@@ -46,7 +46,7 @@ which makes creating a voter even easier.
4646 abstract protected function voteOnAttribute($attribute, $subject, TokenInterface $token);
4747 }
4848
49- versionadded ::
49+ versionadded :: 2.8
5050 The ``Voter `` helper class was added in Symfony 2.8. In earlier versions, an
5151 ``AbstractVoter `` class with similar behavior was available.
5252
@@ -150,7 +150,7 @@ would look like this::
150150 return false;
151151 }
152152
153- // we know $subject is a Post object, thanks to supports
153+ // you know $subject is a Post object, thanks to supports
154154 /** @var Post $post */
155155 $post = $subject;
156156
@@ -172,7 +172,7 @@ would look like this::
172172 }
173173
174174 // the Post object could have, for example, a method isPrivate()
175- // that checks a Boolean $private property
175+ // that checks a boolean $private property
176176 return !$post->isPrivate();
177177 }
178178
@@ -191,7 +191,7 @@ To recap, here's what's expected from the two abstract methods:
191191``Voter::supports($attribute, $subject) ``
192192 When ``isGranted() `` (or ``denyAccessUnlessGranted() ``) is called, the first
193193 argument is passed here as ``$attribute `` (e.g. ``ROLE_USER ``, ``edit ``) and
194- the second argument (if any) is passed as ``` $subjectnull ``, a ``Post ``
194+ the second argument (if any) is passed as ``$subject `` (e.g. ``null ``, a ``Post ``
195195 object). Your job is to determine if your voter should vote on the attribute/subject
196196 combination. If you return true, ``voteOnAttribute() `` will be called. Otherwise,
197197 your voter is done: some other voter should process this. In this example, you
@@ -222,6 +222,8 @@ and tag it with ``security.voter``:
222222 class : AppBundle\Security\PostVoter
223223 tags :
224224 - { name: security.voter }
225+ # small performance boost
226+ public : false
225227
226228code-block :: xml
227229
@@ -234,7 +236,7 @@ and tag it with ``security.voter``:
234236
235237 <services >
236238 <service id =" app.post_voter"
237- class =" AppBundle\Security\Authorization\Voter\ PostVoter"
239+ class =" AppBundle\Security\PostVoter"
238240 public =" false"
239241 >
240242
@@ -248,7 +250,7 @@ and tag it with ``security.voter``:
248250 // app/config/services.php
249251 use Symfony\Component\DependencyInjection\Definition;
250252
251- $container->register('app.post_voter', 'AppBundle\Security\Authorization\Voter\ PostVoter')
253+ $container->register('app.post_voter', 'AppBundle\Security\PostVoter')
252254 ->setPublic(false)
253255 ->addTag('security.voter')
254256 ;
@@ -265,14 +267,15 @@ Checking for Roles inside a Voter
265267 ``service_container `` itself and fetch out the ``security.authorization_checker ``
266268 to use ``isGranted() ``.
267269
268- What if you want to call ``isGranted() `` fomr *inside * your voter - e.g. you want
270+ What if you want to call ``isGranted() `` from *inside * your voter - e.g. you want
269271to see if the current user has ``ROLE_SUPER_ADMIN ``. That's possible by injecting
270- the ``AccessDecisionManager `` into your voter. You can use this to, for example,
271- *always * allow access to a user with ``ROLE_SUPER_ADMIN ``::
272+ the :class: `Symfony\\ Component\\ Security\\ Core\\ Authorization\\ AccessDecisionManager `
273+ into your voter. You can use this to, for example, *always * allow access to a user
274+ with ``ROLE_SUPER_ADMIN ``::
272275
273276 // src/AppBundle/Security/PostVoter.php
274- // ...
275277
278+ // ...
276279 use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
277280
278281 class PostVoter extends Voter
@@ -311,6 +314,7 @@ service:
311314 app.post_voter :
312315 class : AppBundle\Security\PostVoter
313316 arguments : ['@security.access.decision_manager']
317+ public : false
314318 tags :
315319 - { name: security.voter }
316320
@@ -325,7 +329,7 @@ service:
325329
326330 <services >
327331 <service id =" app.post_voter"
328- class =" AppBundle\Security\Authorization\Voter\ PostVoter"
332+ class =" AppBundle\Security\PostVoter"
329333 public =" false"
330334 >
331335 <argument type =" service" id =" security.access.decision_manager"
@@ -341,15 +345,15 @@ service:
341345 use Symfony\Component\DependencyInjection\Definition;
342346 use Symfony\Component\DependencyInjection\Reference;
343347
344- $container->register('app.post_voter', 'AppBundle\Security\Authorization\Voter\ PostVoter')
348+ $container->register('app.post_voter', 'AppBundle\Security\PostVoter')
345349 ->addArgument(new Reference('security.access.decision_manager'))
346350 ->setPublic(false)
347351 ->addTag('security.voter')
348352 ;
349353
350354decide() `` on the ``AccessDecisionManager `` is essentially
351- the same as calling ``isGranted() `` on the normal `` security.authorization_checker ``
352- service (it's just a little lower-level, which is necessary for a voter).
355+ the same as calling ``isGranted() `` from a controller or other places
356+ (it's just a little lower-level, which is necessary for a voter).
353357
354358.. note ::
355359
0 commit comments