Can I protect the entire controller in Symfony 2?

Question

Can I protect the entire controller in Symfony 2?

I use JMSSecurityExtra for security in my controller. But is there a way to protect the entire controller with @Secure ?

+2

php symfony jms

user825904 Aug 17 '12 at 2:59

source share

2 answers

This annotation can only be applied to methods.

You could do it like this though (this is a regex):

 jms_security_extra: method_access_control: 'AcmeDemoBundle:AdminController:.*Action': 'hasRole("ROLE_ADMIN")'

Read the documentation: http://jmsyst.com/bundles/JMSSecurityExtraBundle/master/method_security_authorization

+1

Adrienbrault Aug 17 '12 at 6:31

source share

user825904 · Accepted Answer · 2012-08-17T06:54:56+0000

This can be done according to Documentaion.

https://github.com/schmittjoh/JMSSecurityExtraBundle/issues/50

Tip. If you like to protect all controller actions with the same rule, you can also specify @PreAuthorize for the class itself. precaution though this rule applies only to methods that are declared in the class.

 use JMS\SecurityExtraBundle\Annotation\PreAuthorize; /** @PreAuthorize("hasRole('A') or (hasRole('B') and hasRole('C'))") */ class MyService { public function secureMethod() { // ... } }

Can I protect the entire controller in Symfony 2?

More articles: