fix(security): post validation in Operation #4392 (#4607)

Author: soyuka

src/Metadata/Delete.php

@@ -76,6 +76,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,

src/Metadata/Get.php

@@ -76,6 +76,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,

src/Metadata/GetCollection.php

@@ -76,6 +76,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,

src/Metadata/Operation.php

@@ -108,6 +108,8 @@ class Operation
     protected $securityMessage;
     protected $securityPostDenormalize;
     protected $securityPostDenormalizeMessage;
+    protected $securityPostValidation;
+    protected $securityPostValidationMessage;
     protected $compositeIdentifier;
     protected $exceptionToStatus;
     protected $queryParameterValidationEnabled;
@@ -224,6 +226,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,
@@ -295,6 +299,8 @@ public function __construct(
         $this->securityMessage = $securityMessage;
         $this->securityPostDenormalize = $securityPostDenormalize;
         $this->securityPostDenormalizeMessage = $securityPostDenormalizeMessage;
+        $this->securityPostValidation = $securityPostValidation;
+        $this->securityPostValidationMessage = $securityPostValidationMessage;
         $this->compositeIdentifier = $compositeIdentifier;
         $this->exceptionToStatus = $exceptionToStatus;
         $this->queryParameterValidationEnabled = $queryParameterValidationEnabled;
@@ -1103,6 +1109,32 @@ public function withSecurityPostDenormalizeMessage(string $securityPostDenormali
         return $self;
     }
 
+    public function getSecurityPostValidation(): ?string
+    {
+        return $this->securityPostValidation;
+    }
+
+    public function withSecurityPostValidation(?string $securityPostValidation = null): self
+    {
+        $self = clone $this;
+        $self->securityPostValidation = $securityPostValidation;
+
+        return $self;
+    }
+
+    public function getSecurityPostValidationMessage(): ?string
+    {
+        return $this->securityPostValidationMessage;
+    }
+
+    public function withSecurityPostValidationMessage(?string $securityPostValidationMessage = null): self
+    {
+        $self = clone $this;
+        $self->securityPostValidationMessage = $securityPostValidationMessage;
+
+        return $self;
+    }
+
     public function getCompositeIdentifier(): ?bool
     {
         return $this->compositeIdentifier;

src/Metadata/Patch.php

@@ -76,6 +76,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,

src/Metadata/Post.php

@@ -76,6 +76,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,

src/Metadata/Put.php

@@ -76,6 +76,8 @@ public function __construct(
         ?string $securityMessage = null,
         ?string $securityPostDenormalize = null,
         ?string $securityPostDenormalizeMessage = null,
+        ?string $securityPostValidation = null,
+        ?string $securityPostValidationMessage = null,
         ?bool $compositeIdentifier = null,
         ?array $exceptionToStatus = null,
         ?bool $queryParameterValidationEnabled = null,

src/Symfony/EventListener/DenyAccessListener.php

@@ -126,8 +126,19 @@ private function checkSecurity(Request $request, string $attribute, bool $backwa
                 return;
             }
 
-            $isGranted = 'security' === $attribute ? $operation->getSecurity() : $operation->getSecurityPostDenormalize();
-            $message = 'security' === $attribute ? $operation->getSecurityMessage() : $operation->getSecurityPostDenormalize();
+            switch ($attribute) {
+                case 'security_post_denormalize':
+                    $isGranted = $operation->getSecurityPostDenormalize();
+                    $message = $operation->getSecurityPostDenormalizeMessage();
+                    break;
+                case 'security_post_validation':
+                    $isGranted = $operation->getSecurityPostValidation();
+                    $message = $operation->getSecurityPostValidationMessage();
+                    break;
+                default:
+                    $isGranted = $operation->getSecurity();
+                    $message = $operation->getSecurityMessage();
+            }
         }
 
         if (null === $isGranted) {