· 8 years ago · Jan 03, 2017, 10:34 AM
1ecurity:
2 # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
3 encoders:
4 FOS\UserBundle\Model\UserInterface: sha512
5
6 # http://symfony.com/doc/current/book/security.html#hierarchical-roles
7 role_hierarchy:
8 ROLE_STD_USER: ROLE_USER
9 ROLE_STAFF: ROLE_USER
10 ROLE_ADMIN: [ROLE_USER, ROLE_SUPER_ADMIN, ROLE_SONATA_ADMIN, ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT, ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT]
11 ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
12
13 # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
14 providers:
15 fos_userbundle:
16 id: fos_user.user_provider.username_email
17
18 # the main part of the security, where you can set up firewalls
19 # for specific sections of your app
20 firewalls:
21 oauth_token:
22 pattern: ^/oauth/v2/token
23 security: false
24
25
26 oauth_authorize:
27 pattern: ^/oauth/v2/auth
28 form_login:
29 provider: fos_userbundle
30 check_path: /oauth/v2/auth
31 login_path: /oauth/v2/auth
32 anonymous: true
33 context: test_connect
34
35 api:
36 pattern: ^/api
37 fos_oauth: true
38 stateless: true
39 anonymous: false
40
41
42# main:
43# pattern: ^/
44# form_login:
45# provider: fos_userbundle
46# check_path: /login_check
47# login_path: /login
48# default_target_path: ct_free_panel_logged_in
49# logout:
50# path: /logout
51# target: /login
52## anonymous: ~
53
54
55
56 # with these settings you can restrict or allow access for different parts
57 # of your application based on roles, ip, host or methods
58 # http://symfony.com/doc/current/cookbook/security/access_control.html
59 access_control:
60# - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
61 - { path: ^/admin, roles: ROLE_ADMIN }
62 - { path: /my/, roles: IS_AUTHENTICATED_FULLY }
63 - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }