Merge with existing config code block

Author: TristanPouliquen

security/access_control.rst

@@ -51,6 +51,9 @@ Take the following ``access_control`` entries as an example:
                 # ips can be comma-separated, which is especially useful when using env variables
                 - { path: '^/admin', roles: ROLE_USER_IP, ips: '%env(TRUSTED_IPS)%' }
                 - { path: '^/admin', roles: ROLE_USER_IP, ips: [127.0.0.1, ::1, '%env(TRUSTED_IPS)%'] }
+                
+                # Request matchers can be used to define access control rules
+                - { roles: ROLE_USER, request_matcher: App\Security\RequestMatcher\MyRequestMatcher }
 
     .. code-block:: xml
 
@@ -82,6 +85,9 @@ Take the following ``access_control`` entries as an example:
                     <ip>::1</ip>
                     <ip>%env(TRUSTED_IPS)%</ip>
                 </rule>
+                
+                <!-- Request matchers can be used to define access control rules -->
+                <rule role="ROLE_USER" request-matcher="App\Security\RequestMatcher\MyRequestMatcher"/>
             </config>
         </srv:container>
 
@@ -127,11 +133,21 @@ Take the following ``access_control`` entries as an example:
                 ->roles(['ROLE_USER_IP'])
                 ->ips(['127.0.0.1', '::1', '%env(TRUSTED_IPS)%'])
             ;
+            
+            // Request matchers can be used to define access control rules
+            $security->accessControl()
+                ->roles(['ROLE_USER'])
+                ->requestMatcher('App\Security\RequestMatcher\MyRequestMatcher')
+            ;
         };
 
 .. versionadded:: 5.2
 
     Support for comma-separated IP addresses was introduced in Symfony 5.2.
+    
+.. versionadded:: 6.1
+
+    Support for access control rule definition based on a RequestMatcher was introduced in Symfony 6.1.
 
 For each incoming request, Symfony will decide which ``access_control``
 to use based on the URI, the client's IP address, the incoming host name,
@@ -168,55 +184,7 @@ if ``ip``, ``port``, ``host`` or ``method`` are not specified for an entry, that
 
     Matching the URI is done without ``$_GET`` parameters.
     :ref:`Deny access in PHP code <security-securing-controller>` if you want
-    to disallow access based on ``$_GET`` parameter values.
-    
-.. versionadded:: 6.1
-
-    From verison 6.1 and up, if you have a custom request matcher, you can use the ``request_matcher`` option to specify the service reference to an access control item. Symfony will use this service as the request matcher for this item and won't take into account other matching options. 
-    
-    .. configuration-block::
-    
-        .. code-block:: yaml
-        
-        # config/packages/security.yaml
-            security:
-                # ...
-                access_control:
-                    - { roles: ROLE_USER, request_matcher: App\Security\RequestMatcher\MyRequestMatcher }
-
-        .. code-block:: xml
-        
-            <!-- config/packages/security.xml -->
-            <?xml version="1.0" encoding="UTF-8" ?>
-            <srv:container xmlns="http://symfony.com/schema/dic/security"
-                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-                xmlns:srv="http://symfony.com/schema/dic/services"
-                xsi:schemaLocation="http://symfony.com/schema/dic/services
-                    https://symfony.com/schema/dic/services/services-1.0.xsd
-                    http://symfony.com/schema/dic/security
-                    https://symfony.com/schema/dic/security/security-1.0.xsd">
-
-                <config>
-                    <!-- ... -->
-                    <rule role="ROLE_USER" request-matcher="App\Security\RequestMatcher\MyRequestMatcher"/>
-                </config>
-            </srv:container>
-        
-        .. code-block:: php
-        
-            // config/packages/security.php
-            use Symfony\Component\DependencyInjection\ContainerBuilder;
-            use Symfony\Config\SecurityConfig;
-
-            return static function (ContainerBuilder $container, SecurityConfig $security) {
-                // ...
-
-                $security->accessControl()
-                    ->roles(['ROLE_USER'])
-                    ->requestMatcher('App\Security\RequestMatcher\MyRequestMatcher')
-                ;
-            };
-        
+    to disallow access based on ``$_GET`` parameter values.   
 
 .. _security-access-control-enforcement-options: