Role_hierarchy with Symfony2

Question

Role_hierarchy with Symfony2

I have a big problem with my role_hierarchy,

security: role_hierarchy: ROLE_ADMIN:[ROLE_USER,ROLE_AUTHOR,ROLE_MODERATOR] ROLE_SUPER_ADMIN:[ROLE_ADMIN,ROLE_ALLOWED_TO_SWITCH]

with this, if I got the role SUPER_ADMIN, I will get ROLE_AUTHOR, ROLE_MODERATOR, ROLE_USER and ROLE_ADMIN. But my problem is, when I enter my website, if I check the profiler, I see that I have only ROLE_SUPER_ADMIN and not other roles, so can you help me?

my opinion ( base.html.twig )

 <h3>Blog</h3> <ul class="nav nav-pills nav-stacked"> <li><a href="{{ path('dom_home') }}">Home Page</a></li> {% if is_granted('ROLE_AUTHOR') %} <li><a href="{{ path('dom_add') }}">Add a post</a></li> {% endif %} {% if is_granted('IS_AUTHENTICATED_FULLY') %} <li><a href="{{ path('fos_user_security_logout') }}">Logout</a></li> {% else %} <li><a href="{{ path('fos_user_security_login') }}">login</a></li> <li><a href="{{ path('fos_user_registration_register') }}">register</a></li> {% endif %} </ul>

my security.yml (app / config)

 security: encoders: Symfony\Component\Security\Core\User\User: plaintext FOS\UserBundle\Model\UserInterface: sha512 role_hierarchy: ROLE_ADMIN: [ROLE_USER,ROLE_AUTHOR,ROLE_MODERATOR] ROLE_SUPER_ADMIN: [ROLE_ADMIN,ROLE_ALLOWED_TO_SWITCH] providers: in_memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } fos_userbundle: id: fos_user.user_manager firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/(login$|register|resetting) anonymous: true main: pattern: ^/ form_login: provider: fos_userbundle remember_me: true always_use_default_target_path: true default_target_path: /dom/ remember_me: key: %secret% anonymous: false logout: true

edit:

my view (base.html.twig)

 <h3>Blog</h3> <ul class="nav nav-pills nav-stacked"> <li><a href="{{ path('dom_home') }}">Home Page</a></li> {% if is_granted('ROLE_AUTHOR') %} <li><a href="{{ path('dom_add') }}">Add a post</a></li> {% endif %} {% if is_granted('IS_AUTHENTICATED_FULLY') %} <li><a href="{{ path('fos_user_security_logout') }}">Logout</a></li> {% else %} <li><a href="{{ path('fos_user_security_login') }}">login</a></li> <li><a href="{{ path('fos_user_registration_register') }}">register</a></li> {% endif %} </ul>

my security.yml (app / config)

 security: encoders: Symfony\Component\Security\Core\User\User: plaintext FOS\UserBundle\Model\UserInterface: sha512 role_hierarchy: ROLE_ADMIN: [ROLE_USER,ROLE_AUTHOR,ROLE_MODERATOR] ROLE_SUPER_ADMIN: [ROLE_ADMIN,ROLE_ALLOWED_TO_SWITCH] providers: in_memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } fos_userbundle: id: fos_user.user_manager firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/(login$|register|resetting) anonymous: true main: pattern: ^/ form_login: provider: fos_userbundle remember_me: true always_use_default_target_path: true default_target_path: /dom/ remember_me: key: %secret% anonymous: false logout: true

answer :)

+6

security symfony hierarchy roles

Stickly Jun 13 '12 at 17:11

source share

1 answer

dbrumann · Accepted Answer · 2012-06-16T16:20:40+0000

I don’t see what is wrong from the above code snippets, so I made a small example application to give you step-by-step instructions that could lead to the source of the problem.

Cloned symfony-standard (master) (and remote Acme \ DemoBundle)
Added "friendsofsymfony/user-bundle": "dev-master" to composer.json
New Mahok \ SecurityBundle package ( php app/console generate:bundle ) created
New php app/console doctrine:generate:entity object created php app/console doctrine:generate:entity
The changed entity according to the FOS \ UserBundle documentation (step 3; Important: change the table name to something other than “user”, since this is a reserved word and can cause problems!)

Changed app/AppKernel.php , app/config/config.yml , app/config/routing.yml and app/config/security.yml according to the FOS \ UserBundle documentation. For reference: This is security.yml, which I use:

 jms_security_extra: secure_all_services: false expressions: true security: encoders: FOS\UserBundle\Model\UserInterface: sha512 role_hierarchy: ROLE_AUTHOR: [ROLE_USER] ROLE_MODERATOR: [ROLE_AUTHOR] ROLE_ADMIN: [ROLE_MODERATOR] ROLE_SUPER_ADMIN: [ROLE_ADMIN] providers: fos_userbundle: id: fos_user.user_manager firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false auth: pattern: (^/login$|^/register|^/resetting) anonymous: true main: pattern: ^/ form_login: provider: fos_userbundle csrf_provider: form.csrf_provider logout: true anonymous: true access_control: - { path: ^/admin, role: ROLE_ADMIN }

Created user with `php app / console fos: user: create sa --super-admin

Modified DefaultController: default.html.twig in Mahok \ SecurityBundle, checking for {% is_granted('ROLE_MODERATOR') %} :

 Hello {{ name }}! {% if is_granted('ROLE_MODERATOR') %} <ul> {% for role in app.user.roles %} <li>{{ role }}</li> {% endfor %} </ul> {% else %} oh noes! {% endif %}

edit: When going to localhost / example / app_dev.php / hello / User (after logging in as "sa"), I get the following output:

 Hello User! * ROLE_SUPER_ADMIN * ROLE_USER

Role_hierarchy with Symfony2

More articles: