From 58f7499e45a7a5d872631ee0f69cac10880f0664 Mon Sep 17 00:00:00 2001
From: Javier Eguiluz <javier.eguiluz@gmail.com>
Date: Mon, 15 Jan 2018 08:47:31 +0100
Subject: [PATCH 1/3] Removed references about UserInterface type-hinting

---
 security.rst | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/security.rst b/security.rst
index e46c46abb3a..0203fc5c6cc 100644
--- a/security.rst
+++ b/security.rst
@@ -994,17 +994,14 @@ shown above.
 -----------------------------
 
 After authentication, the ``User`` object of the current user can be accessed
-via the ``security.token_storage`` service. From inside a controller, this will
-look like::
-
-    use Symfony\Component\Security\Core\User\UserInterface;
+via the ``getUser()`` shortcut (which uses the ``security.token_storage``
+service). From inside a controller, this will look like::
 
     public function indexAction()
     {
         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
 
         $user = $this->getUser();
-        // or you can also type-hint a method argument with UserInterface: e.g. "UserInterface $user"
     }
 
 .. tip::
@@ -1012,10 +1009,6 @@ look like::
     The user will be an object and the class of that object will depend on
     your :ref:`user provider <security-user-providers>`.
 
-.. versionadded:: 3.2
-    The ability to get the user by type-hinting an argument with UserInterface
-    was introduced in Symfony 3.2.
-
 Now you can call whatever methods are on *your* User object. For example,
 if your User object has a ``getFirstName()`` method, you could use that::
 

From 937979e4c675d4b45926f552f315739be2c6cb5d Mon Sep 17 00:00:00 2001
From: Javier Eguiluz <javier.eguiluz@gmail.com>
Date: Fri, 19 Jan 2018 11:07:25 +0100
Subject: [PATCH 2/3] Added a note about type-hinting UserInterface in
 controllers

---
 security.rst | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/security.rst b/security.rst
index 0203fc5c6cc..33d02a103e3 100644
--- a/security.rst
+++ b/security.rst
@@ -1029,14 +1029,7 @@ It's important to check if the user is authenticated first. If they're not,
 ``$user`` will either be ``null`` or the string ``anon.``. Wait, what? Yes,
 this is a quirk. If you're not logged in, the user is technically the string
 ``anon.``, though the ``getUser()`` controller shortcut converts this to
-``null`` for convenience. When type-hinting the
-:class:`Symfony\\Component\\Security\\Core\\User\\UserInterface\\UserInterface`
-and being logged-in is optional, you can allow a null value for the argument::
-
-    public function indexAction(UserInterface $user = null)
-    {
-        // $user is null when not logged-in or anon.
-    }
+``null`` for convenience.
 
 The point is this: always check to see if the user is logged in before using
 the User object, and use the ``isGranted()`` method (or
@@ -1052,6 +1045,25 @@ the User object, and use the ``isGranted()`` method (or
 
     }
 
+.. note::
+
+    An alternative way to get the current user in a controller is to type-hint
+    the controller argument with
+    :class:`Symfony\\Component\\Security\\Core\\User\\UserInterface\\UserInterface`
+    (and default it to ``null`` if being logged-in is optional)::
+
+        use Symfony\Component\Security\Core\User\UserInterface\UserInterface;
+
+        public function indexAction(UserInterface $user = null)
+        {
+            // $user is null when not logged-in or anon.
+        }
+
+    This is only recommended for experienced developers who don't extend from the
+    :ref:`Symfony base controller <the-base-controller-class-services>` and
+    don't use the :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\ControllerTrait`
+    either. Otherwise, keep usin the recommended ``getUser()`` shortcut.
+
 Retrieving the User in a Template
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

From 56f05c2c841a0c70a1ebda293b485e1e57d970ed Mon Sep 17 00:00:00 2001
From: Javier Eguiluz <javier.eguiluz@gmail.com>
Date: Fri, 19 Jan 2018 12:43:38 +0100
Subject: [PATCH 3/3] Fixed typos

---
 security.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security.rst b/security.rst
index 33d02a103e3..247bef0a4a6 100644
--- a/security.rst
+++ b/security.rst
@@ -1062,7 +1062,7 @@ the User object, and use the ``isGranted()`` method (or
     This is only recommended for experienced developers who don't extend from the
     :ref:`Symfony base controller <the-base-controller-class-services>` and
     don't use the :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\ControllerTrait`
-    either. Otherwise, keep usin the recommended ``getUser()`` shortcut.
+    either. Otherwise, it's recommended to keep using the ``getUser()`` shortcut.
 
 Retrieving the User in a Template
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~