| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152 |
- #parameters:
- # ... other parameters
- #security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap
-
- security:
- providers:
- fos_userbundle:
- id: fos_user.user_provider.username_email
- my_facebook_provider:
- id: my_user.facebook_provider
- encoders:
- "FOS\UserBundle\Model\UserInterface":
- algorithm: sha512
- encode_as_base64: false
- iterations: 10
-
- firewalls:
- main:
- pattern: .*
- form_login:
- provider: fos_userbundle
- login_path: home_login
- use_forward: false
- check_path: /login_check
- failure_path: null
- default_target_path: home
- success_handler: muzich.security.authentication.success_handler
- failure_handler: muzich.security.authentication.failure_handler
- fos_facebook:
- app_url: "%api_facebook_name%"
- server_url: "%api_facebook_server%"
- check_path: /login_facebook_check
- provider: my_facebook_provider
-
- logout:
- path: /logout
- target: /
- anonymous: ~
- remember_me:
- key: %secret%
- lifetime: 16070400
- path: /
- domain: ~
-
- #role_hierarchy:
- # Attention, pas sur de ces lignes là !
- #ROLE_USER: ROLE_USER
- #ROLE_ADMIN: ROLE_ADMIN
- #ROLE_SUPER_ADMIN: ROLE_SUPER_ADMIN
-
- role_hierarchy:
- ROLE_ADMIN: ROLE_USER
- #ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_SONATA_ADMIN, ROLE_ALLOWED_TO_SWITCH]
- ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
-
- acl:
- connection: default
-
- ## La en tant qu'exemple, exploiter ça (http://j-place.developpez.com/tutoriels/php/ameliorez-vos-applications-developpees-avec-symfony2/#LVI-A-3)
- access_control:
-
- # PAGES ACCESSIBLES AUX ADMINISTRATEURS
- - { path: ^/admin, role: ROLE_ADMIN }
-
- # AUTRES
- - { path: "^/hello", roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: "^/hello/(?:fr|en)", roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: "^/(?:fr|en)/resetting", roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: "^/change-language/(?:fr|en)", roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: "^/auto-language", roles: IS_AUTHENTICATED_ANONYMOUSLY }
-
-
- - { path: ^/_wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/_profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY }
-
- - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/bundles/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/info/, role: IS_AUTHENTICATED_ANONYMOUSLY }
-
- - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
-
- ## Ouvert pour l'ajax (et le message de redirection en cas de déco)
- - { path: ^/(?:fr|en)/search-elements, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/element, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/follow/user, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/favorite/add, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/favorite/remove, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/element/add, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/search/tag, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/show/user/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/show/group/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/favoritesajax, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/ajax, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/event/view/elements, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/test-error, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/share-from, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/element/share/from, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/account/email/confirm/, role: IS_AUTHENTICATED_ANONYMOUSLY }
-
- ## New public roads for visitors
- - { path: ^/(?:fr|en)$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/user, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/group, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/search, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/playlist, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/my-groups/add, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/(?:fr|en)/song, role: IS_AUTHENTICATED_ANONYMOUSLY }
-
- - { path: ^/, roles: ROLE_USER }
-
- # # Liste des pages accessibles à tous les utilisateurs (ne pas toucher)
- # - { path: ^/register$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- #
- # # PAGES ACCESSIBLES AUX ADMINISTRATEURS
- # - { path: ^/myapp/admin/, role: ROLE_ADMIN }
- #
- # # PAGES ACCESSIBLES AUX UTILISATEURS CONNECTES
- # - { path: ^/myapp/change-password, role: ROLE_USER }
- #
- # # PAGES ACCESSIBLES À TOUS
- # - { path: ^/myapp.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
-
- #security:
- # firewalls:
- # secured_area:
- # pattern: ^/
- # anonymous: ~
- # form_login:
- # login_path: /login
- # check_path: /login_check
- # logout:
- # path: /logout
- # target: /hello
- #
- # access_control:
- # - { path: ^/admin, roles: ROLE_ADMIN }
- #
- # providers:
- # in_memory:
- # users:
- # ryan: { password: ryanpass, roles: 'ROLE_USER' }
- # admin: { password: kitten, roles: 'ROLE_ADMIN' }
- #
- # encoders:
- # Symfony\Component\Security\Core\User\User: plaintext
|
