security add expression voter

Author: alavieille

components/security/authorization.rst

@@ -157,6 +157,40 @@ role::
 
     $roleHierarchyVoter = new RoleHierarchyVoter($roleHierarchy);
 
+ExpressionVoter
+~~~~~~~~~~~~~~~~~~
+The :class:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\ExpressionVoter`
+supports :class:`Symfony\\Component\\ExpressionLanguage\\Expression` attributes
+and grants access based on the evaluation of expression (See :doc:`/security/expressions` )
+
+.. code-block:: php
+
+    use Symfony\Component\ExpressionLanguage\Expression;
+    use Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter;
+
+    // Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
+    $expressionLanguage = ...;
+
+    // instance of Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface
+    $trustResolver = ...;
+
+    // Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface
+    $authorizationChecker = ...;
+
+    $expressionVoter = new ExpressionVoter($expressionLanguage, $trustResolver, $authorizationChecker);
+
+    // instance of Symfony\Component\Security\Core\Authentication\Token\TokenInterface
+    $token = ...;
+
+    // any object
+    $object = ...;
+
+    $expression = new Expression(
+        '"ROLE_ADMIN" in roles or (not is_anonymous() and user.isSuperAdmin())'
+    )
+
+    $vote = $expressionVoter->vote($token, $object, array($expression));
+
 .. note::
 
     When you make your own voter, you can use its constructor