Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitef9c945

Browse files
committed
Minor tweaks
1 parent523229b commitef9c945

File tree

2 files changed

+14
-12
lines changed

2 files changed

+14
-12
lines changed

‎security.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2715,8 +2715,8 @@ anonymous users access by checking if there is no user set on the token::
27152715

27162716
..versionadded::7.3
27172717

2718-
The `$vote` parameter in the:method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::voteOnAttribute` method
2719-
was introducedin Symfony 7.3.
2718+
The ``$vote`` argument of the``voteOnAttribute()`` method was introduced
2719+
in Symfony 7.3.
27202720

27212721
Setting Individual User Permissions
27222722
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

‎security/voters.rst

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -51,8 +51,8 @@ which makes creating a voter even easier::
5151

5252
..versionadded::7.3
5353

54-
The `$vote` parameter in the:method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::voteOnAttribute` method
55-
was introducedin Symfony 7.3.
54+
The ``$vote`` argument of the``voteOnAttribute()`` method was introduced
55+
in Symfony 7.3.
5656

5757
.. _how-to-use-the-voter-in-a-controller:
5858

@@ -173,11 +173,10 @@ would look like this::
173173
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
174174
{
175175
$user = $token->getUser();
176-
$vote ??= new Vote();
177176

178177
if (!$user instanceof User) {
179178
// the user must be logged in; if not, deny access
180-
$vote->reasons[] ='The user is not logged in.';
179+
$vote?->addReason('The user is not logged in.');
181180
return false;
182181
}
183182

@@ -205,12 +204,15 @@ would look like this::
205204

206205
private function canEdit(Post $post, User $user): bool
207206
{
208-
// this assumes that the Post object has a `getOwner()` method
209-
if ($user === $post->getOwner()) {
207+
// this assumes that the Post object has a `getAuthor()` method
208+
if ($user === $post->getAuthor()) {
210209
return true;
211210
}
212211

213-
$vote->reasons[] = 'You are not the owner of the Post.';
212+
$vote?->addReason(sprintf(
213+
'The logged in user (username: %s) is not the author of this post (id: %d).',
214+
$user->getUsername(), $post->getId()
215+
));
214216

215217
return false;
216218
}
@@ -233,9 +235,9 @@ To recap, here's what's expected from the two abstract methods:
233235
``voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null)``
234236
If you return ``true`` from ``supports()``, then this method is called. Your
235237
job is to return ``true`` to allow access and ``false`` to deny access.
236-
The ``$token`` can be used to find the current user object (if any). The ``$vote``
237-
argument can be used toadd a reason to the vote. In this example, all of the
238-
complex business logicis includedto determine access.
238+
The ``$token`` can be used to find the current user object (if any).
239+
The ``$vote``argument can be used toprovide an explanation for the vote.
240+
This explanationis includedin log messages and on exception pages.
239241

240242
.. _declaring-the-voter-as-a-service:
241243

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp