8000 Deprecated ACL by javiereguiluz · Pull Request #8477 · symfony/symfony-docs · GitHub
[go: up one dir, main page]
Skip to content

Deprecated ACL #8477

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Oct 29, 2017
Merged

Deprecated ACL #8477

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a94de59
Deprecated ACL
javiereguiluz Oct 4, 2017
eb4a088
Added version numbers to versionadded directives
javiereguiluz Oct 8, 2017
3a0cb17
Mention that ACL is deprecated in the security config reference
javiereguiluz Oct 29, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
8000
Diff view
Diff view
12 changes: 8 additions & 4 deletions security.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -637,10 +637,9 @@ The process of authorization has two different sides:
.. tip::

In addition to roles (e.g. ``ROLE_ADMIN``), you can protect a resource
using other attributes/strings (e.g. ``EDIT``) and use voters or Symfony's
ACL system to give these meaning. This might come in handy if you need
to check if user A can "EDIT" some object B (e.g. a Product with id 5).
See :ref:`security-secure-objects`.
using other attributes/strings (e.g. ``EDIT``) and use voters to give these
meaning. This might come in handy if you need to check if user A can "EDIT"
some object B (e.g. a Product with id 5). See :ref:`security-secure-objects`.

Roles
~~~~~
Expand Down Expand Up @@ -970,6 +969,10 @@ For more details on expressions and security, see :ref:`expressions-security`.
Access Control Lists (ACLs): Securing individual Database Objects
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.. versionadded::
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The versionadded directives are missing the version number.

ACL support was deprecated in Symfony 3.4 and will be removed in 4.0. Install
the `Symfony ACL bundle`_ if you wan to keep using ACL.

Imagine you are designing a blog where users can comment on your posts. You
also want a user to be able to edit their own comments, but not those of
other users. Also, as the admin user, you yourself want to be able to edit
Expand Down Expand Up @@ -1322,3 +1325,4 @@ Other Security Related Topics

.. _`frameworkextrabundle documentation`: https://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/index.html
.. _`HWIOAuthBundle`: https://github.com/hwi/HWIOAuthBundle
.. _`Symfony ACL bundle`: https://github.com/symfony/acl-bundle
5 changes: 5 additions & 0 deletions security/acl.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
How to Use Access Control Lists (ACLs)
======================================

.. versionadded::
ACL support was deprecated in Symfony 3.4 and will be removed in 4.0. Install
the `Symfony ACL bundle`_ if you wan to keep using ACL.

In complex applications, you will often face the problem that access decisions
cannot only be based on the person (``Token``) who is requesting access, but
also involve a domain object that access is being requested for. This is where
Expand Down Expand Up @@ -246,4 +250,5 @@ added above:

The user is now allowed to view, edit, delete, and un-delete objects.

.. _`Symfony ACL bundle`: https://github.com/symfony/acl-bundle
.. _`MongoDBAclBundle`: https://github.com/IamPersistent/MongoDBAclBundle
5 changes: 5 additions & 0 deletions security/acl_advanced.rst
View file
8000 Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
How to Use advanced ACL Concepts
================================

.. versionadded::
ACL support was deprecated in Symfony 3.4 and will be removed in 4.0. Install
the `Symfony ACL bundle`_ if you wan to keep using ACL.

The aim of this article is to give a more in-depth view of the ACL system, and
also explain some of the design decisions behind it.

Expand Down Expand Up @@ -195,4 +199,5 @@ is applicable, the class-scope ACEs will be checked. If none is applicable,
then the process will be repeated with the ACEs of the parent ACL. If no
parent ACL exists, an exception will be thrown.

.. _`Symfony ACL bundle`: https://github.com/symfony/acl-bundle
.. _JMSSecurityExtraBundle: https://github.com/schmittjoh/JMSSecurityExtraBundle
6 changes: 2 additions & 4 deletions security/voters.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,8 @@
How to Use Voters to Check User Permissions
===========================================

In Symfony, you can check the permission to access data by using the
:doc:`ACL module </security/acl>`, which is a bit overwhelming
for many applications. A much easier solution is to work with custom voters,
which are like simple conditional statements.
Security voters are the most granular way of checking permissions (e.g. "can this
specific user edit ta given item?"). This article explains voters in detail.

.. tip::

Expand Down
0