我正在使用Symfony3创建一个站点,并且预计需要对某些页面进行防火墙处理。对于用户管理,我使用的是FosUserBundle~2.0@dev。
登录和注销工作(因此在我看来FosUserBundle配置正确)。
如果页面被防火墙,我希望能够显示登录表单。
但是,这些网址不尊重防火墙并为匿名用户显示其内容......
这是我的security.yml配置:
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|img|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
login_path: fos_user_security_login
check_path: fos_user_security_check
csrf_token_generator: security.csrf.token_manager
logout:
path: fos_user_security_logout
target: goods_list_exclusive
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/click_list, role: ROLE_ADMIN }
- { path: ^/admin/import_tev, role: ROLE_ADMIN }
- { path: ^/admin/delete_tev, role: ROLE_ADMIN }
- { path: ^/admin/, role: ROLE_ADMIN }
这是我的路线:
app:
resource: "@AppBundle/Controller/"
type: annotation
# redirecting home
homepage:
path: /
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: goods_list_exclusive
permanent: true
# redirecting home
homepage_lv:
path: /lv/
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: goods_list_exclusive
permanent: true
# redirecting home
homepage_en:
path: /en/
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: goods_list_exclusive
permanent: true
# redirecting home
homepage_ru:
path: /ru/
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: goods_list_exclusive
permanent: true
goods_list_exclusive:
path: /{_locale}/goods-list-exclusive
defaults: { _controller: AppBundle:Goods:goodsListExclusive }
requirements:
_locale: lv|en|ru
goods_list_new:
path: /{_locale}/goods-list-new
defaults: { _controller: AppBundle:Goods:goodsListNew }
requirements:
_locale: lv|en|ru
goods_show:
path: /{_locale}/goods-show/{id}
defaults: { _controller: AppBundle:Goods:goodsShow }
requirements:
_locale: lv|en|ru
goods_external_link:
path: /{_locale}/goods-external-link/{id}
defaults: { _controller: AppBundle:Goods:goodsExternalLink }
requirements:
_locale: lv|en|ru
admin_import_tev:
path: /{_locale}/admin/import-tev
defaults: { _controller: AppBundle:Import:importTev }
requirements:
_locale: lv|en|ru
admin_delete_tev:
path: /{_locale}/admin/delete-tev
defaults: { _controller: AppBundle:Delete:deleteTev }
requirements:
_locale: lv|en|ru
admin_click_list:
path: /{_locale}/admin/click-list
defaults: { _controller: AppBundle:Click:clickList }
requirements:
_locale: lv|en|ru
admin:
path: /{_locale}/admin
defaults: { _controller: AppBundle:Default:admin }
requirements:
_locale: lv|en|ru
fos_user:
resource: "@FOSUserBundle/Resources/config/routing/all.xml"
prefix: /{_locale}
感谢您的时间。
答案 0 :(得分:0)
访问控制规则中限制匿名用户访问的模式都以/admin
开头,而URL路径以区域设置开头。因此,您应该更新模式以匹配实际路径。例如,你可以有这样的东西(假设总是有一个双字母的区域设置,但你可以根据自己的需要调整它):
access_control:
# ...
- { path: '^/[a-z]{2}/admin/click_list', role: ROLE_ADMIN }
- { path: '^/[a-z]{2}/admin/import_tev', role: ROLE_ADMIN }
- { path: '^/[a-z]{2}/admin/delete_tev', role: ROLE_ADMIN }
- { path: '^/[a-z]{2}/admin/', role: ROLE_ADMIN }