Merge branch '5.1'

javiereguiluz · javiereguiluz · commit 37fd0acfa67c · 2020-09-07T20:24:33.000+02:00
* 5.1:
  Tweak
  Update secrets.rst
  Update security.rst
  Update voters.rst
diff --git a/configuration/secrets.rst b/configuration/secrets.rst
@@ -66,15 +66,15 @@ This will generate ``config/secrets/prod/prod.encrypt.public.php`` and
 Create or Update Secrets
 ------------------------
 
-Suppose you want to store your database password a secret. By using the
+Suppose you want to store your database password as a secret. By using the
 ``secrets:set`` command, you should add this secret to both the ``dev`` *and*
 ``prod`` vaults:
 
 .. code-block:: terminal
 
-    # the input is hidden as you type for security
+    # the input is hidden as you type for security reasons
 
-    # set your a default development value (can be overridden locally)
+    # set your default development value (can be overridden locally)
     $ php bin/console secrets:set DATABASE_PASSWORD
 
     # set your production value
@@ -102,7 +102,7 @@ Secret values can be referenced in the same way as
 accidentally define a secret *and* an environment variable with the same name:
 **environment variables override secrets**.
 
-If you stored a ``DATABASE_PASSWORD`` secret, you can reference by:
+If you stored a ``DATABASE_PASSWORD`` secret, you can reference it by:
 
 .. configuration-block::
 
@@ -234,7 +234,7 @@ manually store this file somewhere and deploy it. There are 2 ways to do that:
 1) Uploading the file:
 
 The first option is to copy the **production decryption key** -
-``config/secrets/prod/prod.decrypt.private.php`` to your server(s).
+``config/secrets/prod/prod.decrypt.private.php`` to your server.
 
 2) Using an Environment Variable
 
@@ -256,7 +256,7 @@ your secrets during deployment to the "local" vault:
     $ php bin/console secrets:decrypt-to-local --force --env=prod
 
 This will write all the decrypted secrets into the ``.env.prod.local`` file.
-After doing this, the decryption key does *not* need to remain on the server.
+After doing this, the decryption key does *not* need to remain on the server(s).
 
 Rotating Secrets
 ----------------
diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
@@ -157,7 +157,7 @@ encoding algorithm. Also, each algorithm defines different config options:
                     time_cost:    2     # Number of iterations
 
                 # MessageDigestPasswordEncoder encoder using SHA512 hashing with default options
-                AppBundle\Entity\User: 'sha512'
+                App\Entity\User: 'sha512'
 
     .. code-block:: xml
 
diff --git a/security/voters.rst b/security/voters.rst
@@ -13,9 +13,10 @@ However, if you don't reuse permissions or your rules are basic, you can always
 put that logic directly into your controller instead. Here's an example how
 this could look like, if you want to make a route accessible to the "owner" only::
 
-    // src/AppBundle/Controller/PostController.php
+    // src/Controller/PostController.php
     // ...
 
+    // inside your controller action
     if ($post->getOwner() !== $this->getUser()) {
         throw $this->createAccessDeniedException();
     }
