symfony 2 中的同一个 url 需要多个角色 [英] Multiple roles required for same url in symfony 2

问题描述

这是我的 security.yml 在访问控制列表中的样子:

This is how my security.yml looks like for access control list:

access_control:
    - { path: ^/admin, roles: IS_AUTHENTICATED_FULLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

我想要做的是，用户必须同时拥有两个角色(ROLE_ADMIN 和 IS_AUTHENTICATED_FULLY)才能访问定义的路径.但是根据上述规则，如果用户具有任何一个角色，则用户可以访问我不想要的定义的路径.我也尝试给出如下规则但没有成功:

What I want to do is that user must have both roles (ROLE_ADMIN and IS_AUTHENTICATED_FULLY) in order to access the path as defined. But with above rules, if the user has any one of the role, the user can access the path as defined which i dont want. I also tried giving rule as follow with no success:

 - { path: ^/admin, roles:[ROLE_ADMIN,IS_AUTHENTICATED_FULLY] }

如何添加要求用户具有两个角色才能访问定义的路径的规则?

How can I add rule that requires user to have both roles in order to access the path defined ?

推荐答案

IS_AUTHENTICATED_FULLY

当用户实际通过身份验证时返回 true.

returns true when ever a user is actually authenticated.

匿名用户在技术上经过身份验证，这意味着匿名用户对象的 isAuthenticated() 方法将返回 true.要检查您的用户是否实际经过身份验证，请检查IS_AUTHENTICATED_FULLY 角色.

Anonymous users are technically authenticated, meaning that the isAuthenticated() method of an anonymous user object will return true. To check if your user is actually authenticated, check for the IS_AUTHENTICATED_FULLY role.

因此，如果用户具有角色 ROLE_ADMIN 并已登录，则他已完全通过身份验证.因此，无需设置此要求:

So if a user has a role ROLE_ADMIN and is logged in, he is fully authenticated. As a result there is no need to set this requirement:

- { path: ^/admin, roles: IS_AUTHENTICATED_FULLY }

因为你有(见下文)其中包括完全认证

because you have (see below) which includes beeing fully authenticated

- { path: ^/admin, roles: ROLE_ADMIN }

和

- { path: ^/admin, roles: IS_AUTHENTICATED_FULLY }

将允许任何用户查看管理部分.

will allow any user to see the admin section.

阅读:http://symfony.com/doc/current/book/security.html

这篇关于symfony 2 中的同一个 url 需要多个角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！