[#2989] Moving the message about ACL alternatives higher up and furthering the message

Author: weaverryan

cookbook/security/acl.rst

@@ -9,6 +9,17 @@ cannot only be based on the person (``Token``) who is requesting access, but
 also involve a domain object that access is being requested for. This is where
 the ACL system comes in.
 
+.. sidebar:: Alternatives to ACLS
+
+    Using ACL's isn't trivial, and for simpler use cases, it may be overkill.
+    If your permission logic could be described by just writing some code (e.g.
+    to check if a Blog is owned by the current User), then consider using
+    :doc:`voters </cookbook/security/voters>`. A voter is passed the object
+    being voted on, which you can use to make complex decisions and effectively
+    implement your own ACL. Enforcing authorization (e.g. the ``isGranted``
+    part) will look similar to what you see in this entry, but your voter
+    class will handle the logic behind the scenes, instead of the ACL system.
+
 Imagine you are designing a blog system where your users can comment on your
 posts. Now, you want a user to be able to edit his own comments, but not those
 of other users; besides, you yourself want to be able to edit all comments. In
@@ -215,16 +226,4 @@ added above:
 
 The user is now allowed to view, edit, delete, and un-delete objects.
 
-Looking for Alternatives
-------------------------
-
-For more simple use cases this seems to be an overhead for many developers. 
-As a downside there is that in case you change the permissions in any way, 
-you need to change all the existing granted permissions as well. As well 
-when you want to change a specific part of the ACL you need to understand
-the structure and process of this complex voter. So you should consider if
-a classical and simple conditional permission check would fit for you.
-Some do it with the existing voter ":doc:`/cookbook/security/voters`" 
-structure as well, or a custom build solutions.
-
 .. _`MongoDBAclBundle`: https://github.com/IamPersistent/MongoDBAclBundle