[Security][SecurityBundle] Add voter individual decisions to profiler

Author: l-vo

Authorization/TraceableAccessDecisionManager.php

@@ -27,7 +27,8 @@ class TraceableAccessDecisionManager implements AccessDecisionManagerInterface
     private $manager;
     private $strategy;
     private $voters = array();
-    private $decisionLog = array();
+    private $decisionLog = array(); // All decision logs
+    private $currentLog = array();  // Logs being filled in
 
     public function __construct(AccessDecisionManagerInterface $manager)
     {
@@ -49,17 +50,40 @@ public function __construct(AccessDecisionManagerInterface $manager)
      */
     public function decide(TokenInterface $token, array $attributes, $object = null)
     {
-        $result = $this->manager->decide($token, $attributes, $object);
-
-        $this->decisionLog[] = array(
+        $currentDecisionLog = array(
             'attributes' => $attributes,
             'object' => $object,
-            'result' => $result,
+            'voterDetails' => array(),
         );
 
+        $this->currentLog[] = &$currentDecisionLog;
+
+        $result = $this->manager->decide($token, $attributes, $object);
+
+        $currentDecisionLog['result'] = $result;
+
+        $this->decisionLog[] = array_pop($this->currentLog); // Using a stack since decide can be called by voters
+
         return $result;
     }
 
+    /**
+     * Adds voter vote and class to the voter details.
+     *
+     * @param VoterInterface $voter      voter
+     * @param array          $attributes attributes used for the vote
+     * @param int            $vote       vote of the voter
+     */
+    public function addVoterVote(VoterInterface $voter, array $attributes, int $vote)
+    {
+        $currentLogIndex = \count($this->currentLog) - 1;
+        $this->currentLog[$currentLogIndex]['voterDetails'][] = array(
+            'voter' => $voter,
+            'attributes' => $attributes,
+            'vote' => $vote,
+        );
+    }
+
     /**
      * @return string
      */

Authorization/Voter/TraceableVoter.php

@@ -0,0 +1,49 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Authorization\Voter;
+
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Event\VoteEvent;
+
+/**
+ * Decorates voter classes to send result events.
+ *
+ * @author Laurent VOULLEMIER <laurent.voullemier@gmail.com>
+ *
+ * @internal
+ */
+class TraceableVoter implements VoterInterface
+{
+    private $voter;
+    private $eventDispatcher;
+
+    public function __construct(VoterInterface $voter, EventDispatcherInterface $eventDispatcher)
+    {
+        $this->voter = $voter;
+        $this->eventDispatcher = $eventDispatcher;
+    }
+
+    public function vote(TokenInterface $token, $subject, array $attributes)
+    {
+        $result = $this->voter->vote($token, $subject, $attributes);
+
+        $this->eventDispatcher->dispatch('debug.security.authorization.vote', new VoteEvent($this->voter, $subject, $attributes, $result));
+
+        return $result;
+    }
+
+    public function getDecoratedVoter(): VoterInterface
+    {
+        return $this->voter;
+    }
+}

Event/VoteEvent.php

@@ -0,0 +1,58 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Event;
+
+use Symfony\Component\EventDispatcher\Event;
+use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
+
+/**
+ * This event is dispatched on voter vote.
+ *
+ * @author Laurent VOULLEMIER <laurent.voullemier@gmail.com>
+ *
+ * @internal
+ */
+class VoteEvent extends Event
+{
+    private $voter;
+    private $subject;
+    private $attributes;
+    private $vote;
+
+    public function __construct(VoterInterface $voter, $subject, array $attributes, int $vote)
+    {
+        $this->voter = $voter;
+        $this->subject = $subject;
+        $this->attributes = $attributes;
+        $this->vote = $vote;
+    }
+
+    public function getVoter(): VoterInterface
+    {
+        return $this->voter;
+    }
+
+    public function getSubject()
+    {
+        return $this->subject;
+    }
+
+    public function getAttributes(): array
+    {
+        return $this->attributes;
+    }
+
+    public function getVote(): int
+    {
+        return $this->vote;
+    }
+}