Revamped the main security article #7293
Conversation
|
I think it is a good idea to extract as many parts as possible from the existing article. However, wouldn't it still be good to provide a short overview about how things do work? With everything stripped out you will have to jump a lot between different articles to get the basic setup done. |
|
@xabbug a good question and I'm not sure I have an answer. My reasoning was ... some developers (and most newcomers) don't care at all how this works internally. They just want to protect their websites and have users in their apps. Later on, when their apps demand so, they'll go deeper into the security of Symfony. That's why we'll provide not-so-simple articles to do custom things and also extremely-hard articles explaining in detail all the internals of the component. |
|
I agree with you about that and that's a good reason to strip this article down. But can we think about what are the typical problems you will have to solve when first working with the Symfony security layer? We could then change this chapter to explain only how to solve that problem (should be much short and focused than the current version) and still have the references to other parts of the docs that you suggested. |
|
Closing as a failed proposal. |
Problem
Security is the most tough part for most Symfony newcomers. In symfony#21029 we are discussing about some drastic simplifications in the way developers deal with security ... but meanwhile, we can do a lot of things in the security docs.
In my opinion, the main problem is that the security docs mixes very old and very new articles and lacks of a unified vision. Besides, the main security article explains too much too early and it overwhelms users telling them that security is very complex in Symfony apps.
Proposal
This PR makes the main security article as short as possible and provides a quick list of links for the most common security needs. If you like this idea, I'll finish it moving some old contents to new articles and introducing minor rewords to most security articles to reduce their complexity (the needed changes won't be massive).
Please, tell me what you think. Thanks!