Closed
Description
Hello.
I emit issue with implementing voter, that extends from Symfony\Component\Security\Core\Authorization\Voter\Voter.
Symfony\Component\Security\Core\Authorization\Voter\Voter::supports() declares $attribute argument as string type, but it's not cover actual - nothing about check for type in parent vote() method no happening.
This lead to the issue.
Similar implementation of my voter
<?php
declare(strict_types=1);
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
final class IssueAuthorizationVoter extends Voter
{
private $decisionManager;
public function __construct(AccessDecisionManagerInterface $decisionManager)
{
$this->decisionManager = $decisionManager;
}
protected function supports($attribute, $subject): bool
{
return $this->isRequestView($attribute);
}
private function isRequestView(string $attribute): bool
{
return 'view' === $attribute;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
{
return $this->decisionManager->decide($token, ['ROLE_RESOURCE_SUPPORT']);
}
}Issue: when called with Symfony\Component\Security\Core\Role\Role strict types in voter cause to fatal
Link to voteOnAttribute()