我有一个控制器AdminController
,其路由为/admin
。我正在使用@IsGranted("ROLE_ADMIN")
保护对它的访问。
我的想法是控制器模板将链接到另一个控制器,即UserController
。
因此UserController
的路由为/admin/user
,我也只想为ROLE_ADMIN
个用户提供保护。
我是否可以指示UserController
继承与AdminController
相同的限制?
AdminController
:
<?php
namespace App\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Routing\Annotation\Route;
class AdminController extends AbstractController
{
/**
* @Route("/admin", name="admin")
* @IsGranted("ROLE_ADMIN")
*/
public function index()
{
return $this->render('admin/index.html.twig', [
'controller_name' => 'AdminController',
]);
}
}
UserController
:
<?php
namespace App\Controller;
use App\Entity\User;
use App\Form\UserType;
use App\Repository\UserRepository;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
/**
* @Route("/admin/user")
*/
class UserController extends AbstractController
{
/**
* @Route("/", name="user_index", methods={"GET"})
*/
public function index(UserRepository $userRepository): Response
{
return $this->render('user/index.html.twig', [
'users' => $userRepository->findAll(),
]);
}
/**
* @Route("/new", name="user_new", methods={"GET","POST"})
*/
public function new(Request $request): Response
{
$user = new User();
$form = $this->createForm(UserType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($user);
$entityManager->flush();
return $this->redirectToRoute('user_index');
}
return $this->render('user/new.html.twig', [
'user' => $user,
'form' => $form->createView(),
]);
}
/**
* @Route("/{id}", name="user_show", methods={"GET"})
*/
public function show(User $user): Response
{
return $this->render('user/show.html.twig', [
'user' => $user,
]);
}
/**
* @Route("/{id}/edit", name="user_edit", methods={"GET","POST"})
*/
public function edit(Request $request, User $user): Response
{
$form = $this->createForm(UserType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$this->getDoctrine()->getManager()->flush();
return $this->redirectToRoute('user_index');
}
return $this->render('user/edit.html.twig', [
'user' => $user,
'form' => $form->createView(),
]);
}
/**
* @Route("/{id}", name="user_delete", methods={"DELETE"})
*/
public function delete(Request $request, User $user): Response
{
if ($this->isCsrfTokenValid('delete'.$user->getId(), $request->request->get('_token'))) {
$entityManager = $this->getDoctrine()->getManager();
$entityManager->remove($user);
$entityManager->flush();
}
return $this->redirectToRoute('user_index');
}
}