Saving insertObjectAce throw an undefined index when entry does not exist in old objectAce

[nisiah78]

Hello,

Here is our scenario that break our acl workflow when we want to add another mask entry for an user. We have a flow that let our admin user to switch from their admin account to another access level temporarily. Then by action we want to add the temporary access level on the acl entries through insertObjectAce and then save the action updateAcl, we got on some case an undefined index 0 or any index when it does not exists on the old value of the objectAce.

here is the part of the code

$objectsAce = $acl->getObjectAces(); $isUpdated = false;

        foreach ($objectsAce as $index => $objectAce) {

            /** @var Entry $objectAce */
            if ($securityIdentity->getUsername() !== $objectAce->getSecurityIdentity()->getUsername()) {
                continue;
            }

            $acl->updateObjectAce($index, $maskAccess);
            $isUpdated = true;
            break;
        }

        if (!$isUpdated) {
             $acl->insertObjectAce($securityIdentity, $maskAccess);
        }

[nisiah78]

the error is in the updateOldAceProperty:963 (Symfony\Component\Security\Acl\Dbal\MutableAclProvider.php)

for ($i = 0, $c = \count($old); $i < $c; ++$i) {
            $ace = $old[$i]; <=== here comes the error when the content is not defined

            if (!isset($currentIds[$ace->getId()])) {
                $this->connection->executeStatement($this->getDeleteAccessControlEntrySql($ace->getId()));
                unset($this->loadedAces[$ace->getId()]);
            }
        }