Removed the deprecated feature

javiereguiluz · javiereguiluz · commit d1b4ea9deba8 · 2019-09-26T08:43:33.000+02:00
diff --git a/security/access_control.rst b/security/access_control.rst
@@ -44,8 +44,6 @@ Take the following ``access_control`` entries as an example:
                 - { path: '^/admin', roles: ROLE_USER_PORT, ip: 127.0.0.1, port: 8080 }
                 - { path: '^/admin', roles: ROLE_USER_HOST, host: symfony\.com$ }
                 - { path: '^/admin', roles: ROLE_USER_METHOD, methods: [POST, PUT] }
-                # when defining multiple roles, users must have at least one of them (it's like an OR condition)
-                - { path: '^/admin', roles: [ROLE_MANAGER, ROLE_ADMIN] }
 
     .. code-block:: xml
 
@@ -63,8 +61,6 @@ Take the following ``access_control`` entries as an example:
                 <rule path="^/admin" role="ROLE_USER_PORT" ip="127.0.0.1" port="8080"/>
                 <rule path="^/admin" role="ROLE_USER_HOST" host="symfony\.com$"/>
                 <rule path="^/admin" role="ROLE_USER_METHOD" methods="POST, PUT"/>
-                <!-- when defining multiple roles, users must have at least one of them (it's like an OR condition) -->
-                <rule path="^/admin" roles="ROLE_ADMIN, ROLE_MANAGER"/>
             </config>
         </srv:container>
 
@@ -94,20 +90,10 @@ Take the following ``access_control`` entries as an example:
                     'path' => '^/admin',
                     'roles' => 'ROLE_USER_METHOD',
                     'methods' => 'POST, PUT',
-                ],
-                [
-                    'path' => '^/admin',
-                    // when defining multiple roles, users must have at least one of them (it's like an OR condition)
-                    'roles' => ['ROLE_MANAGER', 'ROLE_ADMIN'],
-                ],
+                ]
             ],
         ]);
 
-.. deprecated:: 4.4
-
-    Using more than one role in a single ``access_control`` rule is deprecated
-    and will stop working in Symfony 5.0.
-
 For each incoming request, Symfony will decide which ``access_control``
 to use based on the URI, the client's IP address, the incoming host name,
 and the request method. Remember, the first rule that matches is used, and
@@ -135,11 +121,6 @@ if ``ip``, ``port``, ``host`` or ``method`` are not specified for an entry, that
 | ``/admin/user`` | 168.0.0.1   | 80          | example.com | POST       | rule #4 (``ROLE_USER_METHOD``) | The ``ip`` and ``host`` don't match the first two entries,  |
 |                 |             |             |             |            |                                | but the third - ``ROLE_USER_METHOD`` - matches and is used. |
 +-----------------+-------------+-------------+-------------+------------+--------------------------------+-------------------------------------------------------------+
-| ``/admin/user`` | 168.0.0.1   | 80          | example.com | GET        | rule #4 (``ROLE_MANAGER``)     | The ``ip``, ``host`` and ``method`` prevent the first       |
-|                 |             |             |             |            |                                | three entries from matching. But since the URI matches the  |
-|                 |             |             |             |            |                                | ``path`` pattern, then the ``ROLE_MANAGER`` (or the         |
-|                 |             |             |             |            |                                | ``ROLE_ADMIN``) is used.                                    |
-+-----------------+-------------+-------------+-------------+------------+--------------------------------+-------------------------------------------------------------+
 | ``/foo``        | 127.0.0.1   | 80          | symfony.com | POST       | matches no entries             | This doesn't match any ``access_control`` rules, since its  |
 |                 |             |             |             |            |                                | URI doesn't match any of the ``path`` values.               |
 +-----------------+-------------+-------------+-------------+------------+--------------------------------+-------------------------------------------------------------+
@@ -155,13 +136,7 @@ options:
 
 * ``roles`` If the user does not have the given role, then access is denied
   (internally, an :class:`Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException`
-  is thrown). If this value is an array of multiple roles, the user must have
-  at least one of them.
-
-  .. deprecated:: 4.4
-
-    Using more than one role in a single ``access_control`` rule is deprecated
-    and will stop working in Symfony 5.0.
+  is thrown).
 
 * ``allow_if`` If the expression returns false, then access is denied;
 
