问题
I'm trying to secure some admin in SonataAdminBundle
I add SonataUserBundle with fosUserBundle for login. So I can add users, groups and roles
in security.yml
role_hierarchy:
ROLE_ADMIN: ROLE_ADMIN
ROLE_IT: ROLE_IT
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_IT]
access_control:
- { path: ^/sonata/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/sonata/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/sonata/login-check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/sonata, role: [ROLE_ADMIN] }
- { path: ^/sonata/api/monolog, role: [ROLE_IT] }
I have to be connected to access Sonata
But every user can access the route /sonata/api/monolog even if they don't have ROLE_IT
How can I securize an Admin And how can I only display the link if the user can acces to it
回答1:
Use acl as the security handler.
Resources: SonataAdminBundle Security
回答2:
The Admin user must have all roles in active security token.
If you do not have all the roles in the current state, then you should activate memory security provider and specify your account with all roles and reauth.
来源:https://stackoverflow.com/questions/10911188/sonataadminbundle-security-roles