Skip to content

Commit 6e787e9

Browse files
javiereguiluzjaviereguiluz
committed
minor #12279 Be more explicit about the use of regular expressions in access_control (javiereguiluz)
This PR was squashed before being merged into the 3.4 branch (closes #12279). Discussion ---------- Be more explicit about the use of regular expressions in access_control Fixes #10964. The example proposed by @alexislefebvre is very nice so I reused it. Commits ------- d652e1d Be more explicit about the use of regular expressions in access_control
2 parents 7dc9e63 + d652e1d commit 6e787e9

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

security.rst

+12
Original file line numberDiff line numberDiff line change
@@ -715,6 +715,10 @@ URL pattern. You saw this earlier, where anything matching the regular expressio
715715
# require ROLE_ADMIN for /admin*
716716
- { path: ^/admin, roles: ROLE_ADMIN }
717717
718+
# the 'path' value can be any valid regular expression
719+
# (this one will match URLs like /api/post/7298 and /api/comment/528491)
720+
- { path: ^/api/(post|comment)/\d+$, roles: ROLE_USER }
721+
718722
.. code-block:: xml
719723
720724
<!-- app/config/security.xml -->
@@ -734,6 +738,10 @@ URL pattern. You saw this earlier, where anything matching the regular expressio
734738
735739
<!-- require ROLE_ADMIN for /admin* -->
736740
<rule path="^/admin" role="ROLE_ADMIN"/>
741+
742+
<!-- the 'path' value can be any valid regular expression
743+
(this one will match URLs like /api/post/7298 and /api/comment/528491) -->
744+
<rule path="^/api/(post|comment)/\d+$" role="ROLE_USER"/>
737745
</config>
738746
</srv:container>
739747
@@ -752,6 +760,10 @@ URL pattern. You saw this earlier, where anything matching the regular expressio
752760
'access_control' => [
753761
// require ROLE_ADMIN for /admin*
754762
['path' => '^/admin', 'role' => 'ROLE_ADMIN'],
763+
764+
// the 'path' value can be any valid regular expression
765+
// (this one will match URLs like /api/post/7298 and /api/comment/528491)
766+
['path' => '^/api/(post|comment)/\d+$', 'role' => 'ROLE_USER'],
755767
],
756768
]);
757769

0 commit comments

Comments
 (0)