[Security] add methods argument to #[IsGranted] to restrict access by HTTP method

Author: santysisi

security.rst

@@ -2523,6 +2523,29 @@ that is thrown with the ``exceptionCode`` argument::
         // ...
     }
 
+You can restrict access validation to specific HTTP methods
+by using the ``methods`` argument::
+
+    // src/Controller/AdminController.php
+    // ...
+
+    use Symfony\Component\Security\Http\Attribute\IsGranted;
+
+    #[IsGranted('ROLE_ADMIN', methods: 'POST')]
+    class AdminController extends AbstractController
+    {
+        // You can also specify an array of methods
+        #[IsGranted('ROLE_SUPER_ADMIN', methods: ['GET', 'PUT'])]
+        public function adminDashboard(): Response
+        {
+            // ...
+        }
+    }
+
+.. versionadded:: 7.4
+
+    The ``methods`` argument was introduced in Symfony 7.4.
+
 .. _security-template:
 
 Access Control in Templates