Mirrors/Part-DB-server
2
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2026-03-06 23:39:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use PUBLIC_ACCESS role instead of IS_AUTHENTICATED_ANONYMOUSLY role

Browse Source
This commit is contained in:
Jan Böhmer
2022-08-14 19:11:42 +02:00
parent 5fd608f42a
commit eef26f7ae6
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/packages/security.yaml
View File

@@ -48,9 +48,9 @@ security:
# Note: Only the *first* access control that matches will be used
access_control:
# This makes the logout route available during two-factor authentication, allows the user to cancel
- { path: ^/logout, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/logout, role: PUBLIC_ACCESS }
# This ensures that the form can only be accessed when two-factor authentication is in progress
- { path: "^/\\w{2}/2fa", role: IS_AUTHENTICATED_2FA_IN_PROGRESS }
# We get into trouble with the U2F authentication, if the calls to the trees trigger an 2FA login
# This settings should not do much harm, because a read only access to show available data structures is not really critical
- { path: "^/\\w{2}/tree", role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: "^/\\w{2}/tree", role: PUBLIC_ACCESS }