fix(symfony): security regression when ResourceAccessChecker is decorated (#7896)

Commit 359a128 introduced a regression
when ResourceAccessChecker is decorated, and
security/securityPostDenormalize are using object in is_granted
expression.

The issue arise since AccessCheckerProvider violates the Liskov
substitution principle by assuming that if the (previously unknown)
interface ObjectVariableCheckerInterface is not defined, then the
pre_read optimization can be used without an object instance.

Author: giosh94mhz

src/Symfony/Security/State/AccessCheckerProvider.php

@@ -85,7 +85,14 @@ public function provide(Operation $operation, array $uriVariables = [], array $c
             ];
         }
 
-        if ('pre_read' === $this->event && $this->resourceAccessChecker instanceof ObjectVariableCheckerInterface && $this->resourceAccessChecker->usesObjectVariable($isGranted, $resourceAccessCheckerContext)) {
+        // Skip pre_read optimization when object is used via granted (or usage is not predicatable)
+        if (
+            'pre_read' === $this->event
+            && (
+                !$this->resourceAccessChecker instanceof ObjectVariableCheckerInterface
+                || $this->resourceAccessChecker->usesObjectVariable($isGranted, $resourceAccessCheckerContext)
+            )
+        ) {
             return $this->decorated->provide($operation, $uriVariables, $context);
         }