Wrong check role instance in RoleSecurityIdentity class

[Redigast13]

There is a check in constructor of Symfony\Component\Security\Acl\Domain:
if ($role instanceof Role) {
$role = $role->getRole();
}
I think it is better to check on Symfony\Component\Security\Core\Role\RoleInterface instead of Symfony\Component\Security\Core\Role\Role class
Pull request: #17

[raphahardt]

+1

There is a issue with Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy, on line 144. When you have a Role entity that implements RoleInterface instead of extending Role, the equals method fails, because on the left side, the $sid has a string in the role property, and on the right side, the $ace->getSecurityIdentity() has a RoleInterface object (your entity, instead of expected string). So, the ACL always deny the user that has that role, even if it has granted.