CODEWITHSUNDEEP
symfonyfosuserbundlerights
Guillaume T.
Guillaume T.

Reputation: 78

FOS UserBundle Access Denied

I'm trying to use FOS UserBundle to manage users on my project.

Here is my security.yml file :

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        in_memory:
            memory:
                users:
                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                    admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
            logout:       true
            anonymous:    true

    access_control:
        #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

I have manually set my user's rights in my controller like below :

public function testGroupsAction( UserInterface $user )
    {
        $user->addRole("ROLE_ADMIN");
        $this->getDoctrine()->getManager()->persist($user);
        $this->getDoctrine()->getManager()->flush();

        echo "<pre>";
        \Doctrine\Common\Util\Debug::dump($user->getRoles());
        echo "</pre>";die;
    }

the $user->getRoles() function returns me an array with all my user's roles :

array (size=3)
  0 => string 'ROLE_SUPER_ADMIN' (length=16)
  1 => string 'ROLE_ADMIN' (length=10)
  2 => string 'ROLE_USER' (length=9)

(ROLE_SUPER_ADMIN has been added during my tests)

However when i try to reach a route like "/admin/my/route"n i've got a 403 access forbidden.

Any idea why Symfony doesn't want my user to access admin pages?

Edit :

When i look in the profiler, the user only has [ROLE_USER]...

Thank you.

Upvotes: 0

Views: 2433

Answers (1)

Guillaume T.
Guillaume T.

Reputation: 78

I finally got it working.

Thanks to Zizoujab, I tried FOSUserBundle's commands to promote a user :

> php app/console fos:user:promote myUser

It worked perfectly well. However, as I have no ssh access nor any other command line tool on my server, i needed to do it via PHP code.

So i went to the Command code FOS\UserBundle\Command\PromoteUserCommand which uses the FOS\UserBundle\Util\UserManipulator to do actions on the user.

So if you want to modify your User directly in your controller, you can use it, but I don't know if it is the best way to do it. Just call it via your container like this :

/**
 * @Route("/user/{id}", name="test_user")
 * @ParamConverter("user" , class="MyBundle:User")
 */
public function testUserAction( UserInterface $user )
{
    $userManipulator = $this->container->get("fos_user.util.user_manipulator");
    $userManipulator->addRole($user,'ROLE_ADMIN');

    return new Response();
}

Hope it helps.

Upvotes: 2

Related Questions