FOSUserBundle: Setting distinctive roles and authentication URLs based on the roles

Question

How should I modify security.yml in order to achieve this scenario?

SCENARIO:

• mysitessss.com -> student, lecturer and manager can access
• mysitessss.com/admin -> lecturer and manager can access
• mysitessss.com/admin/private -> manager can access

And Which exact command should I run to create respective users?

• Students: php app/console fos:user:create ?????????
• Teachers: php app/console fos:user:create ?????????
• Managers: php app/console fos:user:create ?????????

I read the documentation and this post but I got confused!

routing.yml

home:
    path: /

admin:
    path: /admin

admin_private:
    path: /admin/private

app/config/security.yml

security:
    role_hierarchy:
        ROLE_STUDENT: ?????????
        ROLE_LECTURER: ????????????
        ROLE_MANAGER: ???????

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ????????? }
        - { path: ^/admin, role: ????????? }
        - { path: ^/admin/private, role: ?????????? }

Answer 1

I think your security.yml would looks like this:

security:
    role_hierarchy:
        ROLE_LECTURER: [ROLE_STUDENT]
        ROLE_MANAGER: [ROLE_LECTURER]

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_STUDENT }
        - { path: ^/admin, role: ROLE_LECTURER }
        - { path: ^/admin/private, role: ROLE_MANAGER }

You can create each user and promote roles for them:

$ php app/console fos:user:create student
$ php app/console fos:user:promote student ROLE_STUDENT
$ php app/console fos:user:create lecturer
$ php app/console fos:user:promote lecturer ROLE_LECTURER
# ... etc.