From 119f3499432d9a9b67267b2001fca946f8dc7ae9 Mon Sep 17 00:00:00 2001
From: Christoph Reiter <reiter.christoph@gmail.com>
Date: Wed, 22 Feb 2023 10:51:28 +0100
Subject: [PATCH] attribute expressions: don't mix read/write access attributes

From what I see this is a bug and the read attributes are not required by default to
also have an expression configured for write access.

This fixes a bug where trying to write to any attribute would fail.
---
 src/Authorization/AbstractAuthorizationService.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/Authorization/AbstractAuthorizationService.php b/src/Authorization/AbstractAuthorizationService.php
index a100ab6..ffa1255 100644
--- a/src/Authorization/AbstractAuthorizationService.php
+++ b/src/Authorization/AbstractAuthorizationService.php
@@ -225,6 +225,7 @@ abstract class AbstractAuthorizationService implements ContextAwareNormalizerInt
                 self::ENTITY_ATTRIBUTE_NAMES_KEY => $attributeNames,
             ];
 
+            $attributeNames = [];
             foreach ($entityNode[AuthorizationConfigDefinition::ENTITY_WRITE_ACCESS_CONFIG_NODE] ?? [] as $attributeName => $attributeAuthorizationExpression) {
                 $roleExpressions[self::toWriteAttributeId($entityShortName, $attributeName)] = $attributeAuthorizationExpression;
                 $attributeNames[] = $attributeName;
-- 
GitLab