避免爲禁用用戶登錄Symfony2

Question

我需要在使用symfony2構建的Web應用程序中實現身份驗證系統。 登錄和註銷操作正常，無論如何，我無法避免爲殘疾用戶登錄。

這是我security.yml：

security: 
    encoders: 
     Acme\MyBundle\Entity\User: 
       algorithm: sha512 
       encode-as-base64: true 
       iterations: 10 

    role_hierarchy: 
     ROLE_ADMIN: [ROLE_USER, ROLE_DOCTOR] 

    providers: 
     user_db: 
      entity: { class: Acme\MyBundle\Entity\User, property: username } 

    firewalls: 
     main: 
      pattern: /.* 
      provider: user_db 
      form_login: 
       login_path: /login 
       check_path: /login_check 
       remember_me: true 
      logout: 
       path: /logout 
       target:/
      remember_me: 
       key: MiPassphrase 
       lifetime: 1800 
       path: /.* 
       domain: ~ 
      security: true 
      anonymous: true 
    access_control: 
     - { path: /info, roles: ROLE_ADMIN } 
     - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: /.*, roles: IS_AUTHENTICATED_FULLY } 

這是我的實體/ user.php的文件：

<?php 

namespace Acme\MyBundle\Entity; 

use Symfony\Component\Security\Core\User\UserInterface; 
use Doctrine\ORM\Mapping as ORM; 
use Symfony\Component\Security\Core\User\AdvancedUserInterface; 

/** 
* @ORM\Entity 
* @ORM\Table(name="Users") 
*/ 
class User implements UserInterface 
{ 

// Definizione campi 

    /** 
    * @ORM\Id 
    * @ORM\Column(type="integer") 
    * @ORM\GeneratedValue(strategy="AUTO") 
    */ 
    protected $id; 

    /** 
    * @ORM\Column(type="string", unique=true) 
    */ 
    protected $username; 

    /** 
    * @ORM\Column(type="string") 
    */ 
    protected $password; 

    /** 
    * @ORM\Column(type="string") 
    */ 
    protected $salt; 

    /** 
    * @ORM\Column(type="integer", nullable=true) 
    */ 
    protected $idRole; 

    /** 
    * @ORM\Column(type="integer", nullable=true) 
    */ 
    protected $idAnagrafica; 

    /** 
    * @ORM\Column(type="integer", nullable=true) 
    */ 
    protected $idTipoVisita; 

    /** 
    * @ORM\Column(type="boolean", nullable=true) 
    */ 
    protected $attivo; 


// Definizioni delle funzioni Get 

    /** 
    * @return integer 
    */ 
    public function getId() 
    { 
    return $this->id; 
    } 

    /** 
    * @return string 
    */ 
    public function getUsername() 
    { 
    return $this->username; 
    } 

    /** 
    * @return string 
    */ 
    public function getPassword() 
    { 
    return $this->password; 
    } 

    /** 
    * @return string 
    */ 
    public function getSalt() 
    { 
    if (null === $this->salt) { 
    $this->salt = sha512(sprintf(
    '%s_%d_%f', 
    uniqid(), 
    rand(0, 99999), 
    microtime(true) 
    )); 
    } 

    return $this->salt; 
    } 

    /** 
    * @return array 
    */ 
    public function getRoles() 
    { 
    return array('ROLE_ADMIN', 'ROLE_USER', 'ROLE_DOCTOR'); 
    } 

    /** 
    * @return integer 
    */ 
    public function getIdRole() 
    { 
    return $this->idRole; 
    } 

    /** 
    * @return integer 
    */ 
    public function getIdAnagrafica() 
    { 
    return $this->idAnagrafica; 
    } 

    /** 
    * @return integer 
    */ 
    public function getIdTipoVisita() 
    { 
    return $this->idTipoVisita; 
    } 

    /** 
    * @return boolean 
    */ 
    public function getAttivo() 
    { 
    return $this->attivo; 
    } 


// Definizione delle funzioni Set 

    /** 
    * @return void 
    */ 
    public function eraseCredentials() 
    { 
    $this->roles = null; 
    } 

    /** 
    * Set username 
    * 
    * @param string $username 
    * @return User 
    */ 
    public function setUsername($username) 
    { 
     $this->username = $username; 

     return $this; 
    } 

    /** 
    * Set password 
    * 
    * @param string $password 
    * @return User 
    */ 
    public function setPassword($password) 
    { 
     $this->password = $password; 

     return $this; 
    } 

    /** 
    * Set salt 
    * 
    * @param string $salt 
    * @return User 
    */ 
    public function setSalt($salt) 
    { 
     $this->salt = $salt; 

     return $this; 
    } 

    /** 
    * Set idAnagrafica 
    * 
    * @param integer $idAnagrafica 
    * @return User 
    */ 
    public function setIdAnagrafica($idAnagrafica) 
    { 
     $this->idAnagrafica = $idAnagrafica; 

     return $this; 
    } 

    /** 
    * Set riferimento idTipoVisita 
    * 
    * @param integer $idTipoVisita 
    * @return User 
    */ 
    public function setIdTipoVisita($idTipoVisita) 
    { 
     $this->idTipoVisita = $idTipoVisita; 

     return $this; 
    } 

    /** 
    * Set attivo 
    * 
    * @param bolean $attivo 
    * @return User 
    */ 
    public function setAttivo($attivo) 
    { 
     $this->attivo = $attivo; 

     return $this; 
    } 

     /** 
     * Set idRole 
     * 
     * @param bolean $idRole 
     * @return User 
     */ 
     public function setIdRole($idRole) 
     { 
      $this->idRole = $idRole; 

      return $this; 
    } 

    // Funzioni advance user interface 
     public function isAccountNonExpired() 
     { 
      return true; 
     } 

     public function isAccountNonLocked() 
     { 
      return true; 
     } 

     public function isCredentialsNonExpired() 
     { 
      return true; 
     } 

     public function isEnabled() 
     { 
      return $this->attivo; 
    } 

} 

我 'attivo' 字段是布爾字段我用的「isActive代替」。 由於文檔（http://symfony.com/doc/current/cookbook/security/entity_provider.html）我做了所有必要的段落以使其工作。如果用戶將「attivo」字段設置爲0，則可以執行登錄。

出了什麼問題？我錯過了什麼？謝謝。

Answer 1

修改高級用戶界面的方法，如下所示。讓他們返回attivo的狀態，而不是返回true。

public function isAccountNonExpired() 
    { 
     return $this->attivo; 
    } 

    public function isAccountNonLocked() 
    { 
     return $this->attivo; 
    } 

    public function isCredentialsNonExpired() 
    { 
     return $this->attivo; 
    } 

    public function isEnabled() 
    { 
     return $this->attivo; 
} 

Answer 2

您的用戶類必須實現AdvancedUserInterface而不是UserInterface。

只需更換：
class User implements UserInterface
通過
class User implements AdvancedUserInterface

因爲AdvancedUserInterface擴展的UserInterface