You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
92 lines
3.4 KiB
92 lines
3.4 KiB
security:
|
|
encoders:
|
|
FOS\UserBundle\Model\UserInterface:
|
|
id: chamilo.userbundle.encoder
|
|
|
|
role_hierarchy:
|
|
ROLE_SONATA_ADMIN: ROLE_USER
|
|
ROLE_ADMIN:
|
|
- ROLE_SONATA_ADMIN
|
|
- ROLE_QUESTION_MANAGER
|
|
- ROLE_SESSION_MANAGER
|
|
- ROLE_TEACHER
|
|
- ROLE_DIRECTOR
|
|
- ROLE_JURY_PRESIDENT
|
|
ROLE_SUPER_ADMIN: [ROLE_SONATA_ADMIN, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
|
|
|
|
ROLE_GLOBAL_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
|
|
|
|
ROLE_RRHH: [ROLE_TEACHER]
|
|
ROLE_TEACHER: [ROLE_STUDENT]
|
|
ROLE_QUESTION_MANAGER: [ROLE_STUDENT, ROLE_QUESTION_MANAGER]
|
|
ROLE_SESSION_MANAGER: [ROLE_STUDENT, ROLE_SESSION_MANAGER, ROLE_ALLOWED_TO_SWITCH]
|
|
ROLE_STUDENT: [ROLE_STUDENT]
|
|
ROLE_ANONYMOUS: [ROLE_ANONYMOUS]
|
|
|
|
access_decision_manager:
|
|
strategy: unanimous
|
|
|
|
providers:
|
|
fos_userbundle:
|
|
id: fos_user.user_manager
|
|
firewalls:
|
|
dev:
|
|
pattern: ^/(_(profiler|wdt)|css|images|js|admin/_(wdt|profiler)|api/_(wdt|profiler))/
|
|
security: false
|
|
|
|
install:
|
|
pattern: ^/installer
|
|
security: false
|
|
anonymous: true
|
|
|
|
admin:
|
|
pattern: /administration(.*)
|
|
context: user
|
|
form_login:
|
|
provider: fos_userbundle
|
|
login_path: /administration/login
|
|
use_forward: false
|
|
check_path: /administration/login_check
|
|
failure_path: null
|
|
logout:
|
|
path: /administration/logout
|
|
anonymous: false
|
|
|
|
main:
|
|
pattern: .*
|
|
context: user
|
|
form_login:
|
|
provider: fos_userbundle
|
|
login_path: /login
|
|
use_forward: false
|
|
check_path: /login_check
|
|
failure_path: null
|
|
success_handler: listener.login_success_handler
|
|
logout:
|
|
path: /logout
|
|
target: /
|
|
success_handler: listener.logout_success_handler
|
|
invalidate_session: false
|
|
handlers: ['sonata.page.cms_manager_selector']
|
|
anonymous: true
|
|
|
|
access_control:
|
|
# URL of FOSUserBundle which need to be available to anonymous users
|
|
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
|
|
# Admin login page needs to be access without credential
|
|
- { path: ^/administration/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/administration/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
- { path: ^/administration/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
|
|
# Secured part of the site
|
|
# This config requires being logged for the whole site and having the admin role for the admin part.
|
|
# Change these rules to adapt them to your needs
|
|
- { path: ^/administration/, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN] }
|
|
- { path: ^/profile/, role: IS_AUTHENTICATED_FULLY }
|
|
- { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
|
|
acl:
|
|
connection: default
|
|
|