05/01/2017 - SYMFONY
Aşağıdaki örnek ile doğrulanmış veya login olan kullanıcının gerekli role/ulaşım haklarına sahip olup olmadığını kontrol edebilirsiniz.
Bu sadece bir örnek bu nedenle bir controller yerine, event listener de kullanabilirsiniz.
namespace Application\ServerBundle\Controller;
use Application\ServerBundle\Entity\User;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
/**
* @Route("api", service="application_server.controller.api")
*/
class ApiController extends Controller
{
private $authorization;
public function __construct(
AuthorizationCheckerInterface $authorization
) {
$this->authorization = $authorization;
}
/**
* @param Request $request
*
* @Method({"POST"})
* @Route("")
*
* @return Response
*/
public function indexAction(Request $request)
{
$auth = 'Bad';
if ($this->authorization->isGranted('ROLE_ADMIN')) {
$auth = 'Good';
}
.....
return new Response($auth);
}
}
services:
application_server.controller.api:
class: Application\ServerBundle\Controller\ApiController
arguments:
- @security.authorization_checker