Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork5.2k
Cleanup security voters cookbook recipes#5453
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Merged
Merged
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
0c9c0f9 tod6fb58aCompare| @@ -14,7 +14,7 @@ the ACL system comes in. | |||
| Using ACL's isn't trivial, and for simpler use cases, it may be overkill. | |||
| If your permission logic could be described by just writing some code (e.g. | |||
| to check if a Blog is owned by the current User), then consider using | |||
| :doc:`voters </cookbook/security/voters_data_permission>`. A voter is passed the object | |||
| :doc:`voters </cookbook/security/voters`. A voter is passed the object | |||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
missing closing angle bracket
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
fixed
| use business logic (e.g. the user can edit this post because they were | ||
| the creator) to determine access. You'll probably want this option - it's | ||
| flexible enough to solve the above situation. | ||
| * :doc:`Voters </cookbook/security/voters>` allow you to use business logic |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
[...] to use business logic [...] looks very generic to me. I'd like something like:... apply your own business logic ...,... define the custom logic applied to ..., etc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
👍
weaverryan added a commit that referenced this pull requestJul 16, 2015
This PR was merged into the 2.3 branch.Discussion----------Cleanup security voters cookbook recipes| Q | A| --- | ---| Doc fix? | yes| New docs? | no| Applies to | all| Fixed tickets |#5084Blacklisting using voters isn't a good practice and in fact, the article (`cookbook/security/voters`) was almost completely equal to the much newer voter article (`cookbook/security/voters_data_permission`). I've moved the only different piece (access decision strategy) to the newer voter article and then removed the old voter article.As the old voter article had a much nicer URL than the new one, I then renamed the new article to have the better name and set up a redirection. A [quick search on Google](https://www.google.nl/search?q=%5Blink%3Ahttp%3A%2F%2Fsymfony.com%2Fdoc%2Fcurrent%2Fcookbook%2Fsecurity%2Fvoters.html%5D+-site%3Ahttp%3A%2F%2Fsymfony.com) revealed that there are almost no links to the old article talking about blacklisting specifically, just about voters. So I think we're good here.The diff is horrible, that's why I've tried to create multiple commits (this will ease reviewing process). The only commit requiring review is9c169c7 (as the other 2 are just moving and removing stuff).Commits-------93484a7 Remove the old voter article9c169c7 Rewrite new sectionacf66f9 Move access decision strategy section
weaverryan added a commit that referenced this pull requestJul 16, 2015
weaverryan added a commit that referenced this pull requestJul 16, 2015
* 2.3: [#5453] Minor tweaks - mostly thanks to Javier
weaverryan added a commit that referenced this pull requestJul 16, 2015
* 2.6: [#5472] Minor tweak and adding code example [#5453] Minor tweaks - mostly thanks to Javier Reword Fix caching Fix build Added a tip about hashing the result of nextBytes() rework the quick tour's big picture fix for Symfony 2.7 Fix after install URL and new photo since AcmeDemoBundle is not part of 2.7 Improve travis build speed
weaverryan added a commit that referenced this pull requestJul 16, 2015
* 2.7: [#5472] Minor tweak and adding code example [#5453] Minor tweaks - mostly thanks to Javier Reword Fix caching Fix build Added a tip about hashing the result of nextBytes() rework the quick tour's big picture fix for Symfony 2.7 Fix after install URL and new photo since AcmeDemoBundle is not part of 2.7 Improve travis build speed
weaverryan added a commit that referenced this pull requestJul 16, 2015
* 2.8: [#5472] Minor tweak and adding code example [#5453] Minor tweaks - mostly thanks to Javier Reword Fix moving the mapped down as per@xabbuh Fix caching Fix build Fix the rendering issue Fix issues reported by@snoek09 . Thank you. Added a tip about hashing the result of nextBytes() Make the necessary changes mentioned by@xabbuh and add example for form rework the quick tour's big picture fix for Symfony 2.7 Fix after install URL and new photo since AcmeDemoBundle is not part of 2.7 Starting with range documentation Improve travis build speed
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Blacklisting using voters isn't a good practice and in fact, the article (
cookbook/security/voters) was almost completely equal to the much newer voter article (cookbook/security/voters_data_permission). I've moved the only different piece (access decision strategy) to the newer voter article and then removed the old voter article.As the old voter article had a much nicer URL than the new one, I then renamed the new article to have the better name and set up a redirection. Aquick search on Google revealed that there are almost no links to the old article talking about blacklisting specifically, just about voters. So I think we're good here.
The diff is horrible, that's why I've tried to create multiple commits (this will ease reviewing process). The only commit requiring review is9c169c7 (as the other 2 are just moving and removing stuff).