问题
I want to deny the access for a defined route, to members that has a flag set to true in the database. So for example, I could add a starting condition to each action like:
if ( $this->getUser()->HasPowers() ) {
throw new AccessDeniedException;
}
but there are too many actions and different controllers that match routes to be denied.
So I'm thinking about creating a new route(repeated) which will execute that action(deny if it has to do so), before any other action. Is it possible?
回答1:
Before filter should do the trick. Please read documentation: Before filters with the kernel.controller Event.
If you have a lot of routes/controllers or you don't like implement interfaces you could simply implement event listener for kernel.request event:
# app/config/config.yml
services:
before_controller.listener:
class: Acme\DemoBundle\EventListener\BeforeController
calls:
- [ setSecurityContext, [ "@security.context" ]]
- [ setRouter, [ "@router" ]]
tags:
- { name: kernel.event_listener, event: kernel.request, method: onKernelRequest }
Next, implement listener:
# src\Acme\DemoBundle\EventListener;
namespace Acme\DemoBundle\EventListener;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Bundle\FrameworkBundle\Routing\Router;
use Symfony\Component\Security\Core\SecurityContext;
class BeforeController {
protected $securityContext;
protected $router;
public function setRouter(Router $router){
$this->router = $router;
}
public function setSecurityContext(SecurityContext $securityContext){
$this->securityContext = $securityContext;
}
public function onKernelRequest(GetResponseEvent $event){
if (!$this->securityContext->getToken()) {
return;
}
$isUser = $this->securityContext->isGranted('ROLE_USER');
if (!$isUser) {
return;
}
$user = $this->securityContext->getToken()->getUser();
if ($user->hasSomeFlag()) {
$redirectUrl = $this->router->generate('some_route');
$event->setResponse(new RedirectResponse($redirectUrl));
}
}
}
回答2:
I had the same kind of problem but I don't think a different route is the right solution. Have a look at this solution proposed by Matt Drollette:
https://matt.drollette.com/2012/06/calling-a-method-before-every-controller-action-in-symfony2/
It was a perfect fit for me. Basically you create a controller interface that calls a specific method before every other action, and then implement this interface in all the controllers where you need to check if the user hasPowers().
来源:https://stackoverflow.com/questions/22380905/add-a-conditional-exception-for-a-defined-route