Skip to content

Commit 2f136e9

Browse files
wouterjwouterj
committed
minor symfony#5178 Usage of denyAccessUnlessGranted in the controller (94noni)
This PR was squashed before being merged into the 2.6 branch (closes symfony#5178). Discussion ---------- Usage of denyAccessUnlessGranted in the controller | Q | A | ------------- | --- | Doc fix? | no | New docs? | no | Applies to | >= 2.6 | Fixed tickets | - Just a mini patch Commits ------- b50b12d Usage of denyAccessUnlessGranted in the controller
2 parents a504acf + b50b12d commit 2f136e9

File tree

1 file changed

+12
-4
lines changed

1 file changed

+12
-4
lines changed

cookbook/security/voters_data_permission.rst

+12-4
Original file line numberDiff line numberDiff line change
@@ -203,7 +203,6 @@ from the authorization checker is called.
203203
204204
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
205205
use Symfony\Component\HttpFoundation\Response;
206-
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
207206
208207
class PostController extends Controller
209208
{
@@ -213,9 +212,14 @@ from the authorization checker is called.
213212
$post = ...;
214213
215214
// keep in mind, this will call all registered security voters
216-
if (false === $this->get('security.authorization_checker')->isGranted('view', $post)) {
217-
throw new AccessDeniedException('Unauthorised access!');
218-
}
215+
$this->denyAccessUnlessGranted('view', $post, 'Unauthorized access!');
216+
217+
// the equivalent code without using the denyAccessUnlessGranted() shortcut
218+
// use Symfony\Component\Security\Core\Exception\AccessDeniedException;
219+
//
220+
// if (false === $this->get('security.authorization_checker')->isGranted('view', $post)) {
221+
// throw new AccessDeniedException('Unauthorized access!');
222+
// }
219223
220224
return new Response('<h1>'.$post->getName().'</h1>');
221225
}
@@ -225,4 +229,8 @@ from the authorization checker is called.
225229
The ``security.authorization_checker`` service was introduced in Symfony 2.6. Prior
226230
to Symfony 2.6, you had to use the ``isGranted()`` method of the ``security.context`` service.
227231

232+
.. versionadded:: 2.6
233+
The ``denyAccessUnlessGranted()`` method was introduced in Symfony 2.6 as a shortcut.
234+
It uses ``security.authorization_checker`` and throws an ``AccessDeniedException`` if needed.
235+
228236
It's that easy!

0 commit comments

Comments
 (0)