Permalink
Browse files

minor #4872 [BestPractices] fix merge after removing @Security in 2.3…

… (xabbuh)

This PR was merged into the 2.5 branch.

Discussion
----------

[BestPractices] fix merge after removing @Security in 2.3

| Q             | A
| ------------- | ---
| Doc fix?      | yes
| New docs?     | no
| Applies to    | 2.5+
| Fixed tickets |

Commits
-------

5c55491 fix merge after removing @Security in 2.3
  • Loading branch information...
weaverryan committed Jan 18, 2015
2 parents 240a981 + 5c55491 commit 4143076e6b2f760b2df03dda6d5933fc54618b68
Showing with 7 additions and 4 deletions.
  1. +7 −4 best_practices/security.rst
@@ -74,13 +74,15 @@ Authorization (i.e. Denying Access)
-----------------------------------
Symfony gives you several ways to enforce authorization, including the ``access_control``
configuration in :doc:`security.yml </reference/configuration/security>` and
using :ref:`isGranted <best-practices-directly-isGranted>` on the ``security.context``
configuration in :doc:`security.yml </reference/configuration/security>`, the
:ref:`@Security annotation <best-practices-security-annotation>` and using
:ref:`isGranted <best-practices-directly-isGranted>` on the ``security.context``
service directly.
.. best-practice::
* For protecting broad URL patterns, use ``access_control``;
* Whenever possible, use the ``@Security`` annotation;
* Check security directly on the ``security.context`` service whenever
you have a more complex situation.
@@ -207,9 +209,10 @@ Now you can reuse this method both in the template and in the security expressio
.. _best-practices-directly-isGranted:
.. _checking-permissions-without-security:
.. _manually-checking-permissions:
Manually Checking Permissions
-----------------------------
Checking Permissions without @Security
--------------------------------------
The above example with ``@Security`` only works because we're using the
:ref:`ParamConverter <best-practices-paramconverter>`, which gives the expression

0 comments on commit 4143076

Please sign in to comment.