| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- security:
- providers:
- packagist:
- id: packagist.user_provider
- firewalls:
- main:
- pattern: .*
- form_login:
- provider: packagist
- login_path: /login
- use_forward: false
- check_path: /login_check
- failure_path: null
- remember_me:
- key: %remember_me.secret%
- user_providers: packagist
- name: pauth
- remember_me_parameter: _remember_me
- lifetime: 31104000 # 1y
- logout: true
- anonymous: true
- access_control:
- # The WDT has to be allowed to anonymous users to avoid requiring the login with the AJAX request
- - { path: ^/_wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/_profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # AsseticBundle paths used when using the controller for assets
- - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # URL of FOSUserBundle which need to be available to anonymous users
- - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # Secured part of the site
- # This config requires being logged for the whole site and having the admin role for the admin part.
- # Change these rules to adapt them to your needs
- - { path: ^/packages/submit$, role: ROLE_USER }
- - { path: ^/admin/, role: ROLE_ADMIN }
- role_hierarchy:
- ROLE_UPDATE_PACKAGES: ~
- ROLE_DELETE_PACKAGES: ~
- ROLE_ADMIN: [ ROLE_USER, ROLE_UPDATE_PACKAGES, ROLE_DELETE_PACKAGES ]
- ROLE_SUPERADMIN: [ ROLE_ADMIN ]
|
