70 lines
2.6 KiB
YAML
70 lines
2.6 KiB
YAML
jms_security_extra:
|
|
secure_all_services: false
|
|
expressions: true
|
|
|
|
security:
|
|
firewalls:
|
|
dev:
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
|
security: false
|
|
|
|
providers:
|
|
fos_userbundle:
|
|
id: fos_user.user_provider.username
|
|
|
|
encoders:
|
|
FOS\UserBundle\Model\UserInterface: sha512
|
|
|
|
firewalls:
|
|
# -> firewall for the frontend area of the URL
|
|
default:
|
|
pattern: ^/(?!admin)
|
|
anonymous: true
|
|
switch_user: false
|
|
# -> end custom configuration
|
|
|
|
# -> firewall for the admin area of the URL
|
|
admin:
|
|
pattern: ^/admin(.*)
|
|
form_login:
|
|
provider: fos_userbundle
|
|
csrf_provider: form.csrf_provider
|
|
default_target_path: /admin
|
|
login_path: /admin/login
|
|
check_path: /admin/login_check
|
|
use_forward: true
|
|
use_referer: true
|
|
# -> handler for ajax authentication
|
|
success_handler: trinity.authentication.success_handler
|
|
failure_handler: trinity.authentication.failure_handler
|
|
logout:
|
|
path: /admin/logout
|
|
target: /admin/
|
|
anonymous: true
|
|
switch_user: true
|
|
remember_me:
|
|
key: "%secret%"
|
|
lifetime: 31536000 # 365 days in seconds
|
|
path: /
|
|
domain: ~ # Defaults to the current domain from $_SERVER
|
|
# -> end custom configuration
|
|
access_control:
|
|
# - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
# - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
# - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
|
|
# -> Secured admin area
|
|
- { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/admin/xhr_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/admin/cms/navigation, role: ROLE_BO_USER }
|
|
- { path: ^/admin/cms/menu, role: ROLE_BO_USER }
|
|
- { path: ^/admin/group, role: ROLE_BO_USER }
|
|
- { path: ^/admin/, role: ROLE_BO_USER }
|
|
# -> end
|
|
|
|
role_hierarchy:
|
|
ROLE_BO_USER: [ROLE_USER]
|
|
ROLE_SUPER_ADMIN: [ROLE_BO_USER]
|