app/config/security.yml
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
FOS\UserBundle\Model\UserInterface:
algorithm: pbkdf2
hash_algorithm: sha512
encode_as_base64: false
iterations: 1000
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
switch_user: false
fos_oauth: true
anonymous: true
logout:
path: /logout
delete_cookies: ~
invalidate_session: true
success_handler: api.oauth_logout_success
anonymous: false
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
anonymous: true
l10n:
pattern: ^/l10n
fos_oauth: true
security: true
api:
pattern: ^/api
fos_oauth: true
anonymous: true
# stateless: true
# wsse_secured:
# pattern: ^/api
# stateless: false
# wsse: true
# anonymous : false
# wsse: { lifetime: 30}
access_control:
- { path: ^/api/user/manage/, roles: ROLE_ADMIN }
- { path: ^/l10n/admin, roles: ROLE_ADMIN }
- { path: ^/l10n/manage/langs, roles: IS_AUTHENTICATED_ANONYMOUSLY, methods: [GET]}
- { path: ^/l10n/manage/langs, roles: ROLE_ADMIN, methods: [POST, PUT, DELETE]}
- { path: ^/form/protocol/forms, roles: ROLE_ADMIN, methods: [GET]}
- { path: ^/form/manage/list/all, roles: IS_AUTHENTICATED_ANONYMOUSLY, methods: [GET]}
- { path: ^/form/manage, roles: ROLE_ADMIN, methods: [GET]}
- { path: ^/api/user/info, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/logout$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/profile, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: IS_AUTHENTICATED_ANONYMOUSLY }