我尝试在路线上设置访问级别,我写了这个简单的 security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User: bcrypt
providers:
db_provider:
entity:
class: App\Entity\User
property: mobile
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
form_login:
login_path: verify_token_page
check_path: verify_token_page
default_target_path: panel_index
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/panel, roles: ROLE_SERVICE_MAN }
问题是,当我尝试访问 localhost:8000 / panel 时,出现 AccessDeniedHttpException
这是我的用户角色转储
array:1 [▼
0 => "ROLE_SERVICE_MAN"
]
我也尝试不使用角色,而是使用角色或将ROLE_SERVICE_MAN用括号括起来
这是我的PanelController
<?php
namespace App\Controller;
use App\Entity\Car;
use App\Entity\User;
use App\Form\CarType;
use App\Repository\CarRepository;
use App\Repository\RequestRepository;
use Symfony\Bridge\Doctrine\Form\Type\EntityType;
use Symfony\Component\Form\Extension\Core\Type\DateType;
use Symfony\Component\Form\Extension\Core\Type\TextareaType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
/**
* @Route("/panel")
*/
class PanelController extends Controller
{
/**
* @return \Symfony\Component\HttpFoundation\Response
* @Route("/",name="panel_index")
*/
public function indexAction()
{
return $this->render('panel/index.html.twig');
}
}
答案 0 :(得分:0)
好的, 要点1:我发现问题永远不要尝试直接从数据库中更改用户角色,因为登录缓存或cookie或其他方式时设置了一次(我不知道确切在哪里) 更改时,您应该重新登录或添加其他用户来设置新角色。
第2点:检查您实体中的关键角色(不要添加Role [我的错误])。