0

我使用 Symfony 2.7 和 FOSUserBundle 2.0

我想要的是允许用户访问 /adminROLE_ADMIN但拒绝他其他路径。

# app/security.yml

access_control:
    - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: ROLE_USER }
    - { path: ^/admin, roles: ROLE_SUPER_ADMIN }

role_hierarchy:
    ROLE_USER:       ROLE_USER
    ROLE_ADMIN:      ROLE_ADMIN

我想过php app/console fos:user:demote admin ROLE_USERbutROLE_USER是FOSUser的默认角色,所以每次admin连接时,ROLE_USER除了ROLE_ADMIN.

怎么能做到这一点?

4

1 回答 1

1

在这种情况下,ROLE_ADMIN由于无法访问ROLE_MANAGER

access_control:
    - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/roles: ROLE_MANAGER }
    - { path: ^/admin, roles: ROLE_ADMIN }

role_hierarchy:
    ROLE_USER:       
        - ROLE_USER
    ROLE_MANAGER:    
        - ROLE_USER
    ROLE_ADMIN:     
        - ROLE_ADMIN
于 2015-09-12T21:35:33.320 回答