From 597e86b7e54081d94f10eb68f39180036d554832 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=BC=9F=E4=BC=9F=E6=9D=83?= <qww.zone@gmail.com>
Date: Thu, 22 Jul 2021 14:53:04 +0800
Subject: [PATCH] 87. role_hierarchy

---
 config/packages/security.yaml    |  6 ++++++
 src/DataFixtures/AppFixtures.php | 21 ++++++++++++++++++++-
 templates/base.html.twig         |  9 +++++++++
 3 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 4463ec5..c634be3 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -1,4 +1,10 @@
 security:
+    role_hierarchy:
+        ROLE_EDITOR: ROLE_USER
+        ROLE_CHECKER: ROLE_USER
+        ROLE_ADMIN: [ROLE_EDITOR, ROLE_CHECKER]
+        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
+
     encoders:
         App\Entity\User:
             algorithm: auto
diff --git a/src/DataFixtures/AppFixtures.php b/src/DataFixtures/AppFixtures.php
index 91d4522..3d6f6e8 100644
--- a/src/DataFixtures/AppFixtures.php
+++ b/src/DataFixtures/AppFixtures.php
@@ -23,7 +23,7 @@ class AppFixtures extends Fixture
     {
         $admin = new User();
         $admin->setUsername('admin');
-        $admin->setRoles(['ROLE_SUPER_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']);
+        $admin->setRoles(['ROLE_SUPER_ADMIN']);
         $admin->setPassword($this->userPasswordHasher->hashPassword($admin, 'admin'));
 
         $deletedUser = new User();
@@ -42,12 +42,31 @@ class AppFixtures extends Fixture
         $tom->setUsername('tom');
         $tom->setPassword($this->userPasswordHasher->hashPassword($tom, 'tom'));
 
+        $editor = new User();
+        $editor->setUsername('editor');
+        $editor->setRoles(['ROLE_EDITOR']);
+        $editor->setPassword($this->userPasswordHasher->hashPassword($editor, 'editor'));
+
+        $checker = new User();
+        $checker->setUsername('checker');
+        $checker->setRoles(['ROLE_CHECKER']);
+        $checker->setPassword($this->userPasswordHasher->hashPassword($checker, 'checker'));
+
+        $simpleAdmin = new User();
+        $simpleAdmin->setUsername('simple_admin');
+        $simpleAdmin->setRoles(['ROLE_ADMIN']);
+        $simpleAdmin->setPassword($this->userPasswordHasher->hashPassword($simpleAdmin, 'admin'));
+
 
         $manager->persist($admin);
         $manager->persist($deletedUser);
         $manager->persist($expiredUser);
         $manager->persist($tom);
 
+        $manager->persist($editor);
+        $manager->persist($checker);
+        $manager->persist($simpleAdmin);
+
         $manager->flush();
     }
 }
diff --git a/templates/base.html.twig b/templates/base.html.twig
index a78c3f7..ac20ea3 100644
--- a/templates/base.html.twig
+++ b/templates/base.html.twig
@@ -30,6 +30,15 @@
 
         <!-- Blog Entries Column -->
         <div class="col-md-8">
+            {% if is_granted('ROLE_EDITOR') %}
+                当前用户是编辑角色
+            {% endif %}
+            {% if is_granted('ROLE_CHECKER') %}
+                当前用户是审核角色
+            {% endif %}
+            {% if is_granted('ROLE_ADMIN') %}
+                当前用户是管理员角色
+            {% endif %}
 
             {% block content %}
             {% endblock %}
-- 
GitLab