如何配置安全性防火墙和 access_control ,以便所有页面都为匿名用户提供有限的信息(请注意不强制登录),但会显示经过身份验证的用户的完整详细信息?
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_AGENT: ROLE_USER
providers:
agent_provider:
memory:
users:
agent: { password: agentpass, roles: [ 'ROLE_AGENT' ] }
user_provider:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
anonymous: true
agent_area:
provider: agent_provider
pattern: ^/agent
anonymous: ~
form_login:
login_path: agent_login
check_path: agent_login_check
default_target_path: /agent
logout:
path: agent_logout
target: /agent
user_area:
provider: user_provider
pattern: ^/
anonymous: ~
form_login:
login_path: app_login
check_path: app_login_check
default_target_path: /
logout:
path: app_logout
target: /
access_control:
- { path: ^/agent/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/agent, roles: ROLE_AGENT }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
如果删除 access_control 中的最后两行,则登录过程似乎按预期工作,但即使用户已登录,is_granted('ROLE_USER')也始终返回false。
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
答案 0 :(得分:3)
您可以使用twig的 is_granted()功能向用户和来宾显示不同的内容。
{% if is_granted('IS_AUTHENTICATED_ANONYMOUSLY') %}
{# ... only non logged-in users content ... #}
{% endif %}
......或......
{% if is_granted('ROLE_USER') %}
{# .. user's content ... #}
{% endif %}