refactoring of RequestSecurityEventSubscriber

core/EventSubscriber/RequestSecurityEventSubscriber.php

@@ -51,16 +51,14 @@ class RequestSecurityEventSubscriber implements EventSubscriberInterface
             $isGranted = $this->authorizationChecker->isGranted($role);
 
             if ('or' === $operator && $isGranted) {
-                $isAuthorized = true;
+                return;
             } elseif ('and' === $operator && !$isGranted) {
                 throw $exception;
             }
         }
 
-        if (!$isAuthorized) {
         throw $exception;
     }
-    }
 
     public static function getSubscribedEvents(): array
     {