【发布时间】:2015-08-21 19:26:44
【问题描述】:
我想要受保护的 url /admin/ 并且我使用 symfony book 但不能正常工作,我有用户而不是用户捆绑只是实体用户和字段角色 = ROLE_ADMIN 或 ROLE_USER,ROLE_FREELANCER。我有标准完整的SecurityBundle。现在,如果我与拥有 ROLE_FREELNANCER 的开发人员一起进入,我会为该角色执行该操作,但如果我通过 url admin/tim/dashboard 这个开发人员输入此 url,这是错误的。请帮忙。 这是我的安全:
security:
encoders:
Artel\ProfileBundle\Entity\Users:
algorithm: sha1
encode_as_base64: false
iterations: 1
Artel\ProfileBundle\Entity\Developer:
algorithm: sha1
encode_as_base64: false
iterations: 1
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_CLIENT: ROLE_USER
ROLE_COMPANY: ROLE_USER
ROLE_FREELANCER: ROLE_USER
ROLE_ADMIN: ROLE_ADMIN
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_MODERATOR, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
chain_provider:
chain:
providers: [user_db, user_dev, in_memory]
providers: [user_dev, in_memory]
user_db:
entity: { class: Artel\ProfileBundle\Entity\Users, property: email }
user_dev:
entity: { class: Artel\ProfileBundle\Entity\Developer, property: email }
in_memory:
memory:
users:
admin_tyty: { password: adminpass_tyty, roles: [ 'ROLE_ADMIN' ] }
firewalls:
default:
anonymous: ~
http_basic: ~
form_login:
login_path: /login
check_path: /login_check
logout:
path: /logout
invalidate_session: false
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /admin/(.*), roles: ROLE_ADMIN }
和我的行动
class SecurityController extends Controller
{
public function loginAction(Request $request)
{
$authenticationUtils = $this->get('security.authentication_utils');
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('ArtelProfileBundle:Security:login.html.twig',
array(
// last username entered by the user
'last_username' => $lastUsername,
'home_page' => $this->container->getParameter('home_page'),
'phone_in_header' => $this->container->getParameter('phone_in_header'),
'error' => $error,
'db_url' => $this->container->getParameter('db_url'),
'api_url' => $this->container->getParameter('api_url'),
'mauth_url' => $this->container->getParameter('mauth_url'),
'gaID' => $this->container->getParameter('gaID'),
'ymID' => $this->container->getParameter('ymID')
)
);
}
public function securityCheckAction()
{
// Роут
}
public function indexAction()
{
$securityContext = $this->container->get('security.context');
if ( $securityContext->isGranted('IS_AUTHENTICATED_FULLY') == false ) {
return $this->redirect($this->generateUrl('login_route'));
}
$role = $this->getUser()->getRoles();
if($role[0] == 'ROLE_FREELANCER')
{
return $this->redirect($this->generateUrl('artel_profile_homepage', array('username' => $this->getUser()->getUsername())));
}
elseif($role[0] == 'ROLE_COMPANY')
{
return $this->redirect($this->generateUrl('artel_user_profile_homepage', array('username' => $this->getUser()->getUsername())));
}
if($role[0] == 'ROLE_ADMIN')
{
return $this->redirect($this->generateUrl('admin_tim_dashboard'));
}
else
return $this->render('default/index.html.twig');
}
【问题讨论】:
-
将
- { path: ^/admin/, role: ROLE_ADMIN }移动一排。