Skip to content

Added shortcut methods for controllers #4109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 9 commits into from
Closed

Added shortcut methods for controllers #4109

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
ccc6384
Added shortcut methods for controllers
Cydonia7 Aug 8, 2014
3b03455
Minor format improvements
Cydonia7 Aug 8, 2014
675877d
Minor improvements
Cydonia7 Aug 8, 2014
0366a0c
redirect changed to redirectToRoute
Cydonia7 Sep 30, 2014
8b23729
Changed to addFlash where it is possible (ie in controllers)
Cydonia7 Sep 30, 2014
4a54c5f
And now the same for isGranted where it is possible
Cydonia7 Sep 30, 2014
cded08b
Merge branch 'master' into add-shortcut-methods
Cydonia7 Jan 4, 2015
6db9c11
Modifications according to comments
Cydonia7 Jan 4, 2015
0758d62
Fixes
Cydonia7 Jan 4, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Modifications according to comments
  • Loading branch information
@Cydonia7
Cydonia7 committed Jan 4, 2015
commit 6db9c11a166beb83e6a794d68ed4a25a25b5c1cc
18 changes: 17 additions & 1 deletion book/controller.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -436,6 +436,20 @@ method::
public function indexAction()
{
return $this->redirectToRoute('homepage');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, actually, since this is the first example showing redirectToRoute, we should put the commented-out example showing redirect() and generateUrl() (the code block I added in my comment here: https://github.com/symfony/symfony-docs/pull/4109/files#r22320539) to this code block, not the one below.


// redirectToRoute is equivalent to using redirect() and generateUrl() together:
// return $this->redirect($this->generateUrl('homepage'), 301);
}

.. versionadded:: 2.6
The ``redirectToRoute()`` method was added in Symfony 2.6. Previously (and still now), you
could use ``redirect()`` and ``generateUrl()`` together for this (see the example below).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(see the example above)


Or, if you want to redirect externally, just use ``redirect()`` and pass it the URL::

public function indexAction()
{
return $this->redirect('http://symfony.com/doc');
}

By default, the ``redirectToRoute()`` method performs a 302 (temporary) redirect. To
Expand All @@ -448,7 +462,7 @@ perform a 301 (permanent) redirect, modify the second argument::

.. tip::

The ``redirectToRoute()`` method is simply a shortcut that creates a ``Response``
The ``redirect()`` method is simply a shortcut that creates a ``Response``
object that specializes in redirecting the user. It's equivalent to::

use Symfony\Component\HttpFoundation\RedirectResponse;
Expand Down Expand Up @@ -624,6 +638,8 @@ For example, imagine you're processing a form submit::
'Your changes were saved!'
);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing as with redirectToRoute, I think we should show the "old" (or manual) way of doing this commented-out. This will help users know what's really going on and how they might add a flash message if they were not in a controller.


// $this->addFlash is equivalent to $this->get('session')->getFlashBag()->add

return $this->redirectToRoute(...);
}

Expand Down
10 changes: 10 additions & 0 deletions book/security.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,12 +256,22 @@ Protecting your application based on URL patterns is easy, but may not be
fine-grained enough in certain cases. When necessary, you can easily force
authorization from inside a controller::

.. versionadded:: 2.6
The ``denyAccessUnlessGranted()`` method was introduced in Symfony 2.6. Previously (and
still now), you could check access directly and throw the ``AccessDeniedException`` as shown
in the example below).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would move it above the paragraph (right below the "Securing a Controller" headline).


// ...

public function helloAction($name)
{
$this->denyAccessUnlessGranted('ROLE_ADMIN', null, 'Unable to access this page!');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing - I'd like to show the "old" way (which would now use the security.authorization_checker service in 2.6) in a comment.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And we need a versionadded note above this:

.. versionadded:: 2.6
    The ``denyAccessUnlessGranted()`` method was introduced in Symfony 2.6. Previously (and
    still now), you could check access directly and throw the ``AccessDeniedException`` as shown
    in the example below).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should add a brief explanation of the weird null middle argument?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's right.


// Old way :
// if (false === $this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')) {
// throw $this->createAccessDeniedException('Unable to access this page!');
// }

// ...
}

Expand Down