From ad8267bd375c3050dabfb1a7fa5b58d04494aee9 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Fri, 21 Jun 2013 09:30:19 +0200 Subject: [PATCH 1/8] Fixed formatting issue --- book/security.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/security.rst b/book/security.rst index cb583031a90..c58d763f41e 100644 --- a/book/security.rst +++ b/book/security.rst @@ -415,7 +415,7 @@ submission (i.e. ``/login_check``): ``check_path`` ``logout`` keys. These keys can be route names (as shown in this example) or URLs that have routes configured for them. -Notice that the name of the ``login`` route matches the``login_path`` config +Notice that the name of the ``login`` route matches the ``login_path`` config value, as that's where the security system will redirect users that need to login. From 239a6e9f03fc6328f8aa1e24619b7304e9652b71 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Fri, 21 Jun 2013 09:30:44 +0200 Subject: [PATCH 2/8] Changed link to docs instead of code --- book/security.rst | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/book/security.rst b/book/security.rst index c58d763f41e..7f60d0b53da 100644 --- a/book/security.rst +++ b/book/security.rst @@ -25,8 +25,8 @@ application with HTTP Basic authentication. .. note:: - `Symfony's security component`_ is available as a standalone PHP library - for use inside any PHP project. + :doc:`Symfony's security component ` is + available as a standalone PHP library for use inside any PHP project. Basic Example: HTTP Authentication ---------------------------------- @@ -2040,7 +2040,6 @@ Learn more from the Cookbook * :doc:`Access Control Lists (ACLs) ` * :doc:`/cookbook/security/remember_me` -.. _`Symfony's security component`: https://github.com/symfony/Security .. _`JMSSecurityExtraBundle`: http://jmsyst.com/bundles/JMSSecurityExtraBundle/1.2 .. _`FOSUserBundle`: https://github.com/FriendsOfSymfony/FOSUserBundle .. _`implement the \Serializable interface`: http://php.net/manual/en/class.serializable.php From b377ecf292492fc6415ff67f452481b4055fdbd0 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Fri, 21 Jun 2013 09:30:52 +0200 Subject: [PATCH 3/8] Removed repeating text --- book/security.rst | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/book/security.rst b/book/security.rst index 7f60d0b53da..e80d3b307ba 100644 --- a/book/security.rst +++ b/book/security.rst @@ -674,14 +674,11 @@ see :doc:`/cookbook/security/form_login`. Authorization ------------- -The first step in security is always authentication: the process of verifying -who the user is. With Symfony, authentication can be done in any way - via -a form login, basic HTTP Authentication, or even via Facebook. - -Once the user has been authenticated, authorization begins. Authorization -provides a standard and powerful way to decide if a user can access any resource -(a URL, a model object, a method call, ...). This works by assigning specific -roles to each user, and then requiring different roles for different resources. +The first step in security is always authentication. Once the user has been +authenticated, authorization begins. Authorization provides a standard and +powerful way to decide if a user can access any resource (a URL, a model +object, a method call, ...). This works by assigning specific roles to each +user, and then requiring different roles for different resources. The process of authorization has two different sides: From 42cbad26dd8b96c73be2c4d5d1f41f64b74835b8 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Fri, 21 Jun 2013 14:53:16 +0200 Subject: [PATCH 4/8] Removed "see section X" caution Section is the next section after the caution, just 100px below --- book/security.rst | 6 ------ 1 file changed, 6 deletions(-) diff --git a/book/security.rst b/book/security.rst index e80d3b307ba..8f921058a6f 100644 --- a/book/security.rst +++ b/book/security.rst @@ -697,12 +697,6 @@ URL pattern. You've seen this already in the first example of this chapter, where anything matching the regular expression pattern ``^/admin`` requires the ``ROLE_ADMIN`` role. -.. caution:: - - Understanding exactly how ``access_control`` works is **very** important - to make sure your application is properly secured. See :ref:`security-book-access-control-explanation` - below for detailed information. - You can define as many URL patterns as you need - each is a regular expression. .. configuration-block:: From c58d1be6954f0831969a851c39da8bdf2624b579 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Sun, 23 Jun 2013 12:53:10 +0200 Subject: [PATCH 5/8] Improved list --- book/security.rst | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/book/security.rst b/book/security.rst index 8f921058a6f..ae0bfd02e57 100644 --- a/book/security.rst +++ b/book/security.rst @@ -748,12 +748,15 @@ to find *one* that matches the current request. As soon as it finds a matching is used to enforce access. Each ``access_control`` has several options that configure two different -things: (a) :ref:`should the incoming request match this access control entry` -and (b) :ref:`once it matches, should some sort of access restriction be enforced`: +things: + +* :ref:`should the incoming request match this access control entry` +* :ref:`once it matches, should some sort of access restriction be enforced`: .. _security-book-access-control-matching-options: -**(a) Matching Options** +Matching Options +................ Symfony2 creates an instance of :class:`Symfony\\Component\\HttpFoundation\\RequestMatcher` for each ``access_control`` entry, which determines whether or not a given @@ -833,7 +836,8 @@ will match any ``ip``, ``host`` or ``method``: .. _security-book-access-control-enforcement-options: -**(b) Access Enforcement** +Access Enforcement +.................. Once Symfony2 has decided which ``access_control`` entry matches (if any), it then *enforces* access restrictions based on the ``roles`` and ``requires_channel`` From a79617b210b4908850e4e90cc8806fba9ef00650 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Sun, 23 Jun 2013 12:53:21 +0200 Subject: [PATCH 6/8] Improved code readability --- book/security.rst | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/book/security.rst b/book/security.rst index ae0bfd02e57..6398dbaf471 100644 --- a/book/security.rst +++ b/book/security.rst @@ -1180,7 +1180,9 @@ class: security: providers: main: - entity: { class: Acme\UserBundle\Entity\User, property: username } + entity: + class: Acme\UserBundle\Entity\User + property: username .. code-block:: xml @@ -1197,7 +1199,10 @@ class: $container->loadFromExtension('security', array( 'providers' => array( 'main' => array( - 'entity' => array('class' => 'Acme\UserBundle\Entity\User', 'property' => 'username'), + 'entity' => array( + 'class' => 'Acme\UserBundle\Entity\User', + 'property' => 'username', + ), ), ), )); From b3cc1ed31d93089f763ae3f517061dcce6e57363 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Sat, 29 Jun 2013 20:35:48 +0200 Subject: [PATCH 7/8] Moved caution directive to not break colon --- book/security.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/book/security.rst b/book/security.rst index 6398dbaf471..7cde88c9297 100644 --- a/book/security.rst +++ b/book/security.rst @@ -1705,11 +1705,6 @@ Note that you will *not* need to implement a controller for the ``/logout`` URL as the firewall takes care of everything. You *do*, however, need to create a route so that you can use it to generate the URL: -.. caution:: - - As of Symfony 2.1, you *must* have a route that corresponds to your logout - path. Without this route, logging out will not work. - .. configuration-block:: .. code-block:: yaml @@ -1742,6 +1737,11 @@ a route so that you can use it to generate the URL: return $collection; +.. caution:: + + As of Symfony 2.1, you *must* have a route that corresponds to your logout + path. Without this route, logging out will not work. + Once the user has been logged out, he will be redirected to whatever path is defined by the ``target`` parameter above (e.g. the ``homepage``). For more information on configuring the logout, see the From 75fdf55bf0a28664e61bf388b0cac3b656c83541 Mon Sep 17 00:00:00 2001 From: WouterJ Date: Sat, 29 Jun 2013 20:36:23 +0200 Subject: [PATCH 8/8] Do not break twig syntax --- book/security.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/security.rst b/book/security.rst index 7cde88c9297..148d390036f 100644 --- a/book/security.rst +++ b/book/security.rst @@ -1861,7 +1861,7 @@ to show a link to exit impersonation: .. code-block:: html+jinja {% if is_granted('ROLE_PREVIOUS_ADMIN') %} - Exit impersonation + Exit impersonation {% endif %} .. code-block:: html+php pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy