Symfony 3-无法应用用户角色

时间:2019-05-06 10:56:30

标签: php symfony roles user-management

我有一个实现UserInterface的UserCas实体。

我的用户有一个角色:

enter image description here

但是,当我根据角色限制对某些页面的访问时,它不起作用。

因此,在控制器中,我已经对具有ROLE_ADMIN的用户进行了检查:

$user = $this->getUser();

        if($this->container->get('security.authorization_checker')->isGranted('ROLE_ADMIN'))
        {
            dump("yes");
        }

        else
        {
            dump("no");
        }

转储返回“否”。

如果我转储$ user-getRoles(),我将:

enter image description here

那么,请问是什么问题?

我的UserCas实体:

<?php

namespace Site\PagesBundle\Entity;

use Serializable;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\Common\Collections\Collection;
use Site\PagesBundle\Security\Traits\traitUser;
use Doctrine\Common\Collections\ArrayCollection;
use Symfony\Component\Validator\Constraints as Assert;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Site\PagesBundle\Entity\PaquetDDLCas;

/**
 * UserCas
 *
 * @ORM\Table(name="user_cas")
 * @ORM\Entity(repositoryClass="Site\PagesBundle\Repository\UserCasRepository")
 * @UniqueEntity("mail")
 */
class UserCas implements \Serializable, UserInterface
{

    use traitUser;
    // Some attributes and methods


    /**
     * @var int
     *
     * @ORM\Column(name="id", type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @var string
     *
     * @ORM\Column(name="username", type="string", length=255)
     */
    private $username;


    /**
     * @ORM\Column(name="mail", type="string")
     */
    private $mail;


    /************ MODIF ****************/

    /**
     * @ORM\Column(type="array")
     */
    protected $roles = [];

     /**
     * {@inheritdoc}
     */
    public function addRole($role)
    {
        $role = strtoupper($role);
        if ($role === ['ROLE_USER']) {
            return $this;
        }

        if (!in_array($role, $this->roles, true)) {
            $this->roles[] = $role;
        }

        return $this;
    }

    /**
     * {@inheritdoc}
     * @return array
     */
    public function getRoles()
    {
        return array_unique(array_merge(['ROLE_USER'], $this->roles));
    }

    /**
     * {@inheritdoc}
     */
    public function hasRole($role)
    {
        return in_array(strtoupper($role), $this->getRoles(), true);
    }

    /**
     * {@inheritdoc}
     */
    public function removeRole($role)
    {
        if (false !== $key = array_search(strtoupper($role), $this->roles, true)) {
            unset($this->roles[$key]);
            $this->roles = array_values($this->roles);
        }

        return $this;
    }

        /**
     * {@inheritdoc}
     */
    public function setRoles(array $roles)
    {
        $this->roles = array();

        foreach ($roles as $role) {
            $this->addRole($role);
        }

        return $this;
    }

    public function resetRoles()
    {
        $this->roles = [];
    }

    /******************* FIN MODIF  *********************/



    /**
     * Constructor
     */
    public function __construct()
    {
        $this->setEnabled(true);
        $this->roles = array();

    }

    /**
     * Get id
     *
     * @return int
     */
    public function getId()
    {
        return $this->id;
    }


    /**
     * @return string
     */
    public function getMail()
    {
        return $this->mail;
    }

    public function setMail($mail)
    {
        $this->mail = $mail;
    }

    /**
     * @return string
     */
    public function getUsername()
    {
        return $this->username;
    }

    public function setUsername($username)
    {
        $this->username = $username;
    }


    public function serialize()
    {
        return serialize([
            $this->id,
            $this->username,
            $this->mail
        ]);
    }

    public function unserialize($serialized)
    {
        list(
            $this->id,
            $this->username,
            $this->mail
        ) = unserialize($serialized);
    }



    /*********************** Méthodes pour UserInterface ***************************/

    public function eraseCredentials()
    {
    }

    /**
     * {@inheritdoc}
     */
    public function getSalt()
    {

    }

    /**
     * {@inheritdoc}
     */
    public function getPassword()
    {

    }


}

1 个答案:

答案 0 :(得分:5)

您可以在security.yml上设置限制

- { path: ^/admin/*, roles: [ROLE_ADMIN] }