From cbbf38b7db8b768eec0aca1928aef2f2df80de64 Mon Sep 17 00:00:00 2001
From: Yaakov Saxon <ysaxon@nabancard.com>
Date: Thu, 26 Oct 2023 16:01:36 -0400
Subject: [PATCH] Delegate checking for null Source to SandboxExtension instead
 of SourcePolicy

---
 src/Extension/SandboxExtension.php    |  5 ++++-
 src/Sandbox/SourcePolicyInterface.php |  2 +-
 tests/Extension/SandboxTest.php       | 10 +++++-----
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/Extension/SandboxExtension.php b/src/Extension/SandboxExtension.php
index 039a56b9732..7705ffb688a 100644
--- a/src/Extension/SandboxExtension.php
+++ b/src/Extension/SandboxExtension.php
@@ -65,7 +65,10 @@ public function isSandboxedGlobally()
 
     private function isSourceSandboxed(?Source $source) : bool
     {
-        return $this->sourcePolicy && $this->sourcePolicy->enableSandbox($source);
+        if ($source === null || $this->sourcePolicy === null) {
+            return false;
+        }
+        return $this->sourcePolicy->enableSandbox($source);
     }
 
     public function setSecurityPolicy(SecurityPolicyInterface $policy)
diff --git a/src/Sandbox/SourcePolicyInterface.php b/src/Sandbox/SourcePolicyInterface.php
index 4ae7b0caee8..b952f1ea6fa 100644
--- a/src/Sandbox/SourcePolicyInterface.php
+++ b/src/Sandbox/SourcePolicyInterface.php
@@ -20,5 +20,5 @@
  */
 interface SourcePolicyInterface
 {
-    public function enableSandbox(?Source $source): bool;
+    public function enableSandbox(Source $source): bool;
 }
diff --git a/tests/Extension/SandboxTest.php b/tests/Extension/SandboxTest.php
index 483ccd0f42a..8b73990f1ca 100644
--- a/tests/Extension/SandboxTest.php
+++ b/tests/Extension/SandboxTest.php
@@ -463,9 +463,9 @@ protected function getEnvironment($sandboxed, $options, $templates, $tags = [],
     public function testSandboxSourcePolicyEnableReturningFalse()
     {
         $twig = $this->getEnvironment(false, [], self::$templates, [], [], [], [], [], new class() implements \Twig\Sandbox\SourcePolicyInterface {
-            public function enableSandbox(Source $source = null): bool
+            public function enableSandbox(Source $source): bool
             {
-                return $source && '1_basic' != $source->getName();
+                return '1_basic' != $source->getName();
             }
         });
         $this->assertEquals('FOO', $twig->load('1_basic')->render(self::$params));
@@ -474,9 +474,9 @@ public function enableSandbox(Source $source = null): bool
     public function testSandboxSourcePolicyEnableReturningTrue()
     {
         $twig = $this->getEnvironment(false, [], self::$templates, [], [], [], [], [], new class() implements \Twig\Sandbox\SourcePolicyInterface {
-            public function enableSandbox(Source $source = null): bool
+            public function enableSandbox(Source $source): bool
             {
-                return $source && '1_basic' === $source->getName();
+                return '1_basic' === $source->getName();
             }
         });
         $this->expectException(SecurityError::class);
@@ -486,7 +486,7 @@ public function enableSandbox(Source $source = null): bool
     public function testSandboxSourcePolicyFalseDoesntOverrideOtherEnables()
     {
         $twig = $this->getEnvironment(true, [], self::$templates, [], [], [], [], [], new class() implements \Twig\Sandbox\SourcePolicyInterface {
-            public function enableSandbox(Source $source = null): bool
+            public function enableSandbox(Source $source): bool
             {
                 return false;
             }