I want to show a certain div if the user has ROLE_ADMIN attributed to him. In the database, the user has the roles ROLE_ADMIN and ROLE_USER:
a:1:{i:0;s:10:"ROLE_ADMIN";}
However, when I use the following code, the user is not granted permission and the div is not shown:
{% if is_granted('ROLE_ADMIN') %}
<div class="settings">...</div>
{% endif %}
The div is shown if I use is_granted('ROLE_USER') instead.
A Twig dump shows me that the user indeed has both roles attributed to him.
Any ideas as to why this code doesn't work as expected?
Extra code info:
security.yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_ADMIN
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
login_path: /login
check_path: /login_check
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
login_path: /login
failure_path: /login
oauth_user_provider:
service: my_user_provider
logout: true
anonymous: true
login:
pattern: ^/login$
security: false
remember_me:
secret: "%env(APP_SECRET)%"
always_remember_me: true
path: /
domain: ~
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
The getRoles() functionality is handled via the User entity from FOSUserBundle:
public function getRoles()
{
$roles = $this->roles;
foreach ($this->getGroups() as $group) {
$roles = array_merge($roles, $group->getRoles());
}
// we need to make sure to have at least one role
$roles[] = static::ROLE_DEFAULT;
return array_unique($roles);
}
