[Security] improve VoteObject adding extraData for give more possibilities to AccessDecicsionStrategy

Author: eltharin

Authorization/AccessDecisionManager.php

@@ -71,7 +71,8 @@ public function decide(TokenInterface $token, array $attributes, mixed $object =
 
         try {
             return $accessDecision->isGranted = $this->strategy->decide(
-                $this->collectResults($token, $attributes, $object, $accessDecision)
+                $this->collectResults($token, $attributes, $object, $accessDecision),
+                $accessDecision,
             );
         } finally {
             array_pop($this->accessDecisionStack);

Authorization/Strategy/AccessDecisionStrategyInterface.php

@@ -11,6 +11,8 @@
 
 namespace Symfony\Component\Security\Core\Authorization\Strategy;
 
+use Symfony\Component\Security\Core\Authorization\AccessDecision;
+
 /**
  * A strategy for turning a stream of votes into a final decision.
  *
@@ -20,6 +22,7 @@ interface AccessDecisionStrategyInterface
 {
     /**
      * @param \Traversable<int> $results
+     * @param ?AccessDecision   $accessDecision
      */
-    public function decide(\Traversable $results): bool;
+    public function decide(\Traversable $results/* , ?AccessDecision $accessDecision = null */): bool;
 }

Authorization/Strategy/AffirmativeStrategy.php

@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Core\Authorization\Strategy;
 
+use Symfony\Component\Security\Core\Authorization\AccessDecision;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 
 /**
@@ -29,7 +30,7 @@ public function __construct(
     ) {
     }
 
-    public function decide(\Traversable $results): bool
+    public function decide(\Traversable $results, ?AccessDecision $accessDecision = null): bool
     {
         $deny = 0;
         foreach ($results as $result) {

Authorization/Strategy/ConsensusStrategy.php

@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Core\Authorization\Strategy;
 
+use Symfony\Component\Security\Core\Authorization\AccessDecision;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 
 /**
@@ -38,7 +39,7 @@ public function __construct(
     ) {
     }
 
-    public function decide(\Traversable $results): bool
+    public function decide(\Traversable $results, ?AccessDecision $accessDecision = null): bool
     {
         $grant = 0;
         $deny = 0;

Authorization/Strategy/PriorityStrategy.php

@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Core\Authorization\Strategy;
 
+use Symfony\Component\Security\Core\Authorization\AccessDecision;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 
 /**
@@ -30,7 +31,7 @@ public function __construct(
     ) {
     }
 
-    public function decide(\Traversable $results): bool
+    public function decide(\Traversable $results, ?AccessDecision $accessDecision = null): bool
     {
         foreach ($results as $result) {
             if (VoterInterface::ACCESS_GRANTED === $result) {

Authorization/Strategy/UnanimousStrategy.php

@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Core\Authorization\Strategy;
 
+use Symfony\Component\Security\Core\Authorization\AccessDecision;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 
 /**
@@ -29,7 +30,7 @@ public function __construct(
     ) {
     }
 
-    public function decide(\Traversable $results): bool
+    public function decide(\Traversable $results, ?AccessDecision $accessDecision = null): bool
     {
         $grant = 0;
         foreach ($results as $result) {

Authorization/Voter/Vote.php

@@ -28,6 +28,11 @@ class Vote
      */
     public array $reasons = [];
 
+    /**
+     * @var array<string, mixed>
+     */
+    public array $extraData = [];
+
     public function addReason(string $reason): void
     {
         $this->reasons[] = $reason;

CHANGELOG.md

@@ -6,6 +6,8 @@ CHANGELOG
 
  * Add `MermaidDumper` to dump Role Hierarchy graphs in the Mermaid.js flowchart format
  * Deprecate `PersistentTokenInterface::getClass()`, the user class will be removed from the remember-me cookie in 8.0
+ * Add `extraData` property to `Vote` objects
+ * Add argument `$accessDecision` to `AccessDecisionStrategyInterface`
 
 7.3
 ---

Tests/Authorization/AccessDecisionManagerTest.php

@@ -14,6 +14,7 @@
 use PHPUnit\Framework\Assert;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\AccessDecision;
 use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
 use Symfony\Component\Security\Core\Authorization\Strategy\AccessDecisionStrategyInterface;
 use Symfony\Component\Security\Core\Authorization\Voter\CacheableVoterInterface;
@@ -40,7 +41,7 @@ public function testVoterCalls()
         ];
 
         $strategy = new class implements AccessDecisionStrategyInterface {
-            public function decide(\Traversable $results): bool
+            public function decide(\Traversable $results, ?AccessDecision $accessDecision = null): bool
             {
                 $i = 0;
                 foreach ($results as $result) {