douzhang8840 2016-02-27 21:59
浏览 53
已采纳

symfony 3 + FosUserBundle防火墙页面不显示登录表单

I am making a site with Symfony3 and there is expected need for some pages to be firewall-ed. For user management i am using FosUserBundle ~2.0@dev.

Logging in and out works (so it seems to me that FosUserBundle is configured correctly).

I am expecting that login form is to be shown if page is firewalled.

BUT, these URLs does not respect firewall and display their content for anonymous users...

  • localhost:8000/en/admin
  • localhost:8000/en/admin/delete-tev
  • localhost:8000/en/admin/import-tev
  • localhost:8000/en/admin/click-list

here is my security.yml configuration:

security:

    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:

        dev:
            pattern: ^/(_(profiler|wdt)|css|img|js)/
            security: false

        main:
            pattern: ^/
            form_login:
                provider:             fos_userbundle
                login_path:           fos_user_security_login
                check_path:           fos_user_security_check
                csrf_token_generator: security.csrf.token_manager

            logout:
                path: fos_user_security_logout
                target: goods_list_exclusive

            logout:       true
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/click_list, role: ROLE_ADMIN }
        - { path: ^/admin/import_tev, role: ROLE_ADMIN }
        - { path: ^/admin/delete_tev, role: ROLE_ADMIN }
        - { path: ^/admin/, role: ROLE_ADMIN }

here is my routing:

app:
    resource: "@AppBundle/Controller/"
    type:     annotation

# redirecting home
homepage:
    path: /
    defaults:
        _controller: FrameworkBundle:Redirect:redirect
        route: goods_list_exclusive
        permanent: true

# redirecting home
homepage_lv:
    path: /lv/
    defaults:
        _controller: FrameworkBundle:Redirect:redirect
        route: goods_list_exclusive
        permanent: true

# redirecting home
homepage_en:
    path: /en/
    defaults:
        _controller: FrameworkBundle:Redirect:redirect
        route: goods_list_exclusive
        permanent: true

# redirecting home
homepage_ru:
    path: /ru/
    defaults:
        _controller: FrameworkBundle:Redirect:redirect
        route: goods_list_exclusive
        permanent: true

goods_list_exclusive:
    path:     /{_locale}/goods-list-exclusive
    defaults: { _controller: AppBundle:Goods:goodsListExclusive }
    requirements:
        _locale: lv|en|ru

goods_list_new:
    path:     /{_locale}/goods-list-new
    defaults: { _controller: AppBundle:Goods:goodsListNew }
    requirements:
        _locale: lv|en|ru

goods_show:
    path:     /{_locale}/goods-show/{id}
    defaults: { _controller: AppBundle:Goods:goodsShow }
    requirements:
        _locale: lv|en|ru

goods_external_link:
    path:     /{_locale}/goods-external-link/{id}
    defaults: { _controller: AppBundle:Goods:goodsExternalLink }
    requirements:
        _locale: lv|en|ru

admin_import_tev:
    path:     /{_locale}/admin/import-tev
    defaults: { _controller: AppBundle:Import:importTev }
    requirements:
        _locale: lv|en|ru

admin_delete_tev:
    path:     /{_locale}/admin/delete-tev
    defaults: { _controller: AppBundle:Delete:deleteTev }
    requirements:
        _locale: lv|en|ru

admin_click_list:
    path:     /{_locale}/admin/click-list
    defaults: { _controller: AppBundle:Click:clickList }
    requirements:
        _locale: lv|en|ru

admin:
    path:     /{_locale}/admin
    defaults: { _controller: AppBundle:Default:admin }
    requirements:
        _locale: lv|en|ru

fos_user:
    resource: "@FOSUserBundle/Resources/config/routing/all.xml"
    prefix:   /{_locale}

Thank you for your time.

  • 写回答

1条回答 默认 最新

  • douqihou7537 2016-02-28 11:00
    关注

    The patterns in your access control rules that restrict access for anonymous users all start with /admin while the URL path starts with the locale. Thus you should update the patterns to match the actual path. For example, you can have something like this (it assumes that there always is a two-letter locale, but you can adapt it to your needs):

    access_control:
    # ...
    - { path: '^/[a-z]{2}/admin/click_list', role: ROLE_ADMIN }
    - { path: '^/[a-z]{2}/admin/import_tev', role: ROLE_ADMIN }
    - { path: '^/[a-z]{2}/admin/delete_tev', role: ROLE_ADMIN }
    - { path: '^/[a-z]{2}/admin/', role: ROLE_ADMIN }
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?
  • ¥15 求daily translation(DT)偏差订正方法的代码