TechQA.

Role management with switch_user in Symfony 3.4

247 views Asked by At

Here's my situation:

I'm working on a Symfony 3.4 project. I've enabled the switch_user setting in security.yml and I'm able to log in instead of the users.

However, I have a question about the rights.

I have three user groups/roles:

  • BASIC_USER: can't login in place of any other user.
  • ADVANCED_USER: can connect instead of BASIC_USER users but not instead of ADVANCED_USER or ADMIN_USER users.
  • ADMIN_USER: can connect in place of any user, even ADMIN_USERs.

If I give the role ROLE_ALLOWED_TO_SWITCH to my ADVANCED_USER users they will be able to log in as ADMIN_USER using a URL of this type: https://mywebsite.com/[email protected]

How can I block them to do this?

Thank you in advance for your help and have a nice week.

symfony symfony-3.4 symfony-security switch-user
Original Q&A
0

There are 0 answers

Related Questions in SYMFONY

Related Questions in SYMFONY-3.4

Related Questions in SYMFONY-SECURITY

Related Questions in SWITCH-USER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions