== How to fix it in Symfony === Code examples ==== Noncompliant code example The ``++vote++`` method of a https://symfony.com/doc/current/security/voters.html[VoterInterface] implementation is not compliant when it returns only an affirmative decision (``++ACCESS_GRANTED++``): [source,php,diff-id=201,diff-type=noncompliant] ---- class NoncompliantVoter implements VoterInterface { public function vote(TokenInterface $token, $subject, array $attributes) { return self::ACCESS_GRANTED; // Noncompliant } } ---- The ``++voteOnAttribute++`` method of a https://symfony.com/doc/current/security/voters.html[Voter] class is not compliant when it returns only an affirmative decision (``++true++``): [source,php,diff-id=202,diff-type=noncompliant] ---- class NoncompliantVoter extends Voter { protected function supports(string $attribute, $subject) { return true; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token) { return true; // Noncompliant } } ---- ==== Compliant solution The ``++vote++`` method of a https://symfony.com/doc/current/security/voters.html[VoterInterface] type should return a negative decision (``++ACCESS_DENIED++``) or abstain from making a decision (``++ACCESS_ABSTAIN++``): [source,php,diff-id=201,diff-type=compliant] ---- class CompliantVoter implements VoterInterface { public function vote(TokenInterface $token, $subject, array $attributes) { if (foo()) { return self::ACCESS_GRANTED; } else if (bar()) { return self::ACCESS_ABSTAIN; } return self::ACCESS_DENIED; } } ---- The ``++voteOnAttribute++`` method of a https://symfony.com/doc/current/security/voters.html[Voter] type should return a negative decision (``++false++``): [source,php,diff-id=202,diff-type=compliant] ---- class CompliantVoter extends Voter { protected function supports(string $attribute, $subject) { return true; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token) { if (foo()) { return true; } return false; } } ----