[英]Deny access to ROLE_ADMIN symfony
I work with with Symfony 2.7 and FOSUserBundle 2.0我使用 Symfony 2.7 和 FOSUserBundle 2.0
What i want is to allow access to /admin to ROLE_ADMIN
user but to deny him other paths.我想要的是允许
ROLE_ADMIN
用户访问 /admin 但拒绝他其他路径。
# app/security.yml
access_control:
- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
- { path: ^/admin, roles: ROLE_SUPER_ADMIN }
role_hierarchy:
ROLE_USER: ROLE_USER
ROLE_ADMIN: ROLE_ADMIN
I thought about php app/console fos:user:demote admin ROLE_USER
but ROLE_USER
is the default role of FOSUser, so every times the admin connects, ROLE_USER
comes back in addition to ROLE_ADMIN
.我想到了
php app/console fos:user:demote admin ROLE_USER
但ROLE_USER
是ROLE_USER
的默认角色,所以每次管理员连接时, ROLE_USER
除了ROLE_ADMIN
之外ROLE_ADMIN
。
How can do this ?怎么能这样呢?
In that case, ROLE_ADMIN
as no access to ROLE_MANAGER
在这种情况下,
ROLE_ADMIN
无法访问ROLE_MANAGER
access_control:
- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/roles: ROLE_MANAGER }
- { path: ^/admin, roles: ROLE_ADMIN }
role_hierarchy:
ROLE_USER:
- ROLE_USER
ROLE_MANAGER:
- ROLE_USER
ROLE_ADMIN:
- ROLE_ADMIN
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.