Symfony isGranted(“ROLE_ADMIN”) not working properly

久未见 提交于 2019-12-11 06:06:16

问题


I have a security.yaml like this:


        api_documentary:
            pattern:    ^/api/v1/documentary
            fos_oauth:  true
            stateless:  false
            methods: [POST, PUT, DELETE]

        - { path: ^/api/v1/documentary, roles: IS_AUTHENTICATED_ANONYMOUSLY }

I want the firewall to be on (accessed by access token) on the following routes ^/api/v1/documentary POST, PUT, DELETE

I want the firewall to be off on the routes: GET and GET ALL

If I exclude GET from methods: [] above I can access them publicly, however something weird happens:

The isGranted doesn't work, even though the user has the following roles [ROLE_USER, ROLE_ADMIN] it doesn't seem to notice.

if (!$this->isGranted('ROLE_ADMIN')) {
            return new JsonResponse("Not granted");
        }

If I add to api_documentary:

methods: [GET, POST, PUT, DELETE]

isGranted works but the GET method will no longer be public.

来源:https://stackoverflow.com/questions/57418830/symfony-isgrantedrole-admin-not-working-properly

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!