[Security] Add argument statusCode to #[IsGranted]

alexandre-daubois · alexandre-daubois · commit 17ceb210c735 · 2023-03-21T08:53:43.000+01:00
diff --git a/security.rst b/security.rst
@@ -2299,27 +2299,30 @@ the ``ROLE_SUPER_ADMIN`` permission:
     #[IsGranted('ROLE_ADMIN')]
     class AdminController extends AbstractController
     {
+        // Optionally, you can set a custom message that will be displayed to the user
         #[IsGranted('ROLE_SUPER_ADMIN', message: 'You are not allowed to access the admin dashboard.')]
         public function adminDashboard(): Response
         {
             // ...
         }
     }
 
-A custom status code can be set with the ``statusCode`` argument. This
-code will be used in the HTTP response::
+If you want to use a custom status code instead of the default one (which
+is 403), this can be done by setting with the ``statusCode`` argument::
 
     // src/Controller/AdminController.php
     // ...
 
     use Symfony\Component\Security\Http\Attribute\IsGranted;
 
-    #[IsGranted('ROLE_ADMIN', statusCode: 403)]
+    #[IsGranted('ROLE_ADMIN', statusCode: 423)]
     class AdminController extends AbstractController
     {
         // ...
     }
 
+The default code is 403.
+
 .. versionadded:: 6.2
 
     The ``#[IsGranted()]`` attribute was introduced in Symfony 6.2.

Original file line number	Diff line number	Diff line change
@@ -2299,27 +2299,30 @@ the ``ROLE_SUPER_ADMIN`` permission:
`2299`	`2299`	`#[IsGranted('ROLE_ADMIN')]`
`2300`	`2300`	`class AdminController extends AbstractController`
`2301`	`2301`	`{`
	`2302`	`+ // Optionally, you can set a custom message that will be displayed to the user`
`2302`	`2303`	`#[IsGranted('ROLE_SUPER_ADMIN', message: 'You are not allowed to access the admin dashboard.')]`
`2303`	`2304`	`public function adminDashboard(): Response`
`2304`	`2305`	`{`
`2305`	`2306`	`// ...`
`2306`	`2307`	`}`
`2307`	`2308`	`}`
`2308`	`2309`
`2309`		-A custom status code can be set with the ``statusCode`` argument. This
`2310`		`-code will be used in the HTTP response::`
	`2310`	`+If you want to use a custom status code instead of the default one (which`
	`2311`	+is 403), this can be done by setting with the ``statusCode`` argument::
`2311`	`2312`
`2312`	`2313`	`// src/Controller/AdminController.php`
`2313`	`2314`	`// ...`
`2314`	`2315`
`2315`	`2316`	`use Symfony\Component\Security\Http\Attribute\IsGranted;`
`2316`	`2317`
`2317`		`- #[IsGranted('ROLE_ADMIN', statusCode: 403)]`
	`2318`	`+ #[IsGranted('ROLE_ADMIN', statusCode: 423)]`
`2318`	`2319`	`class AdminController extends AbstractController`
`2319`	`2320`	`{`
`2320`	`2321`	`// ...`
`2321`	`2322`	`}`
`2322`	`2323`
	`2324`	`+The default code is 403.`
	`2325`	`+`
`2323`	`2326`	`.. versionadded:: 6.2`
`2324`	`2327`
`2325`	`2328`	The ``#[IsGranted()]`` attribute was introduced in Symfony 6.2.