From 346943e2f51fa491a58ca1a2185e5987797f8346 Mon Sep 17 00:00:00 2001
From: Christian Flothmann <christian.flothmann@xabbuh.de>
Date: Mon, 30 Nov 2015 11:54:38 +0100
Subject: [PATCH] add subject variable to expression context

---
 UPGRADE-2.8.md                                                 | 3 +++
 .../Security/Core/Authorization/Voter/ExpressionVoter.php      | 1 +
 2 files changed, 4 insertions(+)

diff --git a/UPGRADE-2.8.md b/UPGRADE-2.8.md
index 797e2a5015b0..883ef576d328 100644
--- a/UPGRADE-2.8.md
+++ b/UPGRADE-2.8.md
@@ -448,6 +448,9 @@ FrameworkBundle
 Security
 --------
 
+ * The `object` variable passed to expressions evaluated by the `ExpressionVoter`
+   is deprecated. Instead use the new `subject` variable.
+
  * The `AbstractVoter` class was deprecated. Instead, extend the `Voter` class and
    move your voting logic in the `supports($attribute, $subject)` and
    `voteOnAttribute($attribute, $object, TokenInterface $token)` methods.
diff --git a/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php b/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php
index 98b8f50f15d0..96a7ece998cc 100644
--- a/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php
+++ b/src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php
@@ -102,6 +102,7 @@ private function getVariables(TokenInterface $token, $object)
             'token' => $token,
             'user' => $token->getUser(),
             'object' => $object,
+            'subject' => $object,
             'roles' => array_map(function ($role) { return $role->getRole(); }, $roles),
             'trust_resolver' => $this->trustResolver,
         );