84 lines
2.7 KiB
YAML
84 lines
2.7 KiB
YAML
security:
|
|
password_hashers:
|
|
App\Entity\User:
|
|
algorithm: auto
|
|
|
|
providers:
|
|
app_user_provider:
|
|
entity:
|
|
class: App\Entity\User
|
|
property: email
|
|
|
|
firewalls:
|
|
|
|
# Admin area: same user provider, separate /admin route space.
|
|
admin:
|
|
pattern: ^/admin
|
|
lazy: true
|
|
provider: app_user_provider
|
|
user_checker: App\Security\ActiveUserChecker
|
|
context: retriex_user_area
|
|
|
|
form_login:
|
|
login_path: admin_login
|
|
check_path: admin_login
|
|
default_target_path: admin_dashboard
|
|
|
|
logout:
|
|
path: admin_logout
|
|
target: admin_login
|
|
|
|
remember_me:
|
|
secret: '%kernel.secret%'
|
|
lifetime: 604800
|
|
path: /admin
|
|
|
|
# Chat area: same user provider, separate route space and role gate.
|
|
chat:
|
|
pattern: ^/(?:$|chat(?:/|$)|ask-jobs(?:/|$)|ask-sse(?:/|$)|history(?:/|$)|chat-messages/frontend$)
|
|
lazy: true
|
|
provider: app_user_provider
|
|
user_checker: App\Security\ActiveUserChecker
|
|
context: retriex_user_area
|
|
|
|
form_login:
|
|
login_path: chat_login
|
|
check_path: chat_login
|
|
default_target_path: chat_index
|
|
|
|
logout:
|
|
path: chat_logout
|
|
target: chat_login
|
|
|
|
remember_me:
|
|
secret: '%kernel.secret%'
|
|
lifetime: 604800
|
|
path: /
|
|
|
|
# Everything outside Admin and Chat remains public/static.
|
|
main:
|
|
pattern: ^/
|
|
security: false
|
|
|
|
role_hierarchy:
|
|
ROLE_SUPER_ADMIN: [ROLE_KNOWLEDGE_ADMIN, ROLE_EDITOR, ROLE_ADMIN_AREA, ROLE_CHAT_USER, ROLE_USER]
|
|
ROLE_KNOWLEDGE_ADMIN: [ROLE_EDITOR, ROLE_ADMIN_AREA, ROLE_CHAT_USER, ROLE_USER]
|
|
ROLE_EDITOR: [ROLE_ADMIN_AREA, ROLE_CHAT_USER, ROLE_USER]
|
|
ROLE_ADMIN_AREA: [ROLE_USER]
|
|
ROLE_CHAT_USER: [ROLE_USER]
|
|
|
|
access_control:
|
|
- { path: ^/admin/login$, roles: PUBLIC_ACCESS }
|
|
- { path: ^/admin/logout$, roles: PUBLIC_ACCESS }
|
|
- { path: ^/admin/users, roles: ROLE_SUPER_ADMIN }
|
|
- { path: ^/admin, roles: ROLE_ADMIN_AREA }
|
|
|
|
- { path: ^/chat/login$, roles: PUBLIC_ACCESS }
|
|
- { path: ^/chat/logout$, roles: PUBLIC_ACCESS }
|
|
- { path: ^/$, roles: ROLE_CHAT_USER }
|
|
- { path: ^/chat$, roles: ROLE_CHAT_USER }
|
|
- { path: ^/ask-jobs, roles: ROLE_CHAT_USER }
|
|
- { path: ^/ask-sse, roles: ROLE_CHAT_USER }
|
|
- { path: ^/history, roles: ROLE_CHAT_USER }
|
|
- { path: ^/chat-messages/frontend$, roles: ROLE_CHAT_USER }
|