Skip to content

Commit

Permalink
minor #5178 Usage of denyAccessUnlessGranted in the controller (94noni)
Browse files Browse the repository at this point in the history 
This PR was squashed before being merged into the 2.6 branch (closes #5178).

Discussion
----------

Usage of denyAccessUnlessGranted in the controller

| Q             | A
| ------------- | ---
| Doc fix?      | no
| New docs?     | no
| Applies to    | >= 2.6
| Fixed tickets | -

Just a mini patch

Commits
-------

b50b12d Usage of denyAccessUnlessGranted in the controller
  • Loading branch information
@wouterj
wouterj committed May 16, 2015
2 parents a504acf + b50b12d commit 2f136e9
Showing 1 changed file with 12 additions and 4 deletions.
16 changes: 12 additions & 4 deletions cookbook/security/voters_data_permission.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,6 @@ from the authorization checker is called.
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class PostController extends Controller
{
Expand All @@ -213,9 +212,14 @@ from the authorization checker is called.
$post = ...;
// keep in mind, this will call all registered security voters
if (false === $this->get('security.authorization_checker')->isGranted('view', $post)) {
throw new AccessDeniedException('Unauthorised access!');
}
$this->denyAccessUnlessGranted('view', $post, 'Unauthorized access!');
// the equivalent code without using the denyAccessUnlessGranted() shortcut
// use Symfony\Component\Security\Core\Exception\AccessDeniedException;
//
// if (false === $this->get('security.authorization_checker')->isGranted('view', $post)) {
// throw new AccessDeniedException('Unauthorized access!');
// }
return new Response('<h1>'.$post->getName().'</h1>');
}
Expand All @@ -225,4 +229,8 @@ from the authorization checker is called.
The ``security.authorization_checker`` service was introduced in Symfony 2.6. Prior
to Symfony 2.6, you had to use the ``isGranted()`` method of the ``security.context`` service.

.. versionadded:: 2.6
The ``denyAccessUnlessGranted()`` method was introduced in Symfony 2.6 as a shortcut.
It uses ``security.authorization_checker`` and throws an ``AccessDeniedException`` if needed.

It's that easy!

0 comments on commit 2f136e9

Please sign in to comment.