Skip to content

Commit

Permalink
[book][security] Adding note per @stof about access control without a…
Browse files Browse the repository at this point in the history 
… firewall
  • Loading branch information
@weaverryan
weaverryan committed May 12, 2011
1 parent 0561c2c commit eca314f
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions book/security.rst
View file
Expand Up @@ -1337,6 +1337,13 @@ the built-in helper function:
<a href="...">Delete</a> <a href="...">Delete</a>
<?php endif; ?> <?php endif; ?>


.. note::

If you use this function and are *not* at a URL where there is a firewall
active, an exception will be thrown. Again, it's almost always a good
idea to have a main firewall that covers all URLs (as has been shown
in this chapter).

Access Control in Controllers Access Control in Controllers
----------------------------- -----------------------------


Expand All @@ -1354,6 +1361,11 @@ the ``isGranted`` method of the security context:
// load other regular content here // load other regular content here
} }
.. note::

A firewall must be active or an exception will be thrown when the ``isGranted``
method is called. See the note above about templates for more details.

Impersonating a User Impersonating a User
-------------------- --------------------


Expand Down

0 comments on commit eca314f

Please sign in to comment.