Home Explore Help
Sign In
joker
/
packagist
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f62587831a
Branches Tags
packagist
/
app
/
config
/
security.yml

security.yml 2.1 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. jms_security_extra:
    2. 

  2.     secure_all_services: false
    3. 

  3.     expressions: true
    4. 

  4. 

  5. security:
    6. 

  6.     encoders:
    7. 

  7.         FOS\UserBundle\Model\UserInterface:
    8. 

  8.             algorithm:        sha512
    9. 

  9.             encode_as_base64: false
    10. 

  10.             iterations:       1
    11. 

  11. 

  12.     providers:
    13. 

  13.         packagist:
    14. 

  14.             id: packagist.user_provider
    15. 

  15. 

  16.     firewalls:
    17. 

  17.         main:
    18. 

  18.             pattern:      .*
    19. 

  19.             form_login:
    20. 

  20.                 provider:       packagist
    21. 

  21.                 login_path:     /login
    22. 

  22.                 use_forward:    false
    23. 

  23.                 check_path:     /login_check
    24. 

  24.                 failure_path:   null
    25. 

  25.             remember_me:
    26. 

  26.                 key: %remember_me.secret%
    27. 

  27.                 user_providers: packagist
    28. 

  28.                 name: pauth
    29. 

  29.                 remember_me_parameter: _remember_me
    30. 

  30.                 lifetime: 31104000 # 1y
    31. 

  31.             logout:       true
    32. 

  32.             anonymous:    true
    33. 

  33. 

  34.     access_control:
    35. 

  35.         # The WDT has to be allowed to anonymous users to avoid requiring the login with the AJAX request
    36. 

  36.         - { path: ^/_wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    37. 

  37.         - { path: ^/_profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    38. 

  38.         # AsseticBundle paths used when using the controller for assets
    39. 

  39.         - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    40. 

  40.         - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    41. 

  41.         # URL of FOSUserBundle which need to be available to anonymous users
    42. 

  42.         - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    43. 

  43.         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    44. 

  44.         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    45. 

  45.         # Secured part of the site
    46. 

  46.         # This config requires being logged for the whole site and having the admin role for the admin part.
    47. 

  47.         # Change these rules to adapt them to your needs
    48. 

  48.         - { path: ^/packages/submit$, role: ROLE_USER }
    49. 

  49.         - { path: ^/admin/, role: ROLE_ADMIN }
    50. 

  50. 

  51.     role_hierarchy:
    52. 

  52.         ROLE_UPDATE_PACKAGES: ~
    53. 

  53.         ROLE_DELETE_PACKAGES: ~
    54. 

  54. 

  55.         ROLE_ADMIN:       [ ROLE_USER, ROLE_UPDATE_PACKAGES, ROLE_DELETE_PACKAGES ]
    56. 

  56.         ROLE_SUPERADMIN:  [ ROLE_ADMIN ]
    57.