|
|
@@ -1,13 +1,65 @@
|
|
|
security:
|
|
|
-
|
|
|
+
|
|
|
providers:
|
|
|
oauth:
|
|
|
id: base_oauth_bundle.oauth_user_provider
|
|
|
-
|
|
|
+
|
|
|
role_hierarchy:
|
|
|
- ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
|
|
|
- ROLE_SUPER_ADMIN: ROLE_ADMIN
|
|
|
-
|
|
|
+
|
|
|
+ # STATS_DEVICE_SERVER
|
|
|
+ ROLE_SONATA_STATS_DEVICE_SERVER_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_DEVICE_SERVER_LIST, ROLE_SONATA_ADMIN_STATS_DEVICE_SERVER_VIEW]
|
|
|
+ ROLE_SONATA_STATS_DEVICE_SERVER_EDITOR: [ROLE_SONATA_STATS_DEVICE_SERVER_READER, ROLE_SONATA_ADMIN_STATS_DEVICE_SERVER_CREATE, ROLE_SONATA_ADMIN_STATS_DEVICE_SERVER_EDIT]
|
|
|
+ ROLE_SONATA_STATS_DEVICE_SERVER_ADMIN: [ROLE_SONATA_STATS_DEVICE_SERVER_EDITOR, ROLE_SONATA_ADMIN_STATS_DEVICE_SERVER_DELETE, ROLE_SONATA_ADMIN_STATS_DEVICE_SERVER_EXPORT]
|
|
|
+
|
|
|
+ # STATS_DEVICE
|
|
|
+ ROLE_SONATA_STATS_DEVICE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_DEVICE_LIST, ROLE_SONATA_ADMIN_STATS_DEVICE_VIEW]
|
|
|
+ ROLE_SONATA_STATS_DEVICE_EDITOR: [ROLE_SONATA_STATS_DEVICE_READER, ROLE_SONATA_ADMIN_STATS_DEVICE_CREATE, ROLE_SONATA_ADMIN_STATS_DEVICE_EDIT]
|
|
|
+ ROLE_SONATA_STATS_DEVICE_ADMIN: [ROLE_SONATA_STATS_DEVICE_EDITOR, ROLE_SONATA_ADMIN_STATS_DEVICE_DELETE, ROLE_SONATA_ADMIN_STATS_DEVICE_EXPORT]
|
|
|
+
|
|
|
+ # STATS_ONU
|
|
|
+ ROLE_SONATA_STATS_ONU_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_ONU_LIST, ROLE_SONATA_ADMIN_STATS_ONU_VIEW]
|
|
|
+ ROLE_SONATA_STATS_ONU_EDITOR: [ROLE_SONATA_STATS_ONU_READER, ROLE_SONATA_ADMIN_STATS_ONU_CREATE, ROLE_SONATA_ADMIN_STATS_ONU_EDIT]
|
|
|
+ ROLE_SONATA_STATS_ONU_ADMIN: [ROLE_SONATA_STATS_ONU_EDITOR, ROLE_SONATA_ADMIN_STATS_ONU_DELETE, ROLE_SONATA_ADMIN_STATS_ONU_EXPORT]
|
|
|
+
|
|
|
+ # STATS_PON_PORT
|
|
|
+ ROLE_SONATA_STATS_PON_PORT_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_PON_PORT_LIST, ROLE_SONATA_ADMIN_STATS_PON_PORT_VIEW]
|
|
|
+ ROLE_SONATA_STATS_PON_PORT_EDITOR: [ROLE_SONATA_STATS_PON_PORT_READER, ROLE_SONATA_ADMIN_STATS_PON_PORT_CREATE, ROLE_SONATA_ADMIN_STATS_PON_PORT_EDIT]
|
|
|
+ ROLE_SONATA_STATS_PON_PORT_ADMIN: [ROLE_SONATA_STATS_PON_PORT_EDITOR, ROLE_SONATA_ADMIN_STATS_PON_PORT_DELETE, ROLE_SONATA_ADMIN_STATS_PON_PORT_EXPORT]
|
|
|
+
|
|
|
+ # STATS_OLT
|
|
|
+ ROLE_SONATA_STATS_OLT_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_OLT_LIST, ROLE_SONATA_ADMIN_STATS_OLT_VIEW]
|
|
|
+ ROLE_SONATA_STATS_OLT_EDITOR: [ROLE_SONATA_STATS_OLT_READER, ROLE_SONATA_ADMIN_STATS_OLT_CREATE, ROLE_SONATA_ADMIN_STATS_OLT_EDIT]
|
|
|
+ ROLE_SONATA_STATS_OLT_ADMIN: [ROLE_SONATA_STATS_OLT_EDITOR, ROLE_SONATA_ADMIN_STATS_OLT_DELETE, ROLE_SONATA_ADMIN_STATS_OLT_EXPORT]
|
|
|
+
|
|
|
+ # STATS_CABLEMODEM
|
|
|
+ ROLE_SONATA_STATS_CABLEMODEM_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_CABLEMODEM_LIST, ROLE_SONATA_ADMIN_STATS_CABLEMODEM_VIEW]
|
|
|
+ ROLE_SONATA_STATS_CABLEMODEM_EDITOR: [ROLE_SONATA_STATS_CABLEMODEM_READER, ROLE_SONATA_ADMIN_STATS_CABLEMODEM_CREATE, ROLE_SONATA_ADMIN_STATS_CABLEMODEM_EDIT]
|
|
|
+ ROLE_SONATA_STATS_CABLEMODEM_ADMIN: [ROLE_SONATA_STATS_CABLEMODEM_EDITOR, ROLE_SONATA_ADMIN_STATS_CABLEMODEM_DELETE, ROLE_SONATA_ADMIN_STATS_CABLEMODEM_EXPORT]
|
|
|
+
|
|
|
+ # STATS_CMTS_INTERFACE
|
|
|
+ ROLE_SONATA_STATS_CMTS_INTERFACE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_CMTS_INTERFACE_LIST, ROLE_SONATA_ADMIN_STATS_CMTS_INTERFACE_VIEW]
|
|
|
+ ROLE_SONATA_STATS_CMTS_INTERFACE_EDITOR: [ROLE_SONATA_STATS_CMTS_INTERFACE_READER, ROLE_SONATA_ADMIN_STATS_CMTS_INTERFACE_CREATE, ROLE_SONATA_ADMIN_STATS_CMTS_INTERFACE_EDIT]
|
|
|
+ ROLE_SONATA_STATS_CMTS_INTERFACE_ADMIN: [ROLE_SONATA_STATS_CMTS_INTERFACE_EDITOR, ROLE_SONATA_ADMIN_STATS_CMTS_INTERFACE_DELETE, ROLE_SONATA_ADMIN_STATS_CMTS_INTERFACE_EXPORT]
|
|
|
+
|
|
|
+ # STATS_CMTS
|
|
|
+ ROLE_SONATA_STATS_CMTS_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_STATS_CMTS_LIST, ROLE_SONATA_ADMIN_STATS_CMTS_VIEW]
|
|
|
+ ROLE_SONATA_STATS_CMTS_EDITOR: [ROLE_SONATA_STATS_CMTS_READER, ROLE_SONATA_ADMIN_STATS_CMTS_CREATE, ROLE_SONATA_ADMIN_STATS_CMTS_EDIT]
|
|
|
+ ROLE_SONATA_STATS_CMTS_ADMIN: [ROLE_SONATA_STATS_CMTS_EDITOR, ROLE_SONATA_ADMIN_STATS_CMTS_DELETE, ROLE_SONATA_ADMIN_STATS_CMTS_EXPORT]
|
|
|
+
|
|
|
+ # WORKFLOW
|
|
|
+ ROLE_SONATA_WORKFLOW_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_WORKFLOW_LIST, ROLE_SONATA_ADMIN_WORKFLOW_VIEW]
|
|
|
+ ROLE_SONATA_WORKFLOW_EDITOR: [ROLE_SONATA_WORKFLOW_READER, ROLE_SONATA_ADMIN_WORKFLOW_CREATE, ROLE_SONATA_ADMIN_WORKFLOW_EDIT]
|
|
|
+ ROLE_SONATA_WORKFLOW_ADMIN: [ROLE_SONATA_WORKFLOW_EDITOR, ROLE_SONATA_ADMIN_WORKFLOW_DELETE, ROLE_SONATA_ADMIN_WORKFLOW_EXPORT]
|
|
|
+
|
|
|
+ # ACTION
|
|
|
+ ROLE_SONATA_ACTION_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_ACTION_LIST, ROLE_SONATA_ADMIN_ACTION_VIEW]
|
|
|
+ ROLE_SONATA_ACTION_EDITOR: [ROLE_SONATA_ACTION_READER, ROLE_SONATA_ADMIN_ACTION_CREATE, ROLE_SONATA_ADMIN_ACTION_EDIT]
|
|
|
+ ROLE_SONATA_ACTION_ADMIN: [ROLE_SONATA_ACTION_EDITOR, ROLE_SONATA_ADMIN_ACTION_DELETE, ROLE_SONATA_ADMIN_ACTION_EXPORT]
|
|
|
+
|
|
|
+ ROLE_ADMIN_TENANCIES: ROLE_ADMIN_TENANCIES
|
|
|
+ ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
|
|
|
+ ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_USER_CREATE, ROLE_ADMIN_TENANCIES, ROLE_ALLOWED_TO_SWITCH]
|
|
|
+
|
|
|
firewalls:
|
|
|
dev:
|
|
|
# es una llave que se utiliza para guardar y traer los datos de la session. Los firewalls que posean
|
|
|
@@ -16,7 +68,7 @@ security:
|
|
|
stateless: false
|
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
|
|
security: false
|
|
|
-
|
|
|
+
|
|
|
api:
|
|
|
# es una llave que se utiliza para guardar y traer los datos de la session. Los firewalls que posean
|
|
|
# el mismo context, van a compartir la informacion. PARA QUE FUNCION "stateless" debe estar en FALSE
|
|
|
@@ -25,7 +77,7 @@ security:
|
|
|
pattern: ^/api
|
|
|
stateless: true
|
|
|
oauth_proxy: true
|
|
|
-
|
|
|
+
|
|
|
secured_area:
|
|
|
# es una llave que se utiliza para guardar y traer los datos de la session. Los firewalls que posean
|
|
|
# el mismo context, van a compartir la informacion. PARA QUE FUNCION "stateless" debe estar en FALSE
|
|
|
@@ -37,7 +89,7 @@ security:
|
|
|
target: /
|
|
|
success_handler: base_admin.security.logout.handler
|
|
|
anonymous: true
|
|
|
-
|
|
|
+
|
|
|
# HWIOAuthBundle + BaseOAuthBundle Configuration
|
|
|
oauth:
|
|
|
login_path: /login
|
|
|
@@ -47,8 +99,8 @@ security:
|
|
|
login: /login_check
|
|
|
oauth_user_provider:
|
|
|
service: base_oauth_bundle.oauth_user_provider
|
|
|
-
|
|
|
+
|
|
|
access_control:
|
|
|
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
|
|
- { path: ^/admin/, role: ROLE_ADMIN }
|
|
|
- - { path: ^/api, role: ROLE_USER }
|
|
|
+ - { path: ^/api, role: ROLE_USER }
|
Guillermo Espinoza