This repository was archived by the owner on Sep 16, 2021. It is now read-only.
bug: bad verification guardAccess with tree block #68
Description
Environment
Symfony 4.2.8
Symfony packages
$ composer show --latest 'symfony/*'
symfony/apache-pack v1.0.1 v1.0.1 A pack for Apache support in S...
symfony/asset v4.2.8 v4.2.8 Symfony Asset Component
symfony/browser-kit v4.2.8 v4.2.8 Symfony BrowserKit Component
symfony/cache v4.2.8 v4.2.8 Symfony Cache component with P...
symfony/config v4.2.8 v4.2.8 Symfony Config Component
symfony/console v4.2.8 v4.2.8 Symfony Console Component
symfony/contracts v1.1.0 v1.1.0 A set of abstractions extracte...
symfony/css-selector v4.2.8 v4.2.8 Symfony CssSelector Component
symfony/debug v4.2.8 v4.2.8 Symfony Debug Component
symfony/debug-bundle v4.2.8 v4.2.8 Symfony DebugBundle
symfony/debug-pack v1.0.7 v1.0.7 A debug pack for Symfony projects
symfony/dependency-injection v4.2.8 v4.2.8 Symfony DependencyInjection Co...
symfony/doctrine-bridge v4.2.8 v4.2.8 Symfony Doctrine Bridge
symfony/dom-crawler v4.2.8 v4.2.8 Symfony DomCrawler Component
symfony/dotenv v4.2.8 v4.2.8 Registers environment variable...
symfony/event-dispatcher v4.2.8 v4.2.8 Symfony EventDispatcher Component
symfony/expression-language v4.2.8 v4.2.8 Symfony ExpressionLanguage Com...
symfony/filesystem v4.2.8 v4.2.8 Symfony Filesystem Component
symfony/finder v4.2.8 v4.2.8 Symfony Finder Component
symfony/flex v1.2.5 v1.2.5 Composer plugin for Symfony
symfony/form v4.2.8 v4.2.8 Symfony Form Component
symfony/framework-bundle v4.2.8 v4.2.8 Symfony FrameworkBundle
symfony/http-foundation v4.2.8 v4.2.8 Symfony HttpFoundation Component
symfony/http-kernel v4.2.8 v4.2.8 Symfony HttpKernel Component
symfony/inflector v4.2.8 v4.2.8 Symfony Inflector Component
symfony/intl v4.2.8 v4.2.8 A PHP replacement layer for th...
symfony/maker-bundle v1.11.6 v1.11.6 Symfony Maker helps you create...
symfony/monolog-bridge v4.2.8 v4.2.8 Symfony Monolog Bridge
symfony/monolog-bundle v3.3.1 v3.3.1 Symfony MonologBundle
symfony/options-resolver v4.2.8 v4.2.8 Symfony OptionsResolver Component
symfony/orm-pack v1.0.6 v1.0.6 A pack for the Doctrine ORM
symfony/panther v0.3.0 v0.3.0 A browser testing and web scra...
symfony/phpunit-bridge v4.2.8 v4.2.8 Symfony PHPUnit Bridge
symfony/polyfill-intl-icu v1.11.0 v1.11.0 Symfony polyfill for intl's IC...
symfony/polyfill-intl-idn v1.11.0 v1.11.0 Symfony polyfill for intl's id...
symfony/polyfill-mbstring v1.11.0 v1.11.0 Symfony polyfill for the Mbstr...
symfony/polyfill-php72 v1.11.0 v1.11.0 Symfony polyfill backporting s...
symfony/process v4.2.8 v4.2.8 Symfony Process Component
symfony/profiler-pack v1.0.4 v1.0.4 A pack for the Symfony web pro...
symfony/property-access v4.2.8 v4.2.8 Symfony PropertyAccess Component
symfony/property-info v4.2.8 v4.2.8 Symfony Property Info Component
symfony/routing v4.2.8 v4.2.8 Symfony Routing Component
symfony/security-acl v3.0.2 v3.0.2 Symfony Security Component - A...
symfony/security-bundle v4.2.8 v4.2.8 Symfony SecurityBundle
symfony/security-core v4.2.8 v4.2.8 Symfony Security Component - C...
symfony/security-csrf v4.2.8 v4.2.8 Symfony Security Component - C...
symfony/security-guard v4.2.8 v4.2.8 Symfony Security Component - G...
symfony/security-http v4.2.8 v4.2.8 Symfony Security Component - H...
symfony/serializer v4.2.8 v4.2.8 Symfony Serializer Component
symfony/serializer-pack v1.0.2 v1.0.2 A pack for the Symfony serializer
symfony/stopwatch v4.2.8 v4.2.8 Symfony Stopwatch Component
symfony/swiftmailer-bundle v3.2.6 v3.2.6 Symfony SwiftmailerBundle
symfony/templating v4.2.8 v4.2.8 Symfony Templating Component
symfony/test-pack v1.0.5 v1.0.5 A pack for functional and end-...
symfony/translation v4.2.8 v4.2.8 Symfony Translation Component
symfony/twig-bridge v4.2.8 v4.2.8 Symfony Twig Bridge
symfony/twig-bundle v4.2.8 v4.2.8 Symfony TwigBundle
symfony/validator v4.2.8 v4.2.8 Symfony Validator Component
symfony/var-dumper v4.2.8 v4.2.8 Symfony mechanism for explorin...
symfony/var-exporter v4.2.8 v4.2.8 A blend of var_export() + seri...
symfony/web-link v4.2.8 v4.2.8 Symfony WebLink Component
symfony/web-profiler-bundle v4.2.8 v4.2.8 Symfony WebProfilerBundle
symfony/web-server-bundle v4.2.8 v4.2.8 Symfony WebServerBundle
symfony/webpack-encore-bundle v1.5.0 v1.5.0 Integration with your Symfony ...
symfony/yaml v4.2.8 v4.2.8 Symfony Yaml Component
Symfony CMF packages
$ composer show --latest 'symfony-cmf/*'
symfony-cmf/block-bundle 2.1.1 2.1.1 Symfony CMF Block Bundle
symfony-cmf/core-bundle 2.1.1 2.1.1 Symfony CMF Core Bundle
symfony-cmf/resource 1.1.0 1.1.0 Bundle which facilitates docume...
symfony-cmf/resource-bundle 1.1.0 1.1.0 Bundle which facilitates docume...
symfony-cmf/resource-rest-bundle 1.1.0 1.1.0 Bundle which provides a REST AP...
symfony-cmf/routing 2.1.0 2.1.0 Extends the Symfony routing com...
symfony-cmf/routing-auto 2.1.0 2.1.0 Component for automatically cre...
symfony-cmf/routing-auto-bundle 2.1.0 2.1.0 Bundle which automatically crea...
symfony-cmf/routing-bundle 2.1.1 2.1.1 Symfony RoutingBundle
symfony-cmf/seo-bundle 2.1.0 2.1.0 Symfony CMF Search Engine Optim...
symfony-cmf/slugifier-api 2.0.0 2.0.0 Provides a basic slugifier inte...
symfony-cmf/tree-browser-bundle 2.1.1 2.1.1 Symfony CMF Tree Browser Bundle
Subject
Access verification problem.
This returns an error in all cases.
Steps to reproduce
Adding block Sonata :
sonata_block:
blocks:
# ...
sonata_admin_doctrine_phpcr.tree_block:
settings:
id: '/cms'
contexts: [admin]And.. Congratulation, this bug is here ! Showing DeniedAccess.
Expected results
Access Authorized
Actual results
AccessDeniedException