updated docs according to the review

Michael Klein · weaverryan · commit 1fd3b0eb8d12 · 2014-02-20T14:21:29.000-06:00
diff --git a/cookbook/security/voter_interface.rst.inc b/cookbook/security/voter_interface.rst.inc
@@ -7,15 +7,16 @@
         public function vote(TokenInterface $token, $post, array $attributes);
     }
 
-The :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::supportsAttribute` method is used to check if the voter supports
-the given user attribute (i.e: a role, an ACL, etc.).
+The :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::supportsAttribute`
+method is used to check if the voter supports the given user attribute (i.e: a role, an ACL, etc.).
 
-The :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::supportsClass` method is used to check if the voter supports the
-class of the object whose access is being checked (doesn't apply to this entry).
+The :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::supportsClass`
+method is used to check if the voter supports the class of the object whose
+access is being checked (doesn't apply to this entry).
 
-The :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::vote` method must implement the business logic that verifies whether
-or not the user is granted access. This method must return one of the following
-values:
+The :method:`Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::vote`
+method must implement the business logic that verifies whether or not the
+user is granted access. This method must return one of the following values:
 
 * ``VoterInterface::ACCESS_GRANTED``: The authorization will be granted by this voter;
 * ``VoterInterface::ACCESS_ABSTAIN``: The voter cannot decide if authorization should be granted;
diff --git a/cookbook/security/voters_data_permission.rst b/cookbook/security/voters_data_permission.rst
@@ -51,7 +51,7 @@ You could store your Voter to check permission for the view and edit action like
     // src/Acme/DemoBundle/Security/Authorization/Entity/PostVoter.php
     namespace Acme\DemoBundle\Security\Authorization\Entity;
 
-    use Symfony\Component\HttpKernel\Exception\PreconditionFailedHttpException;
+    use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
     use Symfony\Component\DependencyInjection\ContainerInterface;
     use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
     use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -60,33 +60,35 @@ You could store your Voter to check permission for the view and edit action like
 
     class PostVoter implements VoterInterface
     {
+        const VIEW = 'view';
+        const EDIT = 'edit';
+
         public function supportsAttribute($attribute)
         {
             return in_array($attribute, array(
-                'view',
-                'edit',
+                self::VIEW,
+                self::EDIT,
             ));
         }
 
         public function supportsClass($obj)
         {
-            $array = array('Acme\DemoBundle\Entity\Post');
-
-            foreach ($array as $item) {
-                if ($obj instanceof $item))
-                    return true;
-                }
-            }
+            if ($obj instanceof 'Acme\DemoBundle\Entity\Post') return true;
 
             return false;
         }
 
         /** @var \Acme\DemoBundle\Entity\Post $post */
         public function vote(TokenInterface $token, $post, array $attributes)
         {
+            // check if class of this object is supported by this voter
+            if (!$this->supportsClass($post)) {
+                return VoterInterface::ACCESS_ABSTAIN;
+            }
+
             // check if voter is used correct, only allow one attribute for a check
             if(count($attributes) !== 1 || !is_string($attributes[0])) {
-                throw new PreconditionFailedHttpException(
+                throw new InvalidArgumentException(
                     'Only one attribute is allowed for VIEW or EDIT'
                 );
             }
@@ -97,11 +99,6 @@ You could store your Voter to check permission for the view and edit action like
             // get current logged in user
             $user = $token->getUser();
 
-            // check if class of this object is supported by this voter
-            if (!$this->supportsClass($post)) {
-                return VoterInterface::ACCESS_ABSTAIN;
-            }
-
             // check if the given attribute is covered by this voter
             if (!$this->supportsAttribute($attribute)) {
                 return VoterInterface::ACCESS_ABSTAIN;
@@ -128,12 +125,6 @@ You could store your Voter to check permission for the view and edit action like
                         return VoterInterface::ACCESS_GRANTED;
                     }
                     break;
-
-                default:
-                    // otherwise throw an exception, which will break the request
-                    throw new PreconditionFailedHttpException(
-                        'The Attribute "'.$attribute.'" was not found.'
-                    );
             }
 
         }
@@ -146,7 +137,7 @@ Declaring the Voter as a Service
 --------------------------------
 
 To inject the voter into the security layer, you must declare it as a service
-and tag it as a ´security.voter´:
+and tag it as a 'security.voter':
 
 .. configuration-block::
 
@@ -185,8 +176,9 @@ and tag it as a ´security.voter´:
 
 How to Use the Voter in a Controller
 ------------------------------------
-The registered voter will then always be asked as soon the method isGranted from
-the security context is called.
+
+The registered voter will then always be asked as soon as the method 'isGranted'
+from the security context is called.
 
 .. code-block:: php
 
@@ -198,7 +190,12 @@ the security context is called.
 
     class PostController
     {
-        public function showAction($id)
+
+        /**
+         * @Route("/blog/{id}")
+         * @ParamConverter("post", class="SensioBlogBundle:Post")
+         */
+        public function showAction(Post $post)
         {
             // keep in mind, this will call all registered security voters
             if (false === $this->get('security.context')->isGranted('view', $post)) {
