-1

I want only users have ADMIN or ENSEIGNANT roles can access to the admin part but still I get Access Denied even when I authenticate as ENSEIGNANT

role_hierarchy:
    ROLE_ADMIN:      [ROLE_ENSEIGNANT]
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

//...........


access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, roles: [ROLE_ADMIN, ROLE_ENSEIGNANT] }

enter image description here

hous
  • 2,577
  • 2
  • 27
  • 66

1 Answers1

1

I think you are giving an ENSEIGNANT to user not ROLE_ENSEIGNANT, but your access control is checking against ROLE_ENSEIGNANT, that's why you're getting an Access denied exception. Try to change getRoles method to return ROLE_ENSEIGNANT if there's any..

xurshid29
  • 4,172
  • 1
  • 20
  • 25