我是symfony2的新手,我不了解security.yml的工作方式
我的应用程序中有2个角色:ROLE_USER,ROLE_ADMIN。
ROLE_USER:只能查看(不能CRUD)
ROLE_ADMIN:可以做任何事情(可以CRUD)
我有两个基本问题:
app / config中只有1个security.yml吗?我可以为我的捆绑包ThePartner \ EZFBundle \ Resource \ config创建一个security.yml,在那里我可以指定一个角色可以访问的路由吗?
我想阻止ROLE_USER访问路由blue_form_new,blue_form_create,blue_form_edit,blue_form_update,blue_form_delete?此ROLE_USER只能访问blue_form,blue_form_show
这是我的ThePartner \ EZFBundle \ Resources \ routing.yml
ThePartnerEZFBundle_blue_form:
resource: "@ThePartnerEZFBundle/Resources/config/routing/blueform.yml"
prefix: /blue_form
这是ThePartnerEZFBundle / Resources / config / routing / blueform.yml
blue_form:
pattern: /
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:index" }
blue_form_show:
pattern: /{id}/show
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:show" }
blue_form_new:
pattern: /new
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:new" }
blue_form_create:
pattern: /create
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:create" }
requirements: { _method: post }
blue_form_edit:
pattern: /{id}/edit
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:edit" }
blue_form_update:
pattern: /{id}/update
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:update" }
requirements: { _method: post|put }
blue_form_delete:
pattern: /{id}/delete
defaults: { _controller: "ThePartnerEZFBundle:BlueForm:delete" }
requirements: { _method: post|delete }
谢谢你们
答案 0 :(得分:2)
您需要配置的只是security.yml。您可以定义多个适用于不同路由的防火墙:
security:
firewalls:
your_first_firewall:
pattern: /public/ #this is regexp, so all urls starting with /public/ will match
security: false #this will be public, no firewall
your_second_firewall:
pattern: /nonPublic/
security: true
请记住,防火墙条目的顺序非常重要 - 首先匹配的模式将会赢得"赢得"。
您还可以从捆绑包中导入安全设置。为此,您需要在主security.yml中导入论坛的config.yml文件 - 描述here)
# app/config/config.yml
imports:
- { resource: '@AcmeDemoBundle/Resources/config/security.yml' }