堆栈内存溢出
  简体   繁体   English

路由的Symfony角色规则-拒绝访问

[英]Symfony Role Rules for Routes - Access Denied

 原文  2018-01-04 14:36:43       symfony/ authentication/ roles

问题描述

I am having issues securing a route 'dashboard' to a custom user role. 我在保护到自定义用户角色的路线“仪表板”时遇到问题。 I am using FOSUserBundle and I am aware that due to due users are given ROLE_USER by default - even though this role does appear in the user table. 我正在使用FOSUserBundle,并且我知道由于默认情况下,由于适当的原因,为用户提供了ROLE_USER-即使此角色确实出现在用户表中。

On a user sign in (this happens via Steam) I add a new custom 在用户登录时(通过Steam进行),我添加了新的自定义 

$user->setRoles(['ROLE_LOGGED_STEAM_USER']);

My issue flows as such - User hits site - User logs in - redirect to Dashboard route - with the access denied error. 我的问题就这样-用户访问网站-用户登录-重定向到仪表板路由-访问被拒绝错误。

I have also disabled the security line and dumping out the ROLES to which I can pull from the token user object to confirm the ROLE exists and matches the rule 我还禁用了安全线,并转出了我可以从令牌用户对象中提取的角色以确认角色存在并匹配规则的角色

Here is my security ACL 这是我的安全ACL 

security:
encoders:
    FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    steamauth:
        id: steam.user_provider
    fos_userbundle:
        id: fos_user.user_provider.username

firewalls:
    main:
        provider: steamauth
        pattern: ^/
        form_login:
            provider: fos_userbundle

        logout:       true
        anonymous:    true
        form_login:
            login_path:   login
            check_path:   login_check
        steam:
            default_route: controller.dashboard.home

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/dashboard, role: ROLE_LOGGED_STEAM_USER }

Initially, I wasn't aware that all roles had to Begin with ROLE_* 最初,我不知道所有角色都必须以ROLE_ *开头

Here is a screenshot of the user entry with the role attached here 这是用户条目的屏幕快照,并在此处附加了角色

I hope its somthing simple im just overlooked so any help would be great! 我希望它只是简单的即时消息而被忽略了,所以任何帮助都会很棒!

Thanks it advance for any help/suggestions! 感谢您的帮助或建议!

2 个解决方案

解决方案1
 0  2018-01-04 15:09:35

不确定,但我认为您有错别字,请尝试将角色改为“ s” 

 - { path: ^/dashboard, roles: ROLE_LOGGED_STEAM_USER }

解决方案2
 0  2018-01-04 17:12:57

I think you must register your custom role on the " role_hierarchy " so the code will be: 我认为您必须在“ role_hierarchy ”上注册您的自定义角色,因此代码应为: 

role_hierarchy:
    ROLE_ADMIN:       [ROLE_USER, ROLE_LOGGED_STEAM_USER]
    ROLE_SUPER_ADMIN: ROLE_ADMIN

Hope it help. 希望对您有所帮助。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在 SonataMediaBundle 和 Symfony 4 中查看和下载路由的访问被拒绝 - Access Denied for view and download routes in SonataMediaBundle and Symfony 4 Symfony2防火墙:用户具有正确的角色但“拒绝访问” - Symfony2 Firewall: User has right role but “Access denied” Symfony 中基于用户角色的路由 - User Role based routes in Symfony 访问被拒绝的Symfony 2 - Access Denied Symfony 2 Symfony2 - 访问被拒绝 - Symfony2 - Access Denied 按角色的Symfony access_control - Symfony access_control by role Symfony2路由访问控制 - Symfony2 access control with routes Symfony2,路由和访问验证器 - Symfony2, routes and access validator symfony2访问被拒绝异常 - symfony2 access denied exception 访问被拒绝 403 symfony2 - access denied 403 symfony2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM