make the advantage and disadvantage of the ACL more clear

Michael Klein · weaverryan · commit a73bc772e546 · 2013-10-02T18:36:01.000-04:00
For me as a SF2 developer to handle data manipulation was pretty new to me. So I asked in the irc and searched the web and finally landed on this documentation page. So it looked like this is the way to go and it is a usual thing like using bundles in SF2. But it isnt, it is a far more complex permission handler which will work upfront and is not that much flexible.

I would highly recommend to add at least some notes, so that other developers getting a note on that and can maybe save some days of work as the opposite of me.
diff --git a/cookbook/security/acl.rst b/cookbook/security/acl.rst
@@ -216,3 +216,16 @@ added above:
 The user is now allowed to view, edit, delete, and un-delete objects.
 
 .. _`MongoDBAclBundle`: https://github.com/IamPersistent/MongoDBAclBundle
+
+Looking for alternatives
+------------------------
+
+For more simple use cases this seems to be an overhead for many developer. 
+As a downside there is that in case you change the permissions in any way, 
+you need to change all the existing granted permissions as well. As well 
+when you want to change a specific part of the ACL you need to understand
+the structure and process of this complex voter. So you should consider if
+a classical and simple conditional permission check would fit for you.
+Some do it with the existing voter structure as well, or custom build solutions.
+
+.. _`Voters`: http://symfony.com/doc/current/cookbook/security/voters.html
