restrict admin access to ROLE_ADMIN

This commit is contained in:
Jannis Portmann 2021-04-30 21:24:51 +02:00
parent eba1194686
commit 1effd26ee9

View file

@ -36,4 +36,5 @@ security:
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^(?!/(login|register|reset-password)), roles: ROLE_USER }
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^(?!/(login|register|reset-password)), roles: ROLE_USER }