3

How can I configure security firewalls and access_control so that all pages render limited information for anonymous users (note login is not enforced), but shows full details for authenticated users?

encoders:
    Symfony\Component\Security\Core\User\User: plaintext

role_hierarchy:
    ROLE_AGENT: ROLE_USER

providers:
    agent_provider:
        memory:
            users:
                agent: { password: agentpass, roles: [ 'ROLE_AGENT' ] }
    user_provider:
        memory:
            users:
                user:  { password: userpass, roles: [ 'ROLE_USER' ] }

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
        anonymous: true
    agent_area:
        provider: agent_provider
        pattern:   ^/agent
        anonymous: ~
        form_login:
            login_path: agent_login
            check_path: agent_login_check
            default_target_path: /agent
        logout:
            path:   agent_logout
            target: /agent
    user_area:
        provider: user_provider
        pattern:   ^/
        anonymous: ~
        form_login:
            login_path: app_login
            check_path: app_login_check
            default_target_path: /
        logout:
            path:   app_logout
            target: /

access_control:
    - { path: ^/agent/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/agent, roles: ROLE_AGENT }
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: ROLE_USER }

If the last two lines from access_control are removed, the login process appears to work as expected, but is_granted('ROLE_USER') always return false even when a user is logged in.

    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: ROLE_USER }
4

1 回答 1

3

您可以使用 twig 的is_granted()函数向用户和访客显示不同的内容。

{% if is_granted('IS_AUTHENTICATED_ANONYMOUSLY') %}

    {# ... only non logged-in users content ... #}

{% endif %}

... 或者 ...

{% if is_granted('ROLE_USER') %}

   {# .. user's content ... #}

{% endif %}
于 2013-06-17T08:04:54.383 回答