Remove Sensio bundle (#11144)

* Remove Sensio bundle

* Fix security attributes

* Fix tests

.php-cs-fixer.dist.php

@@ -16,7 +16,6 @@
         '@PHP82Migration' => true,
         '@PHP80Migration:risky' => true,
         '@Symfony' => true,
-        '@DoctrineAnnotation' => true,
         'phpdoc_summary' => false,
         'no_unneeded_final_method' => false,
         'declare_strict_types' => false,

composer.json

@@ -72,7 +72,7 @@
         "league/iso3166": "^4.3",
         "league/oauth2-server": "^8.2",
         "lexik/paybox-bundle": "dev-master",
-        "longitude-one/doctrine-spatial": "*",
+        "longitude-one/doctrine-spatial": "^4.0",
         "myclabs/php-enum": "^1.5",
         "nelmio/cors-bundle": "^2.2",
         "nyholm/psr7": "^1.5",
@@ -81,11 +81,10 @@
         "phpoffice/phpspreadsheet": "^3.3",
         "ramsey/uuid": "^4.1",
         "ramsey/uuid-doctrine": "^2.0",
-        "runroom-packages/sortable-behavior-bundle": "^0.17.1",
+        "runroom-packages/sortable-behavior-bundle": "^0.18.0",
         "sabre/dav": "^4.1",
         "scheb/2fa-bundle": "^6.3",
         "scheb/2fa-google-authenticator": "^6.3",
-        "sensio/framework-extra-bundle": "^6.0",
         "sentry/sentry-symfony": "^5.0",
         "sonata-project/admin-bundle": "^4.32",
         "sonata-project/doctrine-orm-admin-bundle": "^4.15",

config/bundles.php

@@ -6,7 +6,6 @@
     Symfony\Bundle\TwigBundle\TwigBundle::class => ['all' => true],
     Symfony\Bundle\MonologBundle\MonologBundle::class => ['all' => true],
     Doctrine\Bundle\DoctrineBundle\DoctrineBundle::class => ['all' => true],
-    Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle::class => ['all' => true],
     Stof\DoctrineExtensionsBundle\StofDoctrineExtensionsBundle::class => ['all' => true],
     Doctrine\Bundle\FixturesBundle\DoctrineFixturesBundle::class => ['dev' => true, 'test' => true],
     Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle::class => ['all' => true],

src/Controller/Admin/AdminCommitteeController.php

@@ -22,13 +22,13 @@
 use App\Repository\CommitteeRepository;
 use Doctrine\ORM\EntityManagerInterface;
 use Psr\Cache\CacheItemPoolInterface;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Contracts\Translation\TranslatorInterface;
 
 class AdminCommitteeController extends AbstractController
@@ -141,8 +141,8 @@ public function mandatesAction(Committee $committee): Response
         ]);
     }
 
+    #[IsGranted(new Expression("is_granted('ROLE_ADMIN_TERRITOIRES_COMMITTEES') and is_granted('ADD_MANDATE_TO_COMMITTEE', subject)"), 'committee')]
     #[Route(path: '/committee/{id}/mandates/add', name: 'app_admin_committee_add_mandate', methods: ['GET|POST'])]
-    #[Security("is_granted('ROLE_ADMIN_TERRITOIRES_COMMITTEES') and is_granted('ADD_MANDATE_TO_COMMITTEE', committee)")]
     public function addMandateAction(
         Request $request,
         Committee $committee,
@@ -178,8 +178,8 @@ public function addMandateAction(
         ]);
     }
 
+    #[IsGranted(new Expression("is_granted('ROLE_ADMIN_TERRITOIRES_COMMITTEES') and is_granted('CHANGE_MANDATE_OF_COMMITTEE', subject.getCommittee())"), 'mandate')]
     #[Route(path: '/committee/mandates/{id}/replace', name: 'app_admin_committee_replace_mandate', methods: ['GET|POST'])]
-    #[Security("is_granted('ROLE_ADMIN_TERRITOIRES_COMMITTEES') and is_granted('CHANGE_MANDATE_OF_COMMITTEE', mandate.getCommittee())")]
     public function replaceMandateAction(Request $request, CommitteeAdherentMandate $mandate): Response
     {
         $committee = $mandate->getCommittee();
@@ -221,8 +221,8 @@ public function replaceMandateAction(Request $request, CommitteeAdherentMandate
         ]);
     }
 
+    #[IsGranted(new Expression("is_granted('ROLE_ADMIN_TERRITOIRES_COMMITTEES') and is_granted('CHANGE_MANDATE_OF_COMMITTEE', subject.getCommittee())"), 'mandate')]
     #[Route(path: '/committee/mandates/{id}/close', name: 'app_admin_committee_close_mandate', methods: ['GET|POST'])]
-    #[Security("is_granted('ROLE_ADMIN_TERRITOIRES_COMMITTEES') and is_granted('CHANGE_MANDATE_OF_COMMITTEE', mandate.getCommittee())")]
     public function closeMandateAction(
         Request $request,
         CommitteeAdherentMandate $mandate,

src/Controller/Admin/AdminDonationController.php

@@ -5,10 +5,10 @@
 use App\Entity\Donation;
 use Doctrine\ORM\EntityManagerInterface;
 use League\Flysystem\FilesystemOperator;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[IsGranted('ROLE_ADMIN_FINANCE')]
 #[Route(path: '/donation')]

src/Controller/Admin/AdminDonatorController.php

@@ -8,11 +8,11 @@
 use App\Donation\Handler\DonatorMergeCommandHandler;
 use App\Form\Admin\DonatorMergeType;
 use App\Form\Admin\Extract\DonatorExtractType;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[IsGranted('ROLE_ADMIN_FINANCES_DONATIONS')]
 #[Route(path: '/donator')]

src/Controller/Admin/AdminFileController.php

@@ -7,12 +7,12 @@
 use App\Utils\HttpUtils;
 use Gedmo\Sluggable\Util\Urlizer;
 use League\Flysystem\FilesystemOperator;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route(path: '/filesystem', name: 'app_admin_files_', methods: ['GET'])]
 class AdminFileController extends AbstractController

src/Controller/Admin/AdminPhoningCampaignStatsController.php

@@ -5,9 +5,9 @@
 use App\Controller\EnMarche\VotingPlatform\AbstractController;
 use App\Entity\Phoning\Campaign;
 use App\Repository\AdherentRepository;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[IsGranted('ROLE_ADMIN_PHONING_CAMPAIGNS')]
 #[Route(path: '/phoning-campaign/{id}/stats', name: 'app_admin_phoning_campaign_stats', methods: 'GET')]

src/Controller/Admin/AdminQrCodeGeneratorController.php

@@ -4,10 +4,10 @@
 
 use App\Entity\QrCode;
 use App\QrCode\QrCodeEntityHandler;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[IsGranted('ROLE_ADMIN_QR_CODES')]
 #[Route(path: '/qr-code/{uuid}/generate.{_format}', name: 'app_admin_qr_code_generate', methods: 'GET', defaults: ['_format' => 'png'], requirements: ['_format' => 'png|svg'])]

src/Controller/Admin/AdminReportController.php

@@ -4,12 +4,12 @@
 
 use App\Entity\Report\Report;
 use App\Report\ReportManager;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route(path: '/signalements')]
 class AdminReportController extends AbstractController

src/Controller/Admin/AdminUnregistrationController.php

@@ -4,12 +4,12 @@
 
 use App\Adherent\Unregistration\UnregistrationSerializer;
 use App\Repository\UnregistrationRepository;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route(path: '/unregistration')]
 class AdminUnregistrationController extends AbstractController

src/Controller/Admin/ElectedRepresentativeSimilarAdherentProfilesController.php

@@ -8,8 +8,9 @@
 use App\Entity\ElectedRepresentative\ElectedRepresentative;
 use App\Repository\AdherentRepository;
 use Doctrine\ORM\EntityManagerInterface;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
+use Symfony\Bridge\Doctrine\Attribute\MapEntity;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
 
@@ -26,14 +27,14 @@ public function showSimilarProfilesAction(
         ]);
     }
 
-    #[ParamConverter('adherent', options: ['mapping' => ['adherent_id' => 'id']])]
     #[Route(path: '/elected-representative/{id}/adherent-similar-profiles/{adherent_id}/link', name: 'admin_app_electedrepresentative_adherent_similar_profiles_link', methods: ['GET'])]
     public function linkAdherentToElectedRepresentativeAction(
         ElectedRepresentative $electedRepresentative,
+        #[MapEntity(mapping: ['adherent_id' => 'id'])]
         Adherent $adherent,
         EntityManagerInterface $entityManager,
         EventDispatcherInterface $dispatcher,
-    ) {
+    ): Response {
         $dispatcher->dispatch(new ElectedRepresentativeEvent($electedRepresentative), ElectedRepresentativeEvents::BEFORE_UPDATE);
 
         $electedRepresentative->setAdherent($adherent);

src/Controller/Api/Action/CancelActionController.php

@@ -5,13 +5,14 @@
 use App\Entity\Action\Action;
 use App\JeMengage\Push\Command\NotifyForActionCommand;
 use Doctrine\ORM\EntityManagerInterface;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Messenger\MessageBusInterface;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'actions') and (action.getAuthor() == user or user.hasDelegatedFromUser(action.getAuthor(), 'actions'))")]
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', 'actions') and (subject.getAuthor() == user or user.hasDelegatedFromUser(subject.getAuthor(), 'actions'))"), subject: 'action')]
 class CancelActionController extends AbstractController
 {
     public function __invoke(Action $action, EntityManagerInterface $manager, MessageBusInterface $bus): Response

src/Controller/Api/AdherentAutocompleteController.php

@@ -5,18 +5,19 @@
 use App\Adherent\AdherentAutocompleteFilter;
 use App\Repository\AdherentRepository;
 use App\Scope\ScopeGeneratorResolver;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Serializer\Normalizer\AbstractNormalizer;
 use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
 use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
 
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', ['team', 'my_team', 'committee'])"))]
 #[Route(path: '/v3/adherents/autocomplete', name: 'api_adherent_autocomplete', methods: ['GET'])]
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', ['team', 'my_team', 'committee'])")]
 class AdherentAutocompleteController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/AdherentController.php

@@ -5,12 +5,12 @@
 use App\Entity\Adherent;
 use App\Security\Voter\ManagedUserVoter;
 use Doctrine\ORM\EntityManagerInterface;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Serializer\SerializerInterface;
 use Symfony\Component\Validator\Validator\ValidatorInterface;
 

src/Controller/Api/AdherentList/CountAdherentController.php

@@ -8,19 +8,20 @@
 use App\Repository\Geo\ZoneRepository;
 use App\Scope\ScopeGeneratorResolver;
 use Ramsey\Uuid\Uuid;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Serializer\Encoder\JsonEncoder;
 use Symfony\Component\Serializer\Exception\NotEncodableValueException;
 use Symfony\Component\Serializer\Exception\NotNormalizableValueException;
 use Symfony\Component\Serializer\SerializerInterface;
 
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', ['contacts', 'committee', 'designation'])"))]
 #[Route(path: '/v3/adherents/count', name: 'app_adherents_count_get', methods: ['GET', 'POST'])]
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', ['contacts', 'committee', 'designation'])")]
 class CountAdherentController extends AbstractController
 {
     public function __construct(

src/Controller/Api/AdherentMessage/DuplicateMessageController.php

@@ -4,11 +4,12 @@
 
 use App\AdherentMessage\AdherentMessageManager;
 use App\Entity\AdherentMessage\AbstractAdherentMessage;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (data.getAuthor() == user or user.hasDelegatedFromUser(data.getAuthor(), 'messages'))")]
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (subject.getAuthor() == user or user.hasDelegatedFromUser(subject.getAuthor(), 'messages'))"), subject: 'data')]
 class DuplicateMessageController extends AbstractController
 {
     public function __construct(private readonly AdherentMessageManager $manager)

src/Controller/Api/AdherentMessage/GetAdherentMessageStatusController.php

@@ -3,14 +3,15 @@
 namespace App\Controller\Api\AdherentMessage;
 
 use App\Entity\AdherentMessage\AbstractAdherentMessage;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Serializer\SerializerInterface;
 
+#[IsGranted(new Expression("is_granted('ROLE_USER') and (subject.getAuthor() == user or user.hasDelegatedFromUser(subject.getAuthor(), 'messages'))"), subject: 'message')]
 #[Route(path: '/adherent_messages/{uuid}', name: 'app_api_get_adherent_message_status', methods: ['GET'])]
-#[Security("is_granted('ROLE_USER') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
 class GetAdherentMessageStatusController extends AbstractController
 {
     public function __invoke(AbstractAdherentMessage $message, SerializerInterface $serializer): Response

src/Controller/Api/AdherentMessage/SendAdherentMessageController.php

@@ -4,12 +4,13 @@
 
 use App\AdherentMessage\AdherentMessageManager;
 use App\Entity\AdherentMessage\AbstractAdherentMessage;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (subject.getAuthor() == user or user.hasDelegatedFromUser(subject.getAuthor(), 'messages'))"), subject: 'message')]
 class SendAdherentMessageController extends AbstractController
 {
     public function __construct(private readonly AdherentMessageManager $manager)

src/Controller/Api/AdherentMessage/SendTestAdherentMessageController.php

@@ -5,11 +5,12 @@
 use App\AdherentMessage\AdherentMessageManager;
 use App\Entity\Adherent;
 use App\Entity\AdherentMessage\AbstractAdherentMessage;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (subject.getAuthor() == user or user.hasDelegatedFromUser(subject.getAuthor(), 'messages'))"), subject: 'message')]
 class SendTestAdherentMessageController extends AbstractController
 {
     public function __construct(private readonly AdherentMessageManager $manager)

src/Controller/Api/AdherentMessage/UpdateAdherentMessageFilterController.php

@@ -6,18 +6,19 @@
 use App\Entity\AdherentMessage\AbstractAdherentMessage;
 use App\Entity\AdherentMessage\Filter\AudienceFilter;
 use App\Scope\ScopeGeneratorResolver;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Serializer\Encoder\JsonEncoder;
 use Symfony\Component\Serializer\Normalizer\AbstractNormalizer;
 use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
 use Symfony\Component\Serializer\SerializerInterface;
 use Symfony\Component\Validator\Validator\ValidatorInterface;
 
-#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (data.getAuthor() == user or user.hasDelegatedFromUser(data.getAuthor(), 'messages'))")]
+#[IsGranted(new Expression("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (subject.getAuthor() == user or user.hasDelegatedFromUser(subject.getAuthor(), 'messages'))"), subject: 'data')]
 class UpdateAdherentMessageFilterController extends AbstractController
 {
     public function __construct(

src/Controller/Api/AppLink/AuthenticatedAppLinkController.php

@@ -3,18 +3,18 @@
 namespace App\Controller\Api\AppLink;
 
 use App\Controller\Renaissance\Adhesion\AdhesionController;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Routing\Attribute\Route;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\Security\Http\LoginLink\LoginLinkHandlerInterface;
 
+#[IsGranted('ROLE_USER')]
 #[Route(path: '/v3/app-link/{key}', name: 'api_app_link_authenticated', methods: ['GET'])]
-#[Security("is_granted('ROLE_USER')")]
 class AuthenticatedAppLinkController extends AbstractController
 {
     private const KEYS_TO_ROUTES = [