For the simplicity of the problem I am not using role_hierarchy on my security.yml.
I have a logged user. If I do this on my controller:
dump($this->get('security.token_storage')->getToken()->getUser()->getRoles());
This is what I get:
array:3 [▼
0 => "ROLE_SUPER_ADMIN"
1 => "ROLE_ADMIN"
2 => "ROLE_USER"
]
But then if I ask for isGranted, I just get true on 'ROLE_USER', and false with all the rest:
dump($this->get('security.authorization_checker')->isGranted('ROLE_USER'));
dump($this->get('security.authorization_checker')->isGranted('ROLE_ADMIN'));
dump($this->get('security.authorization_checker')->isGranted('ROLE_SUPER_ADMIN'));
gives me:
true
false
false
I am using FOSUserBundle and my user extends their BaseUser (which on turn implements UserInterface) and I am not touching any method of it on my User entity.
Can you spot the problem? Is that I can not use the security.checker with FOSUSerBundle?
UPDATE: If I dump($this->getUser()) this is what I get:
Usuario {#2290 ▼
#id: 3
#username: "u1"
#usernameCanonical: "u1"
#email: "u1"
#emailCanonical: "u1"
#enabled: true
#salt: "8wqvgv5t24g0ssck44gw4008c04g8sg"
#password: "zfDmozi78wrglXx3SUaCiz7490o4ZzKYEukcbdlCQ5FAWpA4jgLFQT6BXNbo3tzTyhdPDOCC/h4ZDs32SKlGEw=="
#plainPassword: null
#lastLogin: DateTime {#2288 ▶}
#confirmationToken: null
#passwordRequestedAt: null
#groups: null
#locked: false
#expired: false
#expiresAt: null
#roles: array:2 [▼
0 => "ROLE_SUPER_ADMIN"
1 => "ROLE_ADMIN"
]
#credentialsExpired: false
#credentialsExpireAt: null
}
As you can see, FSOS just add the 'ROLE_USER' in getRoles() method since it is not present in the actual array of Roles.
$this->getUser()and put that up here? - bassplayer7