roles and access_control fosuserbundle

Question

I'm working with FOSUserBundle, and now I'm trying the roles and access control.

I tried to create a new role, change the role of one of my user, then access a page with restricted access.

security.yml :

security:
    encoders:
        FN\UserBundle\Entity\User: sha512

    role_hierarchy:
        ROLE_USER_CONFIRMED:    ROLE_USER
        ROLE_ADMIN:             [ROLE_USER, ROLE_USER_CONFIRMED]
        ROLE_SUPER_ADMIN:       [ROLE_USER, ROLE_USER_CONFIRMED, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        main:
            id: fos_user.user_provider.username

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main_login:
            pattern: ^/login$
            anonymous: true

        main:
            pattern: ^/
            anonymous: true
            provider: main
            form_login:
                login_path: fos_user_security_login
                check_path: fos_user_security_check
                always_use_default_target_path: false
                default_target_path:            /client/home
                target_path_parameter:          _target_path
                use_referer:                    false
            logout:
                path:       fos_user_security_logout
                target:     /home
            remember_me:
                key:        %secret%

    access_control:
        - { path: ^/client, roles: ROLE_USER_CONFIRMED }
        - { path: ^/admin, roles: ROLE_ADMIN }

I changed the roles of my user with $user->setRoles(array('ROLE_USER_CONFIRMED'));

In my database, user's role changed well, but when I click on the user in the FOSUserBundle toolbar, my user stay in ROLE_USER. and when I go on the page : "xxx/client/home", I have an ACCESS DENIED page.

Have you an idea of why the role is well changed in my database, but I can't open the page ?

roles and access_control fosuserbundle

Answers (1)

Related Questions