Skip to content

Incorrect behavior of AuthorizationCheckerToAccessDecisionManagerInVoterRector, removes $subject argument #9791

Description

@MarijnDoeve

Bug Report

Subject Details
Rector version v2.5.2.
Installed as composer dependency

Minimal PHP Code Causing Issue

See https://getrector.com/demo/7b40f4f0-66b8-46d0-9fc0-ab1d594b149c

<?php

use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;

final class DemoFile extends Voter
{
    public function __construct(
                private readonly AuthorizationCheckerInterface $authorizationChecker,
		) {}
    
    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
    {
        return $this->authorizationChecker->isGranted('ROLE_ADMIN', $subject);
    }
}

Responsible rules

  • AuthorizationCheckerToAccessDecisionManagerInVoterRector

Expected Behavior

It is expected that the $subject argument is transfered to the new call.

final class DemoFile extends Voter
 {
     public function __construct(
-                private readonly AuthorizationCheckerInterface $authorizationChecker,
+                private readonly \Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface $accessDecisionManager,
 		) {}
     
     protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
     {
-        return $this->authorizationChecker->isGranted('ROLE_ADMIN', $subject);
+        return $this->accessDecisionManager->decide($token, ['ROLE_ADMIN'], $subject);
     }
 }

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions