Symfony 4 access_control 不按角色工作 [英] Symfony 4 access_control not working by roles
问题描述
我尝试在我的路线上设置访问级别,我写了这个简单的security.yaml
I try to set access level on my routes and i wrote this simple security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User: bcrypt
providers:
db_provider:
entity:
class: App\Entity\User
property: mobile
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
form_login:
login_path: verify_token_page
check_path: verify_token_page
default_target_path: panel_index
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/panel, roles: ROLE_SERVICE_MAN }
问题是,当我尝试访问 localhost:8000/panel 时,我得到 AccessDeniedHttpException
Problem is , when i try to access localhost:8000/panel , i get AccessDeniedHttpException
这是我的用户角色转储
array:1 [▼
0 => "ROLE_SERVICE_MAN"
]
而且我也尝试不使用角色而是使用角色或用括号括起 ROLE_SERVICE_MAN
And i also tried to use not roles but role or wrap ROLE_SERVICE_MAN with brackets
这是我的 PanelController
Here is my PanelController
<?php
namespace App\Controller;
use App\Entity\Car;
use App\Entity\User;
use App\Form\CarType;
use App\Repository\CarRepository;
use App\Repository\RequestRepository;
use Symfony\Bridge\Doctrine\Form\Type\EntityType;
use Symfony\Component\Form\Extension\Core\Type\DateType;
use Symfony\Component\Form\Extension\Core\Type\TextareaType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
/**
* @Route("/panel")
*/
class PanelController extends Controller
{
/**
* @return \Symfony\Component\HttpFoundation\Response
* @Route("/",name="panel_index")
*/
public function indexAction()
{
return $this->render('panel/index.html.twig');
}
}
推荐答案
OK ,第 1 点:我发现问题永远不会尝试直接从您的数据库更改用户角色,因为在您登录缓存或 cookie 等时设置一次...(我不知道确切位置)当您更改时,您应该重新登录或添加另一个用户来设置新角色.
OK , Point 1 : i found the problem never try to change user role directly from your database because that set once when you login in cache or cookie or etc ... (i dont know where exactly) when you change you should re login or add another user to set new roles .
第 2 点:检查实体中的关键角色(并且不要添加角色 [我的错误]).
Point 2 : check key Roles ( and do not add Role [my mistake]) in your entity .
这篇关于Symfony 4 access_control 不按角色工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!