Merge branch '5.2' into 5.x

* 5.2:
  [WebProfiler] Use ControllerReference instead of URL in twig render()
  [Serializer][Validator] Update some phpDoc relative to "getters"
  Update README.md
  [SecurityBundle] Empty line starting with dash under "access_control" causes all rules to be skipped
  [Cache] Apply NullAdapter as Null Object

Author: derrabus

DependencyInjection/SecurityExtension.php

@@ -231,6 +231,12 @@ private function createAuthorization(array $config, ContainerBuilder $container)
                 $attributes[] = $this->createExpression($container, $access['allow_if']);
             }
 
+            $emptyAccess = 0 === \count(array_filter($access));
+
+            if ($emptyAccess) {
+                throw new InvalidConfigurationException('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');
+            }
+
             $container->getDefinition('security.access_map')
                       ->addMethodCall('add', [$matcher, $attributes, $access['requires_channel']]);
         }

Tests/DependencyInjection/SecurityExtensionTest.php

@@ -454,6 +454,56 @@ public function testSwitchUserWithSeveralDefinedProvidersButNoFirewallRootProvid
         $this->assertEquals(new Reference('security.user.provider.concrete.second'), $container->getDefinition('security.authentication.switchuser_listener.foobar')->getArgument(1));
     }
 
+    public function testInvalidAccessControlWithEmptyRow()
+    {
+        $container = $this->getRawContainer();
+
+        $container->loadFromExtension('security', [
+            'providers' => [
+                'default' => ['id' => 'foo'],
+            ],
+            'firewalls' => [
+                'some_firewall' => [
+                    'pattern' => '/.*',
+                    'http_basic' => [],
+                ],
+            ],
+            'access_control' => [
+                [],
+                ['path' => '/admin', 'roles' => 'ROLE_ADMIN'],
+            ],
+        ]);
+
+        $this->expectException(InvalidConfigurationException::class);
+        $this->expectExceptionMessage('One or more access control items are empty. Did you accidentally add lines only containing a "-" under "security.access_control"?');
+        $container->compile();
+    }
+
+    public function testValidAccessControlWithEmptyRow()
+    {
+        $container = $this->getRawContainer();
+
+        $container->loadFromExtension('security', [
+            'providers' => [
+                'default' => ['id' => 'foo'],
+            ],
+            'firewalls' => [
+                'some_firewall' => [
+                    'pattern' => '/.*',
+                    'http_basic' => [],
+                ],
+            ],
+            'access_control' => [
+                ['path' => '^/login'],
+                ['path' => '^/', 'roles' => 'ROLE_USER'],
+            ],
+        ]);
+
+        $container->compile();
+
+        $this->assertTrue(true, 'extension throws an InvalidConfigurationException if there is one more more empty access control items');
+    }
+
     /**
      * @dataProvider provideEntryPointFirewalls
      */