minor symfony#12763 Minor tweak in a security expression explanation (javiereguiluz)

javiereguiluz · javiereguiluz · commit 17f5a01facc6 · 2019-12-07T20:49:24.000+01:00
This PR was merged into the 3.4 branch. Discussion ---------- Minor tweak in a security expression explanation I was checking https://symfony.com/doc/current/security/expressions.html and I was going to submit a PR to fix this -> `"ROLE_ADMIN" in roles ...` But then I read that `roles` in expressions contains ALL roles (it "flattens" the role hierarchy) which is very different from what happens in other parts of Symfony. So maybe we could tweak the description a bit to make this special behavior more obvious? Commits ------- 8438276 Minor tweak in a security expression explanation
diff --git a/security/expressions.rst b/security/expressions.rst
@@ -39,9 +39,9 @@ Inside the expression, you have access to a number of variables:
 ``user``
     The user object (or the string ``anon`` if you're not authenticated).
 ``roles``
-    The array of roles the user has, including from the
-    :ref:`role hierarchy <security-role-hierarchy>` but not including the
-    ``IS_AUTHENTICATED_*`` attributes (see the functions below).
+    The array of roles the user has. This array includes any roles granted
+    indirectly via the :ref:`role hierarchy <security-role-hierarchy>` but it
+    does not include the ``IS_AUTHENTICATED_*`` attributes (see the functions below).
 ``object``
     The object (if any) that's passed as the second argument to ``isGranted()``.
 ``token``
