php - Inherit @IsGranted("ROLE_ADMIN") from parent route or controller
问题描述
I have a controller AdminController, which has a route of /admin. I'm securing access to it using @IsGranted("ROLE_ADMIN").
My idea was that the controller template would link to another controller i.e UserController.
So UserController would have a route of /admin/user which I'd also like to secure for only ROLE_ADMIN users.
Is there a way I can indicate to UserController to inherit the same restrictions as AdminController?
AdminController:
<?php
namespace App\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Routing\Annotation\Route;
class AdminController extends AbstractController
{
/**
* @Route("/admin", name="admin")
* @IsGranted("ROLE_ADMIN")
*/
public function index()
{
return $this->render('admin/index.html.twig', [
'controller_name' => 'AdminController',
]);
}
}
UserController:
<?php
namespace App\Controller;
use App\Entity\User;
use App\Form\UserType;
use App\Repository\UserRepository;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
/**
* @Route("/admin/user")
*/
class UserController extends AbstractController
{
/**
* @Route("/", name="user_index", methods={"GET"})
*/
public function index(UserRepository $userRepository): Response
{
return $this->render('user/index.html.twig', [
'users' => $userRepository->findAll(),
]);
}
/**
* @Route("/new", name="user_new", methods={"GET","POST"})
*/
public function new(Request $request): Response
{
$user = new User();
$form = $this->createForm(UserType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($user);
$entityManager->flush();
return $this->redirectToRoute('user_index');
}
return $this->render('user/new.html.twig', [
'user' => $user,
'form' => $form->createView(),
]);
}
/**
* @Route("/{id}", name="user_show", methods={"GET"})
*/
public function show(User $user): Response
{
return $this->render('user/show.html.twig', [
'user' => $user,
]);
}
/**
* @Route("/{id}/edit", name="user_edit", methods={"GET","POST"})
*/
public function edit(Request $request, User $user): Response
{
$form = $this->createForm(UserType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$this->getDoctrine()->getManager()->flush();
return $this->redirectToRoute('user_index');
}
return $this->render('user/edit.html.twig', [
'user' => $user,
'form' => $form->createView(),
]);
}
/**
* @Route("/{id}", name="user_delete", methods={"DELETE"})
*/
public function delete(Request $request, User $user): Response
{
if ($this->isCsrfTokenValid('delete'.$user->getId(), $request->request->get('_token'))) {
$entityManager = $this->getDoctrine()->getManager();
$entityManager->remove($user);
$entityManager->flush();
}
return $this->redirectToRoute('user_index');
}
}
解决方案
推荐阅读
- awk - 引用字段并为该字段分配一些逻辑
- python - 删除熊猫数据框中带零的行
- image - 如何在 Flutter 中通过用户拖动移动或基于卡片边缘自动旋转卡片图像
- php - 如何在没有键的情况下使用 PHP 获取内部数组值
- api - 调用涂鸦智能API,调用接口报错码:1106,权限被拒绝,如何解决?
- python-sphinx - 如何链接 reStructuredText 中的重复目标?
- python - Locust-重复用户列表
- python - amazon iam 在 boto3 中获得内联政策声明
- sql - 如何计算所有行的中位数?
- django - 使用本地包在 Microsoft Azure 上部署 Django 应用