From ee363805249cf9b49289c5178ca58ec3cf6ba579 Mon Sep 17 00:00:00 2001
From: Dennis Benkert <spinecrasher@googlemail.com>
Date: Fri, 9 Aug 2013 15:30:49 +0000
Subject: [PATCH] [Security] Added a check for strategies in
 AccessDecisionManager

---
 .../Security/Core/Authorization/AccessDecisionManager.php | 7 ++++++-
 .../Core/Authorization/AccessDecisionManagerTest.php      | 8 ++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php b/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
index 6028c42c4b60..18c3569aa94b 100644
--- a/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
+++ b/src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
@@ -43,8 +43,13 @@ public function __construct(array $voters, $strategy = 'affirmative', $allowIfAl
             throw new \InvalidArgumentException('You must at least add one voter.');
         }
 
+        $strategyMethod = 'decide'.ucfirst($strategy);
+        if (!is_callable(array($this, $strategyMethod))) {
+            throw new \InvalidArgumentException(sprintf('The strategy "%s" is not supported.', $strategy));
+        }
+
         $this->voters = $voters;
-        $this->strategy = 'decide'.ucfirst($strategy);
+        $this->strategy = $strategyMethod;
         $this->allowIfAllAbstainDecisions = (Boolean) $allowIfAllAbstainDecisions;
         $this->allowIfEqualGrantedDeniedDecisions = (Boolean) $allowIfEqualGrantedDeniedDecisions;
     }
diff --git a/src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php b/src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php
index 1c706ccdae44..ead97d2bc675 100644
--- a/src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php
+++ b/src/Symfony/Component/Security/Tests/Core/Authorization/AccessDecisionManagerTest.php
@@ -54,6 +54,14 @@ public function testSetVotersEmpty()
         $manager = new AccessDecisionManager(array());
     }
 
+    /**
+     * @expectedException \InvalidArgumentException
+     */
+    public function testSetUnsupportedStrategy()
+    {
+        new AccessDecisionManager(array($this->getVoter(VoterInterface::ACCESS_GRANTED)), 'fooBar');
+    }
+
     /**
      * @dataProvider getStrategyTests
      */