Skip to content

Commit 908aa00

Browse files
committed
Merge branch '6.1' into 6.2
* 6.1: [Security] Reference the new request_matcher option
2 parents 3d3f08f + f46f149 commit 908aa00

File tree

2 files changed

+20
-1
lines changed

2 files changed

+20
-1
lines changed

security.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2123,6 +2123,8 @@ would match ``/admin/foo`` but would also match URLs like ``/foo/admin``.
21232123

21242124
Each ``access_control`` can also match on IP address, hostname and HTTP methods.
21252125
It can also be used to redirect a user to the ``https`` version of a URL pattern.
2126+
For more complex needs, you can also use a service implementing ``RequestMatcherInterface``.
2127+
21262128
See :doc:`/security/access_control`.
21272129

21282130
.. _security-securing-controller:

security/access_control.rst

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,12 @@ options are used for matching:
2828
* ``ip`` or ``ips``: netmasks are also supported (can be a comma-separated string)
2929
* ``port``: an integer
3030
* ``host``: a regular expression
31-
* ``methods``: one or many methods
31+
* ``methods``: one or many HTTP methods
32+
* ``request_matcher``: a service implementing ``RequestMatcherInterface``
33+
34+
.. versionadded:: 6.1
35+
36+
The ``request_matcher`` option was introduced in Symfony 6.1.
3237

3338
Take the following ``access_control`` entries as an example:
3439

@@ -52,6 +57,9 @@ Take the following ``access_control`` entries as an example:
5257
- { path: '^/admin', roles: ROLE_USER_IP, ips: '%env(TRUSTED_IPS)%' }
5358
- { path: '^/admin', roles: ROLE_USER_IP, ips: [127.0.0.1, ::1, '%env(TRUSTED_IPS)%'] }
5459
60+
# for custom matching needs, use a request matcher service
61+
- { roles: ROLE_USER, request_matcher: App\Security\RequestMatcher\MyRequestMatcher }
62+
5563
.. code-block:: xml
5664
5765
<!-- config/packages/security.xml -->
@@ -82,6 +90,9 @@ Take the following ``access_control`` entries as an example:
8290
<ip>::1</ip>
8391
<ip>%env(TRUSTED_IPS)%</ip>
8492
</rule>
93+
94+
<!-- for custom matching needs, use a request matcher service -->
95+
<rule role="ROLE_USER" request-matcher="App\Security\RequestMatcher\MyRequestMatcher"/>
8596
</config>
8697
</srv:container>
8798
@@ -127,6 +138,12 @@ Take the following ``access_control`` entries as an example:
127138
->roles(['ROLE_USER_IP'])
128139
->ips(['127.0.0.1', '::1', env('TRUSTED_IPS')])
129140
;
141+
142+
// for custom matching needs, use a request matcher service
143+
$security->accessControl()
144+
->roles(['ROLE_USER'])
145+
->requestMatcher('App\Security\RequestMatcher\MyRequestMatcher')
146+
;
130147
};
131148
132149
For each incoming request, Symfony will decide which ``access_control``

0 commit comments

Comments
 (0)