|
1 | 1 | .. index:: |
2 | 2 | single: Security, Firewall |
3 | 3 |
|
4 | | -The Firewall and Security Context |
5 | | -================================= |
| 4 | +The Firewall and Authorization |
| 5 | +============================== |
6 | 6 |
|
7 | | -Central to the Security component is the security context, which is an instance |
8 | | -of :class:`Symfony\\Component\\Security\\Core\\SecurityContextInterface`. When all |
9 | | -steps in the process of authenticating the user have been taken successfully, |
10 | | -you can ask the security context if the authenticated user has access to a |
| 7 | +Central to the Security component is authorization. This is handled by an instance |
| 8 | +of :class:`Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationCheckerInterface`. |
| 9 | +When all steps in the process of authenticating the user have been taken successfully, |
| 10 | +you can ask the authorization checker if the authenticated user has access to a |
11 | 11 | certain action or resource of the application:: |
12 | 12 |
|
13 | | - use Symfony\Component\Security\Core\SecurityContext; |
| 13 | + use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; |
14 | 14 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
15 | 15 |
|
| 16 | + // instance of Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface |
| 17 | + $tokenStorage = ...; |
| 18 | + |
16 | 19 | // instance of Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface |
17 | 20 | $authenticationManager = ...; |
18 | 21 |
|
19 | 22 | // instance of Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface |
20 | 23 | $accessDecisionManager = ...; |
21 | 24 |
|
22 | | - $securityContext = new SecurityContext( |
| 25 | + $authorizationChecker = new AuthorizationChecker( |
| 26 | + $tokenStorage, |
23 | 27 | $authenticationManager, |
24 | 28 | $accessDecisionManager |
25 | 29 | ); |
26 | 30 |
|
27 | 31 | // ... authenticate the user |
28 | 32 |
|
29 | | - if (!$securityContext->isGranted('ROLE_ADMIN')) { |
| 33 | + if (!$authorizationChecker->isGranted('ROLE_ADMIN')) { |
30 | 34 | throw new AccessDeniedException(); |
31 | 35 | } |
32 | 36 |
|
33 | 37 | .. versionadded:: 2.6 |
34 | | - As of Symfony 2.6, the :class:`Symfony\\Component\\Security\\Core\\SecurityContext` class was split |
35 | | - in the :class:`Symfony\\Component\\Security\\Core\\Authentication\\Authorization\\AuthorizationChecker` and |
| 38 | + As of Symfony 2.6, the :class:`Symfony\\Component\\Security\\Core\\SecurityContext` class was split |
| 39 | + in the :class:`Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationChecker` and |
36 | 40 | :class:`Symfony\\Component\\Security\\Core\\Authentication\\Token\\Storage\\TokenStorage` classes. |
37 | 41 |
|
38 | 42 | .. note:: |
|
0 commit comments