Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit ab6a3ad

Browse filesBrowse files
javiereguiluzjaviereguiluz
committed
minor #12827 [Security] Add a note about Access Decision Strategy with access_control (nesk)
This PR was merged into the 3.4 branch. Discussion ---------- [Security] Add a note about Access Decision Strategy with access_control It took me so much time to understand why my `access_control` wasn't working properly, this was due to my Access Decision Strategy being `affirmative` instead of `unanimous`. Commits ------- ea7a857 Add a note about voters with access_control
2 parents ccad63b + ea7a857 commit ab6a3ad
Copy full SHA for ab6a3ad

File tree

Expand file treeCollapse file tree

1 file changed

+7
-0
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+7
-0
lines changed

‎security/access_control.rst

Copy file name to clipboardExpand all lines: security/access_control.rst
+7Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -160,6 +160,13 @@ options:
160160
can learn how to use your custom attributes by reading
161161
:ref:`security/custom-voter`.
162162

163+
.. caution::
164+
165+
If you define both ``roles`` and ``allow_if``, and your Access Decision
166+
Strategy is the default one (``affirmative``), then the user will be granted
167+
access if there's at least one valid condition. See :doc:`/security/voters`
168+
to change your strategy to something more suited to your needs.
169+
163170
.. tip::
164171

165172
If access is denied, the system will try to authenticate the user if not

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.