Symfony 4 access_control 不按角色工作 [英] Symfony 4 access_control not working by roles

问题描述

我尝试在我的路线上设置访问级别，我写了这个简单的security.yaml

I try to set access level on my routes and i wrote this simple security.yaml

security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
    App\Entity\User: bcrypt

providers:
    db_provider:
        entity:
            class: App\Entity\User
            property: mobile
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
        anonymous: ~
        form_login:
            login_path: verify_token_page
            check_path: verify_token_page
            default_target_path: panel_index

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
     - { path: ^/panel, roles: ROLE_SERVICE_MAN }

问题是，当我尝试访问 localhost:8000/panel 时，我得到 AccessDeniedHttpException

Problem is , when i try to access localhost:8000/panel , i get AccessDeniedHttpException

这是我的用户角色转储

array:1 [▼
  0 => "ROLE_SERVICE_MAN"
]

而且我也尝试不使用角色而是使用角色或用括号括起 ROLE_SERVICE_MAN

And i also tried to use not roles but role or wrap ROLE_SERVICE_MAN with brackets

这是我的 PanelController

Here is my PanelController

<?php

namespace App\Controller;

use App\Entity\Car;
use App\Entity\User;
use App\Form\CarType;
use App\Repository\CarRepository;
use App\Repository\RequestRepository;
use Symfony\Bridge\Doctrine\Form\Type\EntityType;
use Symfony\Component\Form\Extension\Core\Type\DateType;
use Symfony\Component\Form\Extension\Core\Type\TextareaType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

/**
 * @Route("/panel")
 */
class PanelController extends Controller
{
    /**
     * @return \Symfony\Component\HttpFoundation\Response
     * @Route("/",name="panel_index")
     */
    public function indexAction()
    {
        return $this->render('panel/index.html.twig');
    }

}

推荐答案

OK ,第 1 点:我发现问题永远不会尝试直接从您的数据库更改用户角色，因为在您登录缓存或 cookie 等时设置一次...(我不知道确切位置)当您更改时，您应该重新登录或添加另一个用户来设置新角色.

OK , Point 1 : i found the problem never try to change user role directly from your database because that set once when you login in cache or cookie or etc ... (i dont know where exactly) when you change you should re login or add another user to set new roles .

第 2 点:检查实体中的关键角色(并且不要添加角色 [我的错误]).

Point 2 : check key Roles ( and do not add Role [my mistake]) in your entity .

这篇关于Symfony 4 access_control 不按角色工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！