I have a problem with the firewall thing in Symfony2.
I have these in my security.yml file
- { path: ^/, role: ROLE_USER }
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/users, role: ROLE_ADMIN }
In my menu builder im using isGranted and this works perfect, if I login with my ROLE_USER user, the menu does not build the admin menu.
But if I manually type /admin in the browser I get the admin pages. (this happens both in production and dev envoirenment)
In the toolbar in dev env I can see the user dont have the ROLE_ADMIN role
If I dont login at all, I only see the login page, so here is everything fine
Full security.yml: https://gist.github.com/lsv/2e9dce622fd82d31853c
Full config.yml: https://gist.github.com/lsv/ec87592f911262af5417
Im using FOSUserbundle
Entries in access_control
should be in the order from more specific to more general . So, in your case, they should be in the following order:
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/, roles: ROLE_USER }
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.