325-
326-
if (\count($userRoles) !== \count($this->getRoleNames()) || \count($userRoles) !== \count(array_intersect($userRoles, $this->getRoleNames()))) {
323+
if (\count($userRoles) !== \count($currentUserRoles) || \count($userRoles) !== \count(array_intersect($userRoles, $currentUserRoles))) {
327324
return true;
328325
}
329326

src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -238,7 +238,7 @@ public function getUserChangesAdvancedUser()
238238
*/
239239
public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($user)
240240
{
241-
$token = new ConcreteToken();
241+
$token = new ConcreteToken(['ROLE_FOO']);
242242
$token->setAuthenticated(true);
243243
$this->assertTrue($token->isAuthenticated());
244244

0 commit comments

Comments
 (0)