Commit2fe954e

committed

[#4735] Reverting what was left on the 2.5 branch after the merge conflict had already put back some of it

1 parent9a6f242 commit2fe954eCopy full SHA for 2fe954e

File tree

+19

-3

lines changed

+19

-3

lines changed

Lines changed: 19 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -211,8 +211,10 @@ Now you can reuse this method both in the template and in the security expressio`
`211`	`211`	`Manually Checking Permissions`
`212`	`212`	`-----------------------------`
`213`	`213`
`214`		`-If you cannot control the access based on URL patterns, you can always do`
`215`		`-the security checks in PHP:`
	`214`	+The above example with ``@Security`` only works because we're using the
	`215`	+:ref:`ParamConverter<best-practices-paramconverter>`, which gives the expression
	`216`	+access to the a ``post`` variable. If you don't use this, or have some other
	`217`	`+more advanced use-case, you can always do the same security check in PHP:`
`216`	`218`
`217`	`219`	`..code-block::php`
`218`	`220`
`@@ -300,7 +302,21 @@ To enable the security voter in the application, define a new service:`
`300`	`302`	`tags:`
`301`	`303`	`-{ name: security.voter }`
`302`	`304`
`303`		-Now, you can use the voter with the ``security.context`` service:
	`305`	+Now, you can use the voter with the ``@Security`` annotation:
	`306`	`+`
	`307`	`+..code-block::php`
	`308`	`+`
	`309`	`+ /**`
	`310`	`+ * @Route("/{id}/edit", name="admin_post_edit")`
	`311`	`+ * @Security("is_granted('edit', post)")`
	`312`	`+ */`
	`313`	`+ public function editAction(Post $post)`
	`314`	`+ {`
	`315`	`+ // ...`
	`316`	`+ }`
	`317`	`+`
	`318`	+You can also use this directly with the ``security.context`` service or via
	`319`	`+the even easier shortcut in a controller:`
`304`	`320`
`305`	`321`	`..code-block::php`
`306`	`322`

Comments

(0)