我只需要为登录的用户"关闭"我的应用程序(与角色无关(,所以我已经将access_control设置为:
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: IS_AUTHENTICATED_FULLY }
- { path: ^/admin, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] }
但我仍然可以作为访客进入^/或任何其他页面(除了admin(。什么不好?这是我的防火墙:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
anonymous: ~
guard:
authenticators:
- AppSecurityLoginFormAuthenticator
logout:
path: app_logout
请尝试以下操作:
access_control:
- { path: ^/(register|login)?$, roles: IS_AUTHENTICATED_ANONYMOUSLY}
- { path: ^/?$, roles: ROLE_USER}
确保您拥有并订购了角色和访问控制,如:
security:
## Previous parameters
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
在firewalls部分
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/ #The most important in your case
logout: true
anonymous: true
然后在access_control部分,你可以这样做:
access_control:
#LOGIN
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/forgot-password, role: IS_AUTHENTICATED_ANONYMOUSLY }
#Default
- { path: ^/, role: ROLE_AGENT }