User roles in route settings
Question
To check if a user have access to a controller depending on his role we usually do something like this in the top of the controller:
$this->denyAccessUnlessGranted('ROLE_ADMIN');
or use annotation:
/**
* @Security("has_role('ROLE_ADMIN')")
*/
And all protected controllers have such a check.
Is it possible to put this check in a route settings, eg this way or somehow similar:
protected_route:
path: /top_secret
defaults: { _controller: '...', roles: [ROLE_ADMIN] }
?
1 answers
solution1
2 ACCPTED 2015-06-19 14:22:16
Yes you should look at this page:
http://symfony.com/doc/current/book/security.html#securing-url-patterns-access-control
# app/config/security.yml
security:
# ...
firewalls:
# ...
access_control:
# require ROLE_ADMIN for /admin*
- { path: ^/admin, roles: ROLE_ADMIN }
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
fos user: allow route to many roles even if user have just one role
Sitecore Droplink for User Roles
Manage User and Roles
KeyCloak User Federation AND DYNAMIC ROLES
Sitecore - Limit the roles a user has
Symfony Security not see roles for user
Java EE 7 dynamic user roles
Authorization and user roles in Oracle Apex?
Allow an user to be both “User” and “Admin” roles
Laravel centrally manage user roles/access levels
Related Tags