Skip to content

[Security] Describe voters more prominently in the Security guide #13522

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 16, 2020
Merged

[Security] Describe voters more prominently in the Security guide #13522

merged 1 commit into from
Apr 16, 2020

Conversation

wouterj
Copy link
Member

@wouterj wouterj commented Apr 11, 2020
edited by javiereguiluz
Loading

Fixes #11505, Fixes #13406

  • I've removed the ACL bundle reference, imho it no longer makes sense to talk about it
  • I've also changed the title from "Access Control Lists (ACLs): Securing individual Database Objects" to "Securing Individual Objects"; it's no longer about ACL
  • I've updated the content to talk about the function of voters and not talk about why we replaced ACL with voters (that was useful in Symfony 3, but I think it no longer makes sense - everyone has made the change already)
  • I've moved the chapter slightly up, the TOC now is: 
    4) Denying Access, Roles and other Authorization
    Roles
    Add Code to Deny Access
        Securing URL patterns (access_control)
        Securing Controllers and other Code
        Access Control in Templates
        Securing other Services
    Securing Individual Objects
    Checking to see if a User is Logged In (IS_AUTHENTICATED_FULLY)

@wouterj wouterj added this to the 4.4 milestone Apr 11, 2020
@wouterj wouterj force-pushed the security/voters-instead-of-acl branch from 9f62259 to 3190cc2 Compare April 11, 2020 18:20
javiereguiluz
javiereguiluz approved these changes Apr 14, 2020
View reviewed changes
Copy link
Member

@javiereguiluz javiereguiluz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@wouterj wouterj force-pushed the security/voters-instead-of-acl branch from 3190cc2 to b610beb Compare April 16, 2020 09:31
@wouterj wouterj merged commit 2209ca2 into symfony:4.4 Apr 16, 2020
@wouterj wouterj deleted the security/voters-instead-of-acl branch April 16, 2020 09:34
@wouterj wouterj mentioned this pull request Apr 16, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javiereguiluz javiereguiluz javiereguiluz approved these changes

@xabbuh xabbuh xabbuh approved these changes

Assignees
No one assigned
Labels
Security Status: Reviewed
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
4 participants
@wouterj @javiereguiluz @xabbuh @carsonbot