I am developing a simple blog for this using symfony 2.
I'm stuck in security issues. If the user logs in to the site, I want to display the "edit" link, but I'm getting an anonymous user.
Here is my security. IML and template code is thanks!
security.yml:
security: encoder: symphony \ component \ security \ core \ user \ user: plain text role_assigned: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN , ROLE_ALLOWED_TO_SWITCH] Provider: in_memory: Storage: User: Admin: {Password: Administrator, Roles: ['ROLE_ADMIN']} Firewall: Disables authentication for # assets and profiles, customize it to your needs accordingly: Pattern : ^ / (_ (Profiler | wdt) | c Ss | picture | js) / security: blog_sakura_arra for the # wrong part of the application: Pattern: ^ / edit Unnamed: ~ http_basic: realm: "safe blog area" # Blog page should be accessible to all blog_public: pattern: ^ / Anonymous: true access_control: - {path: ^ / edit, roles: ROLE_ADMIN} article.html.twig (url: / detail / {id})
{% if_granted is ('ROLE_AD MIN')%} and %
< Code> Firewalls: Disables authentication for # assets and profiles, customize it according to your needs: Pattern: ^ / (_ (profiler | wdt) | CSS | picture | js) / security: incorrect # blog Page should be accessible to all blog_public: pattern: ^ / anonymous: true # part of the application is protected blog_secured_area: Pattern: ^ / edit Name: ~ http_basic: realm: "secure blog area" access_control: - {path: ^ / edit, roles: ROLE_ADMIN} Because I think symfony2 will scan the firewall and order You will see them once in a while, in the last case in your case, that all the routes are accessible from the anonymous role, so it will also be on the / edit route.
Comments
Post a Comment