[RFC][HttpKernel][Security] Allowed adding attributes on controller arguments that will be passed to argument resolvers.

Author: jvasseur

Attribute/ArgumentInterface.php

@@ -0,0 +1,19 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpKernel\Attribute;
+
+/**
+ * Marker interface for controller argument attributes.
+ */
+interface ArgumentInterface
+{
+}

CHANGELOG.md

@@ -10,6 +10,7 @@ CHANGELOG
    `kernel.trusted_proxies` and `kernel.trusted_headers` parameters
  * content of request parameter `_password` is now also hidden
    in the request profiler raw content section
+ * Allowed adding attributes on controller arguments that will be passed to argument resolvers.
 
 5.1.0
 -----

ControllerMetadata/ArgumentMetadata.php

@@ -11,6 +11,8 @@
 
 namespace Symfony\Component\HttpKernel\ControllerMetadata;
 
+use Symfony\Component\HttpKernel\Attribute\ArgumentInterface;
+
 /**
  * Responsible for storing metadata of an argument.
  *
@@ -24,15 +26,17 @@ class ArgumentMetadata
     private $hasDefaultValue;
     private $defaultValue;
     private $isNullable;
+    private $attribute;
 
-    public function __construct(string $name, ?string $type, bool $isVariadic, bool $hasDefaultValue, $defaultValue, bool $isNullable = false)
+    public function __construct(string $name, ?string $type, bool $isVariadic, bool $hasDefaultValue, $defaultValue, bool $isNullable = false, ?ArgumentInterface $attribute = null)
     {
         $this->name = $name;
         $this->type = $type;
         $this->isVariadic = $isVariadic;
         $this->hasDefaultValue = $hasDefaultValue;
         $this->defaultValue = $defaultValue;
         $this->isNullable = $isNullable || null === $type || ($hasDefaultValue && null === $defaultValue);
+        $this->attribute = $attribute;
     }
 
     /**
@@ -104,4 +108,12 @@ public function getDefaultValue()
 
         return $this->defaultValue;
     }
+
+    /**
+     * Returns the attribute (if any) that was set on the argument.
+     */
+    public function getAttribute(): ?ArgumentInterface
+    {
+        return $this->attribute;
+    }
 }

ControllerMetadata/ArgumentMetadataFactory.php

@@ -11,6 +11,9 @@
 
 namespace Symfony\Component\HttpKernel\ControllerMetadata;
 
+use Symfony\Component\HttpKernel\Attribute\ArgumentInterface;
+use Symfony\Component\HttpKernel\Exception\InvalidMetadataException;
+
 /**
  * Builds {@see ArgumentMetadata} objects based on the given Controller.
  *
@@ -34,7 +37,28 @@ public function createArgumentMetadata($controller): array
         }
 
         foreach ($reflection->getParameters() as $param) {
-            $arguments[] = new ArgumentMetadata($param->getName(), $this->getType($param, $reflection), $param->isVariadic(), $param->isDefaultValueAvailable(), $param->isDefaultValueAvailable() ? $param->getDefaultValue() : null, $param->allowsNull());
+            $attribute = null;
+            if (method_exists($param, 'getAttributes')) {
+                $reflectionAttributes = $param->getAttributes(ArgumentInterface::class, \ReflectionAttribute::IS_INSTANCEOF);
+
+                if (\count($reflectionAttributes) > 1) {
+                    $representative = $controller;
+
+                    if (\is_array($representative)) {
+                        $representative = sprintf('%s::%s()', \get_class($representative[0]), $representative[1]);
+                    } elseif (\is_object($representative)) {
+                        $representative = \get_class($representative);
+                    }
+
+                    throw new InvalidMetadataException(sprintf('Controller "%s" has more than one attribute for "$%s" argument.', $representative, $param->getName()));
+                }
+
+                if (isset($reflectionAttributes[0])) {
+                    $attribute = $reflectionAttributes[0]->newInstance();
+                }
+            }
+
+            $arguments[] = new ArgumentMetadata($param->getName(), $this->getType($param, $reflection), $param->isVariadic(), $param->isDefaultValueAvailable(), $param->isDefaultValueAvailable() ? $param->getDefaultValue() : null, $param->allowsNull(), $attribute);
         }
 
         return $arguments;

Exception/InvalidMetadataException.php

@@ -0,0 +1,16 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpKernel\Exception;
+
+class InvalidMetadataException extends \LogicException
+{
+}

Tests/ControllerMetadata/ArgumentMetadataFactoryTest.php

@@ -15,6 +15,9 @@
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadata;
 use Symfony\Component\HttpKernel\ControllerMetadata\ArgumentMetadataFactory;
+use Symfony\Component\HttpKernel\Exception\InvalidMetadataException;
+use Symfony\Component\HttpKernel\Tests\Fixtures\Attribute\Foo;
+use Symfony\Component\HttpKernel\Tests\Fixtures\Controller\AttributeController;
 use Symfony\Component\HttpKernel\Tests\Fixtures\Controller\BasicTypesController;
 use Symfony\Component\HttpKernel\Tests\Fixtures\Controller\NullableController;
 use Symfony\Component\HttpKernel\Tests\Fixtures\Controller\VariadicController;
@@ -117,6 +120,28 @@ public function testNullableTypesSignature()
         ], $arguments);
     }
 
+    /**
+     * @requires PHP 8
+     */
+    public function testAttributeSignature()
+    {
+        $arguments = $this->factory->createArgumentMetadata([new AttributeController(), 'action']);
+
+        $this->assertEquals([
+            new ArgumentMetadata('baz', 'string', false, false, null, false, new Foo('bar')),
+        ], $arguments);
+    }
+
+    /**
+     * @requires PHP 8
+     */
+    public function testAttributeSignatureError()
+    {
+        $this->expectException(InvalidMetadataException::class);
+
+        $this->factory->createArgumentMetadata([new AttributeController(), 'invalidAction']);
+    }
+
     private function signature1(self $foo, array $bar, callable $baz)
     {
     }

Tests/Fixtures/Attribute/Foo.php

@@ -0,0 +1,26 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpKernel\Tests\Fixtures\Attribute;
+
+use Attribute;
+use Symfony\Component\HttpKernel\Attribute\ArgumentInterface;
+
+#[Attribute(Attribute::TARGET_PARAMETER)]
+class Foo implements ArgumentInterface
+{
+    private $foo;
+
+    public function __construct($foo)
+    {
+        $this->foo = $foo;
+    }
+}

Tests/Fixtures/Controller/AttributeController.php

@@ -0,0 +1,23 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpKernel\Tests\Fixtures\Controller;
+
+use Symfony\Component\HttpKernel\Tests\Fixtures\Attribute\Foo;
+
+class AttributeController
+{
+    public function action(#[Foo('bar')] string $baz) {
+    }
+
+    public function invalidAction(#[Foo('bar'), Foo('bar')] string $baz) {
+    }
+}