bux
/
muzich


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128
							parameters:
    # ... other parameters
    #security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap
    
security:
    providers:
        fos_userbundle:
            id: fos_user.user_manager
    encoders:
        "FOS\UserBundle\Model\UserInterface":
            algorithm: sha512
            encode_as_base64: false
            iterations: 1

    firewalls:
        main:
            pattern:      .*
            form_login:
                provider:       fos_userbundle
                login_path:     index
                use_forward:    false
                check_path:     /login_check
                failure_path:   null
                default_target_path: home
                
            logout:
                path:   /logout
                target: /hello
            anonymous:  ~
            remember_me:
              key:      %secret%
              lifetime: 1209600
              path:     /
              domain:   ~
            
    #role_hierarchy:
      # Attention, pas sur de ces lignes là !
        #ROLE_USER:        ROLE_USER
        #ROLE_ADMIN:       ROLE_ADMIN
        #ROLE_SUPER_ADMIN: ROLE_SUPER_ADMIN
        
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        #ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_SONATA_ADMIN, ROLE_ALLOWED_TO_SWITCH]
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
        
    acl:
        connection: default
        
    ## La en tant qu'exemple, exploiter ça (http://j-place.developpez.com/tutoriels/php/ameliorez-vos-applications-developpees-avec-symfony2/#LVI-A-3)
    access_control:
      
        # PAGES ACCESSIBLES AUX ADMINISTRATEURS
        - { path: ^/admin, role: ROLE_ADMIN }
      
        # AUTRES
        - { path: "^/hello", roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: "^/hello/(?:fr|en)", roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: "^/(?:fr|en)/resetting", roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: "^/change-language/(?:fr|en)", roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: "^/auto-language", roles: IS_AUTHENTICATED_ANONYMOUSLY }
        
                
        - { path: ^/_wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/_profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        
        - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/bundles/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/info/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        
        ## Ouvert pour l'ajax (et le message de redirection en cas de déco)
        - { path: ^/(?:fr|en)/search-elements, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/element, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/follow/user, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/favorite/add, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/favorite/remove, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/element/add, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/search/tag, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/show/user/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/show/group/, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/favoritesajax, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/ajax, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(?:fr|en)/event/view/elements, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/share-from, role: IS_AUTHENTICATED_ANONYMOUSLY }
                                        
        - { path: ^/, roles: ROLE_USER }
        
#        # Liste des pages accessibles à tous les utilisateurs (ne pas toucher)
#        - { path: ^/register$, role: IS_AUTHENTICATED_ANONYMOUSLY }
#        
#        # PAGES ACCESSIBLES AUX ADMINISTRATEURS
#        - { path: ^/myapp/admin/, role: ROLE_ADMIN }
#        
#        # PAGES ACCESSIBLES AUX UTILISATEURS CONNECTES
#        - { path: ^/myapp/change-password, role: ROLE_USER }
#
#        # PAGES ACCESSIBLES À TOUS
#        - { path: ^/myapp.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

#security:
#    firewalls:
#        secured_area:
#            pattern:    ^/
#            anonymous: ~
#            form_login:
#                login_path:  /login
#                check_path:  /login_check
#            logout:
#                path:   /logout
#                target: /hello
#
#    access_control:
#        - { path: ^/admin, roles: ROLE_ADMIN }
#
#    providers:
#        in_memory:
#            users:
#                ryan:  { password: ryanpass, roles: 'ROLE_USER' }
#                admin: { password: kitten, roles: 'ROLE_ADMIN' }
#
#    encoders:
#        Symfony\Component\Security\Core\User\User: plaintext