Skip to content

Commit

Permalink
minor #44778 [Security] Add getting started example to README (wouterj)
Browse files Browse the repository at this point in the history 
This PR was merged into the 5.3 branch.

Discussion
----------

[Security] Add getting started example to README

| Q             | A
| ------------- | ---
| Branch?       | 5.3
| Bug fix?      | no
| New feature?  | no
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        | -

We're about to remove the Security component docs from symfony.com. I tried creating a minimal example for Security HTTP - but that one is quite coupled with the HttpKernel component. So let's not document things there. If you're using it standalone, you're on your own (and already such an advanced user that you probably will be able to find out things on your own).

Targeting 5.3 to not have to document the deprecated APIs. This is also in sync with the doc removal (we'll keep documenting the legacy stuff in <5.3)

Commits
-------

10846fed96 [Security] Add getting started example to README
  • Loading branch information
@fabpot
fabpot committed Dec 28, 2021
2 parents 7e9ce0c + fb0a242 commit 5fa77a1
Showing 1 changed file with 34 additions and 2 deletions.
36 changes: 34 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,40 @@ Security Component - Core

Security provides an infrastructure for sophisticated authorization systems,
which makes it possible to easily separate the actual authorization logic from
so called user providers that hold the users credentials. It is inspired by
the Java Spring framework.
so called user providers that hold the users credentials.

Getting Started
---------------

```
$ composer require symfony/security-core
```

```php
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
use Symfony\Component\Security\Core\Authorization\Voter\RoleVoter;
use Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Core\Role\RoleHierarchy;

$accessDecisionManager = new AccessDecisionManager([
new AuthenticatedVoter(new AuthenticationTrustResolver()),
new RoleVoter(),
new RoleHierarchyVoter(new RoleHierarchy([
'ROLE_ADMIN' => ['ROLE_USER'],
]))
]);

$user = new \App\Entity\User(...);
$token = new UsernamePasswordToken($user, 'main', $user->getRoles());

if (!$accessDecisionManager->decide($token, ['ROLE_ADMIN'])) {
throw new AccessDeniedException();
}
```

Resources
---------
Expand Down

0 comments on commit 5fa77a1

Please sign in to comment.