Skip to content

Commit 4d63f1a

Browse files
committed
update from reviews
1 parent 14ff672 commit 4d63f1a

File tree

2 files changed

+8
-3
lines changed

2 files changed

+8
-3
lines changed

security.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2726,7 +2726,7 @@ anonymous users access by checking if there is no user set on the token::
27262726
.. versionadded:: 7.3
27272727

27282728
The vote parameter in the :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::voteOnAttribute` method
2729-
voteOnAttribute method was introduced in Symfony 7.3.
2729+
was introduced in Symfony 7.3.
27302730

27312731
Setting Individual User Permissions
27322732
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

security/voters.rst

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ which makes creating a voter even easier::
5252
.. versionadded:: 7.3
5353

5454
The vote parameter in the :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::voteOnAttribute` method
55-
voteOnAttribute method was introduced in Symfony 7.3.
55+
was introduced in Symfony 7.3.
5656

5757
.. _how-to-use-the-voter-in-a-controller:
5858

@@ -206,7 +206,12 @@ would look like this::
206206
private function canEdit(Post $post, User $user): bool
207207
{
208208
// this assumes that the Post object has a `getOwner()` method
209-
return $user === $post->getOwner();
209+
if ($user === $post->getOwner()) {
210+
return true;
211+
}
212+
213+
$vote->reasons[] = 'You are not the owner of the Post.';
214+
return false;
210215
}
211216
}
212217

0 commit comments

Comments
 (0)