stackoom
  简体   繁体   中英

Symfony 4 access_control not working by roles

 原文  2018-07-11 06:17:56       php/ symfony

Question

I try to set access level on my routes and i wrote this simple security.yaml 

security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
    App\Entity\User: bcrypt

providers:
    db_provider:
        entity:
            class: App\Entity\User
            property: mobile
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
        anonymous: ~
        form_login:
            login_path: verify_token_page
            check_path: verify_token_page
            default_target_path: panel_index

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
     - { path: ^/panel, roles: ROLE_SERVICE_MAN }

Problem is , when i try to access localhost:8000/panel , i get AccessDeniedHttpException

Here is my user role dump 

array:1 [▼
  0 => "ROLE_SERVICE_MAN"
]

And i also tried to use not roles but role or wrap ROLE_SERVICE_MAN with brackets

Here is my PanelController 

<?php

namespace App\Controller;

use App\Entity\Car;
use App\Entity\User;
use App\Form\CarType;
use App\Repository\CarRepository;
use App\Repository\RequestRepository;
use Symfony\Bridge\Doctrine\Form\Type\EntityType;
use Symfony\Component\Form\Extension\Core\Type\DateType;
use Symfony\Component\Form\Extension\Core\Type\TextareaType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

/**
 * @Route("/panel")
 */
class PanelController extends Controller
{
    /**
     * @return \Symfony\Component\HttpFoundation\Response
     * @Route("/",name="panel_index")
     */
    public function indexAction()
    {
        return $this->render('panel/index.html.twig');
    }

}

1 answers

solution1
 0 ACCPTED  2018-07-11 08:00:47

OK , Point 1 : i found the problem never try to change user role directly from your database because that set once when you login in cache or cookie or etc ... (i dont know where exactly) when you change you should re login or add another user to set new roles .

Point 2 : check key Roles ( and do not add Role [my mistake]) in your entity .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question roles and access_control fosuserbundle Symfony guard : access_control has no effect Redirect if a logged in user accesses /login: access_control roles what symfony2 access_control really does? How to store Symfony2 “access_control” information in Database? Symfony security / access_control, lots of redundant entries Symfony 3 security - Access_control doesn't work for one route Symfony3 regex access_control in security.yml Symfony FosUserBundle access_control security admin login FOSUserBundle access_control
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM