问题
I have a security.yaml like this:
        api_documentary:
            pattern:    ^/api/v1/documentary
            fos_oauth:  true
            stateless:  false
            methods: [POST, PUT, DELETE]
        - { path: ^/api/v1/documentary, roles: IS_AUTHENTICATED_ANONYMOUSLY }
I want the firewall to be on (accessed by access token) on the following routes ^/api/v1/documentary POST, PUT, DELETE
I want the firewall to be off on the routes: GET and GET ALL
If I exclude GET from methods: [] above I can access them publicly, however something weird happens:
The isGranted doesn't work, even though the user has the following roles [ROLE_USER, ROLE_ADMIN] it doesn't seem to notice.
if (!$this->isGranted('ROLE_ADMIN')) {
            return new JsonResponse("Not granted");
        }
If I add to api_documentary: 
methods: [GET, POST, PUT, DELETE]
isGranted works but the GET method will no longer be public.
来源:https://stackoverflow.com/questions/57418830/symfony-isgrantedrole-admin-not-working-properly