this is a website in production made with symfony 2.4.2 which has one page (downloads) who is restricted and you need a user and password to access it.
The thing is that back in the day they wanted different urls for different languages, not only changing the locale but also the "slug".
So, if you go like a normal person and access the page through clicking the button it ask you for the user and password but, if you enter the url in one of the supported languages with the locale in a different supported language it let you pass without asking you the access.
This is my routing.yml:
frontend_descarregues_ca:
path: /descarregues.html
defaults: {_controller: FrontendBundle:Default:descarregues, _locale: ca }
frontend_descarregues_es:
path: /descargas.html
defaults: { _controller: FrontendBundle:Default:descarregues, _locale: es }
frontend_descarregues_fr:
path: /telechargements.html
defaults: { _controller: FrontendBundle:Default:descarregues, _locale: fr }
this my security.yml:
security:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
default:
pattern: ^/ca/descarregues.html
provider: in_memory
http_basic: ~
anonymous: ~
default_fr:
pattern: ^/fr/telechargements.html
provider: in_memory
http_basic: ~
anonymous: ~
default_es:
pattern: ^/es/descargas.html
provider: in_memory
http_basic: ~
anonymous: ~
access_control:
- { path: ^/ca/descarregues.html, roles: ROLE_DOWN }
- { path: ^/es/descargas.html, roles: ROLE_DOWN }
- { path: ^/fr/telechargements.html, roles: ROLE_DOWN }
providers:
in_memory:
memory:
users:
someuser:
password: somepassword
roles: 'ROLE_DOWN'
I repeat, this is symfony 2.4.2
I tried to use requirements to only allow the locale with the specified "slug" to be valid and enter the page but doing that it happened that it won't ask me the access.
Is there someone who knows how can i fix this? (Just as a reminder this is symfony 2.4.2)
Try this :
security:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
default:
pattern: ^/[a-zA-Z]+/descarregues.html
provider: in_memory
http_basic: ~
anonymous: ~
default_fr:
pattern: ^/[a-zA-Z]+/telechargements.html
provider: in_memory
http_basic: ~
anonymous: ~
default_es:
pattern: ^/[a-zA-Z]+/descargas.html
provider: in_memory
http_basic: ~
anonymous: ~
access_control:
- { path: ^/[a-zA-Z]+/descarregues.html, roles: ROLE_DOWN }
- { path: ^/[a-zA-Z]+/descargas.html, roles: ROLE_DOWN }
- { path: ^/[a-zA-Z]+/telechargements.html, roles: ROLE_DOWN }
providers:
in_memory:
memory:
users:
someuser:
password: somepassword
roles: 'ROLE_DOWN'