parameters: # ... other parameters #security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap security: providers: fos_userbundle: id: fos_user.user_manager encoders: "FOS\UserBundle\Model\UserInterface": algorithm: sha512 encode_as_base64: false iterations: 1 firewalls: main: pattern: .* form_login: provider: fos_userbundle login_path: index use_forward: false check_path: /login_check failure_path: null default_target_path: home logout: path: /logout target: /hello anonymous: ~ remember_me: key: %secret% lifetime: 1209600 path: / domain: ~ #role_hierarchy: # Attention, pas sur de ces lignes là ! #ROLE_USER: ROLE_USER #ROLE_ADMIN: ROLE_ADMIN #ROLE_SUPER_ADMIN: ROLE_SUPER_ADMIN role_hierarchy: ROLE_ADMIN: ROLE_USER #ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_SONATA_ADMIN, ROLE_ALLOWED_TO_SWITCH] ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] acl: connection: default ## La en tant qu'exemple, exploiter ça (http://j-place.developpez.com/tutoriels/php/ameliorez-vos-applications-developpees-avec-symfony2/#LVI-A-3) access_control: # PAGES ACCESSIBLES AUX ADMINISTRATEURS - { path: ^/admin, role: ROLE_ADMIN } # AUTRES - { path: "^/hello", roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: "^/hello/(?:fr|en)", roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/register, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: "^/(?:fr|en)/resetting", roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: "^/change-language/(?:fr|en)", roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: "^/auto-language", roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/_wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/_profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/bundles/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/info/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY } ## Ouvert pour l'ajax (et le message de redirection en cas de déco) - { path: ^/(?:fr|en)/search-elements, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/element, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/follow/user, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/favorite/add, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/favorite/remove, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/element/add, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/search/tag, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/show/user/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/show/group/, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/favoritesajax, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/ajax, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(?:fr|en)/event/view/elements, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/share-from, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, roles: ROLE_USER } # # Liste des pages accessibles à tous les utilisateurs (ne pas toucher) # - { path: ^/register$, role: IS_AUTHENTICATED_ANONYMOUSLY } # # # PAGES ACCESSIBLES AUX ADMINISTRATEURS # - { path: ^/myapp/admin/, role: ROLE_ADMIN } # # # PAGES ACCESSIBLES AUX UTILISATEURS CONNECTES # - { path: ^/myapp/change-password, role: ROLE_USER } # # # PAGES ACCESSIBLES À TOUS # - { path: ^/myapp.*, role: IS_AUTHENTICATED_ANONYMOUSLY } #security: # firewalls: # secured_area: # pattern: ^/ # anonymous: ~ # form_login: # login_path: /login # check_path: /login_check # logout: # path: /logout # target: /hello # # access_control: # - { path: ^/admin, roles: ROLE_ADMIN } # # providers: # in_memory: # users: # ryan: { password: ryanpass, roles: 'ROLE_USER' } # admin: { password: kitten, roles: 'ROLE_ADMIN' } # # encoders: # Symfony\Component\Security\Core\User\User: plaintext