From fb0a2427719f75d6a23cf43c08f3aa219d01f557 Mon Sep 17 00:00:00 2001
From: Wouter de Jong <wouter@wouterj.nl>
Date: Thu, 23 Dec 2021 16:43:44 +0100
Subject: [PATCH] [Security] Add getting started example to README

---
 README.md | 36 ++++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 6b3e5c99..cf9812d3 100644
--- a/README.md
+++ b/README.md
@@ -3,8 +3,40 @@ Security Component - Core
 
 Security provides an infrastructure for sophisticated authorization systems,
 which makes it possible to easily separate the actual authorization logic from
-so called user providers that hold the users credentials. It is inspired by
-the Java Spring framework.
+so called user providers that hold the users credentials.
+
+Getting Started
+---------------
+
+```
+$ composer require symfony/security-core
+```
+
+```php
+use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
+use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
+use Symfony\Component\Security\Core\Authorization\Voter\RoleVoter;
+use Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter;
+use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+use Symfony\Component\Security\Core\Role\RoleHierarchy;
+
+$accessDecisionManager = new AccessDecisionManager([
+    new AuthenticatedVoter(new AuthenticationTrustResolver()),
+    new RoleVoter(),
+    new RoleHierarchyVoter(new RoleHierarchy([
+        'ROLE_ADMIN' => ['ROLE_USER'],
+    ]))
+]);
+
+$user = new \App\Entity\User(...);
+$token = new UsernamePasswordToken($user, 'main', $user->getRoles());
+
+if (!$accessDecisionManager->decide($token, ['ROLE_ADMIN'])) {
+    throw new AccessDeniedException();
+}
+```
 
 Resources
 ---------