minor #5580 Additional User check in voter class (weaverryan)

This PR was merged into the 2.3 branch. Discussion ---------- Additional User check in voter class Finishes #5317 | Q | A | ------------- | --- | Doc fix? | yes | New docs? | no | Applies to | 2.3+ | Fixed tickets | #5279 Commits ------- 9ad9daf Additional little check to show how we're assumign the User object is the User entity
symfony · Jul 29, 2015 · a4ec9e9 · a4ec9e9
2 parents af85d52 + 9ad9daf
commit a4ec9e9
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/cookbook/security/voters.rst b/cookbook/security/voters.rst
@@ -77,6 +77,7 @@ edit a particular object. Here's an example implementation::
     // src/AppBundle/Security/Authorization/Voter/PostVoter.php
     namespace AppBundle\Security\Authorization\Voter;
 
+    use AppBundle\Entity\User;
     use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
     use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
     use Symfony\Component\Security\Core\User\UserInterface;
@@ -133,6 +134,13 @@ edit a particular object. Here's an example implementation::
                 return VoterInterface::ACCESS_DENIED;
             }
 
+            // double-check that the User object is the expected entity.
+            // It always will be, unless there is some misconfiguration of the
+            // security system.
+            if (!$user instanceof User) {
+                throw new \LogicException('The user is somehow not our User class!');
+            }
+
             switch($attribute) {
                 case self::VIEW:
                     // the data object could have for example a method isPrivate()