8000 minor #8477 Deprecated ACL (javiereguiluz) · symfony/symfony-docs@8a94262 · GitHub
[go: up one dir, main page]
Skip to content

Commit 8a94262

Browse files
weaverryanweaverryan
committed
minor #8477 Deprecated ACL (javiereguiluz)
This PR was squashed before being merged into the 3.4 branch (closes #8477). Discussion ---------- Deprecated ACL This fixes #8433. I've left some mentions to ACLs because they are deprecated, not removed: * Best Practices mentions them: https://symfony.com/doc/current/best_practices/security.html#authorization-i-e-denying-access * Security config reference includes the `acl:` section: https://symfony.com/doc/current/reference/configuration/security.html Commits ------- 3a0cb17 Mention that ACL is deprecated in the security config reference eb4a088 Added version numbers to versionadded directives a94de59 Deprecated ACL
2 parents d3a6ab1 + 3a0cb17 commit 8a94262

File tree

5 files changed

+23
-9
lines changed

5 files changed

+23
-9
lines changed

reference/configuration/security.rst

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,10 @@ Each part will be explained in the next section.
3030
strategy: affirmative # One of affirmative, consensus, unanimous
3131
allow_if_all_abstain: false
3232
allow_if_equal_granted_denied: true
33-
acl:
3433
34+
# ACL support was deprecated in Symfony 3.4 and removed in Symfony 4.0
35+
# Use https://github.com/symfony/acl-bundle instead
36+
acl:
3537
# any name configured in doctrine.dbal section
3638
connection: ~
3739
cache:

security.rst

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -637,10 +637,9 @@ The process of authorization has two different sides:
637637
.. tip::
638638

639639
In addition to roles (e.g. ``ROLE_ADMIN``), you can protect a resource
640-
using other attributes/strings (e.g. ``EDIT``) and use voters or Symfony's
641-
ACL system to give these meaning. This might come in handy if you need
642-
to check if user A can "EDIT" some object B (e.g. a Product with id 5).
643-
See :ref:`security-secure-objects`.
640+
using other attributes/strings (e.g. ``EDIT``) and use voters to give these
641+
meaning. This might come in handy if you need to check if user A can "EDIT"
642+
some object B (e.g. a Product with id 5). See :ref:`security-secure-objects`.
644643

645644
Roles
646645
~~~~~
@@ -970,6 +969,10 @@ For more details on expressions and security, see :ref:`expressions-security`.
970969
Access Control Lists (ACLs): Securing individual Database Objects
971970
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
972971

972+
.. versionadded:: 3.4
973+
ACL support was deprecated in Symfony 3.4 and will be removed in 4.0. Install
974+
the `Symfony ACL bundle`_ if you want to keep using ACL.
975+
973976
Imagine you are designing a blog where users can comment on your posts. You
974977
also want a user to be able to edit their own comments, but not those of
975978
other users. Also, as the admin user, you yourself want to be able to edit
@@ -1322,3 +1325,4 @@ Other Security Related Topics
13221325

13231326
.. _`frameworkextrabundle documentation`: https://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/index.html
13241327
.. _`HWIOAuthBundle`: https://github.com/hwi/HWIOAuthBundle
1328+
.. _`Symfony ACL bundle`: https://github.com/symfony/acl-bundle

security/acl.rst

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@
44
How to Use Access Control Lists (ACLs)
55
======================================
66

7+
.. versionadded:: 3.4
8+
ACL support was deprecated in Symfony 3.4 and will be removed in 4.0. Install
9+
the `Symfony ACL bundle`_ if you wan to keep using ACL.
10+
711
In complex applications, you will often face the problem that access decisions
812
cannot only be based on the person (``Token``) who is requesting access, but
913
also involve a domain object that access is being requested for. This is where
@@ -246,4 +250,5 @@ added above:
246250
247251
The user is now allowed to view, edit, delete, and un-delete objects.
248252

253+
.. _`Symfony ACL bundle`: https://github.com/symfony/acl-bundle
249254
.. _`MongoDBAclBundle`: https://github.com/IamPersistent/MongoDBAclBundle

security/acl_advanced.rst

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@
44
How to Use advanced ACL Concepts
55
================================
66

7+
.. versionadded:: 3.4
8+
ACL support was deprecated in Symfony 3.4 and will be removed in 4.0. Install
9+
the `Symfony ACL bundle`_ if you wan to keep using ACL.
10+
711
The aim of this article is to give a more in-depth view of the ACL system, and
812
also explain some of the design decisions behind it.
913

@@ -195,4 +199,5 @@ is applicable, the class-scope ACEs will be checked. If none is applicable,
195199
then the process will be repeated with the ACEs of the parent ACL. If no
196200
parent ACL exists, an exception will be thrown.
197201

202+
.. _`Symfony ACL bundle`: https://github.com/symfony/acl-bundle
198203
.. _JMSSecurityExtraBundle: https://github.com/schmittjoh/JMSSecurityExtraBundle

security/voters.rst

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,8 @@
44
How to Use Voters to Check User Permissions
55
===========================================
66

7-
In Symfony, you can check the permission to access data by using the
8-
:doc:`ACL module </security/acl>`, which is a bit overwhelming
9-
for many applications. A much easier solution is to work with custom voters,
10-
which are like simple conditional statements.
7+
Security voters are the most granular way of checking permissions (e.g. "can this
8+
specific user edit the given item?"). This article explains voters in detail.
119

1210
.. tip::
1311

0 commit comments

Comments
 (0)
0