Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit731dcad

Browse files
Michael Kleinweaverryan
Michael Klein
authored andcommitted
updated page with suggestion from the review
1 parent1466fa7 commit731dcad

File tree

1 file changed

+17
-12
lines changed

1 file changed

+17
-12
lines changed

‎cookbook/security/voters_data_permission.rst

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,8 @@ application: :doc:`"/cookbook/security/voters"`.
1313

1414
..tip::
1515

16-
It is good to understandthebasics about what and how
17-
:doc:`authorization</components/security/authorization>` works. // correct link in book?
16+
Have a look atthereferenced page if you are not familiar with
17+
:doc:`authorization</components/security/authorization>`.
1818

1919
How Symfony uses Voters
2020
-----------------------
@@ -33,7 +33,9 @@ A custom voter must implement
3333
:class:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface`,
3434
which has this structure:
3535

36-
..code-block::php // :: shortcut? and put the snippet (to line 56) in a single file an reference ?
36+
// how to put this following snippet (to line 56) in a single file an embed it? as it is used in voters.rst as well.
37+
38+
..code-block::php
3739
3840
interface VoterInterface
3941
{
@@ -95,10 +97,8 @@ You could store your Voter to check permission for the view and edit action like
9597
$array = array('Acme\DemoBundle\Entity\Post');
9698
9799
foreach ($array as $item) {
98-
// check with stripos in case doctrine is using a proxy class for this object
99-
// if (stripos($s, $item) !== false) {
100-
if ($obj instanceof $item)) // check if this will also check for interfaces etc. like it should be in oop (inheritace)
101-
// or return $targetClass === $class || is_subclass_of($class, $targetClass);
100+
if ($obj instanceof $item))
101+
102102
return true;
103103
}
104104
}
@@ -107,16 +107,21 @@ You could store your Voter to check permission for the view and edit action like
107107
}
108108
109109
/** @var \Acme\DemoBundle\Entity\Post $post */
110-
public function vote(TokenInterface $token, $post, array $attributes) // remove array
110+
public function vote(TokenInterface $token, $post, array $attributes)
111111
{
112-
// always get the first attribute
112+
// check if voter is used correct, only allow one attribute for a check
113+
if(count($attributes) !== 1 || !is_string($attributes[0])) {
114+
throw new PreconditionFailedHttpException('The Attribute was not set correct. Maximum 1 attribute.');
115+
}
116+
117+
// set the attribute to check against
113118
$attribute = $attributes[0];
114119
115120
// get current logged in user
116121
$user = $token->getUser();
117122
118123
// check if class of this object is supported by this voter
119-
if (!($this->supportsClass($post))) { // maybe without ClassUtils::getRealClass(
124+
if (!($this->supportsClass($post))) {
120125
121126
return VoterInterface::ACCESS_ABSTAIN;
122127
}
@@ -151,8 +156,8 @@ You could store your Voter to check permission for the view and edit action like
151156
break;
152157
153158
default:
154-
// otherwise throw an exception
155-
throw new PreconditionFailedHttpException('The Attribute "'.$attribute.'"" was not found.')
159+
// otherwise throw an exception, which will break the request
160+
throw new PreconditionFailedHttpException('The Attribute "'.$attribute.'" was not found.')
156161
}
157162
158163
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp