[英]How do I check for user role in symfony2 for urls not falling under patterns defined security.yml?
I have a admin panel and I have defined a role for it ROLE_ADMIN
. 我有一个管理面板,我为它定义了一个角色
ROLE_ADMIN
。 In my security.yml file I am using a pattern ^/admin/*
so every thing under /admin requires ROLE_ADMIN
. 在我的security.yml文件中,我使用的是模式
^/admin/*
所以/ admin下的每个东西都需要ROLE_ADMIN
。 Now in frontend of my app I need to check user role and if role is ROLE_ADMIN
render one file and otherwise render another file. 现在在我的应用程序的前端,我需要检查用户角色,如果角色是
ROLE_ADMIN
渲染一个文件,否则渲染另一个文件。 This url does not fall under the pattern defined in security.yml. 此URL不属于security.yml中定义的模式。
So how do I check whether the user is admin or a normal user on the homepage which does not fall under the pattern defined in security.yml ? 那么如何在主页上检查用户是管理员还是普通用户,该用户不属于security.yml中定义的模式?
Enable the firewall on the whole app using the ^/
pattern, permit anonymous access and use access_control
to restrict access: 使用
^/
pattern在整个应用程序上启用防火墙,允许匿名访问并使用access_control
来限制访问:
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
As @itsmequinn suggested, use the isGranted()
method of the security context: 正如@itsmequinn建议的那样,使用安全上下文的
isGranted()
方法:
if ($this->get('security.context')->isGranted('ROLE_BRAND')) {
// the user has the ROLE_BRAND role, so act accordingly
}
In Symfony 2.6 , security.context
has been split into two separate services. 在Symfony 2.6中 ,
security.context
已拆分为两个单独的服务。 Hence you need to use the security.authorization_checker
service to solve the problem: 因此,您需要使用
security.authorization_checker
服务来解决问题:
if ($this->get('security.authorization_checker')->isGranted('ROLE_BRAND')) {
// the user has the ROLE_BRAND role, so act accordingly
}
Symfony 3.0
Symfony 3.0
弃用 Prior to Symfony 2.6
you would use SecurityContext
. 在
Symfony 2.6
之前,您将使用SecurityContext
。
SecurityContext
will be deprecated in Symfony 3.0
in favour of the AuthorizationChecker
. 在
Symfony 3.0
中将弃用SecurityContext
以支持AuthorizationChecker
。
For Symfony 2.6+
& Symfony 3.0
use AuthorizationChecker
. 对于
Symfony 2.6+
和Symfony 3.0
使用AuthorizationChecker
。
if ($this->get('security.context')->isGranted('ROLE_ADMIN')) {
# User is a ROLE_ADMIN
}
if ($this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')) {
# User is a ROLE_ADMIN
}
Similar Question: How to check if an user is logged in Symfony2 inside a controller? 类似问题: 如何检查用户是否在控制器内登录Symfony2?
Read more the docs here: AuthorizationChecker
阅读更多文档:
AuthorizationChecker
Are you in the controller for the page? 你是该页面的控制器吗? If so, use the
isGranted
method of the security context: Access Controls for Controllers 如果是这样,请使用安全上下文的
isGranted
方法: 控制器的访问控制
Easiest solution for this are annotations. 最简单的解决方案是注释。 Instead of this:
而不是这个:
if ($this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')) {
# User is a ROLE_ADMIN
}
.. try use this: ..试试用这个:
/**
* ...
* @Security("has_role('ROLE_ADMIN')")
*/
.. or : .. 要么 :
/**
* ...
* @Security("is_granted('POST_ADD', post)")
*/
public function addAction(Post $post){...}
You can read more about Security annotations here . 您可以在此处阅读有关安全注释的更多信息。 Annotations are best practice in Symfony 2 look here Enjoy!
注释是Symfony的最佳实践2看这里享受!
In Symfony 4 and above you should use code like below, instead of using services like $this->get('security.authorization_checker'): 在Symfony 4及更高版本中,您应该使用如下代码,而不是使用像$ this-> get('security.authorization_checker')这样的服务:
$hasAccess = $this->isGranted('ROLE_ADMIN');
$this->denyAccessUnlessGranted('ROLE_ADMIN');
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.