Mise en place des Roles

Modification Index pour tester les roles Modification du form d'ajout d'un Utilisateur pour selectionner les roles au lieux de les saisir en texte Mise en place d'une page d'accés refuser personnaliser
2024-10-26 01:50:10 +02:00 · 2024-10-26 01:50:10 +02:00 · f141abf1cc
commit f141abf1cc
parent ca240ee372
6 changed files with 75 additions and 28 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@ -27,10 +27,13 @@ security:



+
+
    access_control:
 #        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-#        - { path: ^/logout, roles: ROLE_USER }
-#        - { path: ^/, roles: ROLE_USER }
+        - { path: ^/logout, roles: ROLE_USER }
+        - { path: ^/index, roles: ROLE_USER }
+        - { path: ^/user, roles: ROLE_ADMIN }

 #when@test:
 #    security:
--- a/src/Controller/AccesDeniedController.php
+++ b/src/Controller/AccesDeniedController.php
@ -0,0 +1,18 @@
+<?php
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class AccesDeniedController extends AbstractController
+{
+    #[Route('/acces/denied', name: 'app_acces_denied')]
+    public function index(): Response
+    {
+        return $this->render('acces_denied/index.html.twig', [
+            'controller_name' => 'AccesDeniedController',
+        ]);
+    }
+}
--- a/src/Form/AddUserFormType.php
+++ b/src/Form/AddUserFormType.php
@ -7,6 +7,7 @@ use App\Entity\Tables;
 use App\Entity\Clients;
 use Symfony\Bridge\Doctrine\Form\Type\EntityType;
 use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Extension\Core\Type\ChoiceType;
 use Symfony\Component\Form\Extension\Core\Type\EmailType;
 use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 use Symfony\Component\Form\Extension\Core\Type\SubmitType;
@ -37,22 +38,16 @@ class AddUserFormType extends AbstractType

            ->add('Nom')
            ->add('Prenom')
-            ->add('Roles', TextType::class)
+            ->add('Roles', ChoiceType::class, [
+                'choices' => [
+                    'Admin' => 'ROLE_ADMIN',
+                    'User' => 'ROLE_USER',
+                ],
+                'expanded' => true,
+                'multiple' => true,
+            ])
+
            ->add('Enregistrer', SubmitType::class);
-
-
-            // Convertir le champ role en tableau
-            $builder->get('Roles')->addModelTransformer(new CallbackTransformer(
-                function ($rolesAsArray) {
-                    return implode(', ', $rolesAsArray); // Convertit l'array en string
-                },
-                function ($rolesAsString) {
-                    return array_map('trim', explode(',', $rolesAsString)); // Convertit la string en array
-                }
-            ));
-
-        ;
-
    }

    public function configureOptions(OptionsResolver $resolver): void
--- a/src/Security/LoginAuthenticator.php
+++ b/src/Security/LoginAuthenticator.php
@ -15,6 +15,8 @@ use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordC
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\SecurityRequestAttributes;
 use Symfony\Component\Security\Http\Util\TargetPathTrait;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+

 class LoginAuthenticator extends AbstractLoginFormAuthenticator
 {
@ -52,6 +54,11 @@ class LoginAuthenticator extends AbstractLoginFormAuthenticator
        return new RedirectResponse($this->urlGenerator->generate('app_index'));
    }

+    public function start(Request $request, ?AuthenticationException $authException = null): RedirectResponse
+    {
+        return new RedirectResponse($this->urlGenerator->generate('app_acces_denied'));
+    }
+
    protected function getLoginUrl(Request $request): string
    {
        return $this->urlGenerator->generate(self::LOGIN_ROUTE);
--- a/templates/acces_denied/index.html.twig
+++ b/templates/acces_denied/index.html.twig
@ -0,0 +1,28 @@
+{% extends 'base.html.twig' %}
+
+{% block title %}Accès Refusé{% endblock %}
+
+{% block body %}
+
+    <style>
+        .container {
+            margin-top: 50px;
+            text-align: center;
+            background-color: orange;
+        }
+
+        h1 {
+            color: #dc3545;
+        }
+
+        .btn {
+            margin-top: 20px;
+        }
+    </style>
+
+     <div class="container">
+        <h1>Accès Refusé</h1>
+        <p>Vous n'avez pas les permissions nécessaires pour accéder à cette page.</p>
+        <a href="{{ path('app_login') }}" class="btn btn-primary">Ce connecter</a>
+    </div>
+{% endblock %}
--- a/templates/index/index.html.twig
+++ b/templates/index/index.html.twig
@ -4,17 +4,13 @@

 {% block body %}
 <style>
-    .example-wrapper { margin: 1em auto; max-width: 800px; width: 95%; font: 18px/1.5 sans-serif; }
-    .example-wrapper code { background: #F5F5F5; padding: 2px 6px; }
 </style>

-<div class="example-wrapper">
-    <h1>Hello {{ controller_name }}! ✅</h1>
-
-    This friendly message is coming from:
-    <ul>
-        <li>Your controller at <code>D:/Devellopement/FestinHegre/src/Controller/IndexController.php</code></li>
-        <li>Your template at <code>D:/Devellopement/FestinHegre/templates/index/index.html.twig</code></li>
-    </ul>
-</div>
+    {% if 'ROLE_ADMIN' in app.user.roles %}
+        <p>Vous avez accès à toutes les fonctionnalités administratives.</p>
+    {% elseif 'ROLE_USER' in app.user.roles %}
+        <p>Vous êtes un utilisateur standard.</p>
+    {% else %}
+        <p>Accès limité.</p>
+    {% endif %}
 {% endblock %}