From: Raphaël Gertz <git@rapsys.eu>
Date: Fri, 18 Oct 2024 04:35:36 +0000 (+0200)
Subject: Add rapsystree and security configuration
X-Git-Tag: 0.0.4~1
X-Git-Url: https://git.rapsys.eu/treebundle/commitdiff_plain/f6f4a82d435adf70d9d27fe3724c5d87b1112a8a?ds=sidebyside;hp=b00c70717b63e27faba06270bcbbc20b47cdc524

Add rapsystree and security configuration
---

diff --git a/Resources/config/packages/rapsystree.yaml b/Resources/config/packages/rapsystree.yaml
index 4639e7b..c283250 100644
--- a/Resources/config/packages/rapsystree.yaml
+++ b/Resources/config/packages/rapsystree.yaml
@@ -1,5 +1,101 @@
 # Parameters configuration
+parameters:
+
+# RapsysTree configuration
 rapsystree:
+    contact:
+        address: 'veranda@rapsys.eu'
+        name: 'Rapsys Photo'
+    languages:
+        en_gb: 'English'
+        fr_fr: 'French'
+    locale: 'fr_fr'
+    locales: [ 'fr_fr', 'en_gb' ]
+    logo:
+        alt: 'Rapsys photo''s logo'
+    title: 'Rapsys Photo'
+    roots:
+        Dcim: '/var/www/dcim'
+        Doc: '/var/www/doc'
+        Photo: '/var/www/photo'
+        Tango: '/var/www/tango'
+        Video: '/var/www/video'
+
+# Security configuration
+security:
+    # Set firewall
+    firewalls:
+        # Disables authentication for assets and the profiler, adapt it according to your needs
+        dev:
+            pattern: '^/(_(profiler|wdt)|css|images|js)/'
+            security: false
+
+        # Mail firewall
+        main:
+            # Allow anonymous access
+            #anonymous: ~
+            #lazy: true
+
+            # Activate database provider
+            #XXX: comment this key in config/security.yaml to prevent users_in_memory induced failures
+            provider: 'database'
+
+            # Activate user checker
+            user_checker: 'security.user_checker'
+
+            #XXX: https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
+            #http_basic: ~
+
+            # Set form login
+            #XXX: https://symfony.com/doc/current/security/form_login_setup.html
+            #TODO: https://symfony.com/doc/current/security/guard_authentication.html
+            form_login:
+                # Redirect to referer if different from login route
+                use_referer: true
+                # Login path
+                login_path: 'rapsysuser_login'
+                # Check path
+                check_path: 'rapsysuser_login'
+                # Username parameter
+                username_parameter: 'login[mail]'
+                # Password parameter
+                password_parameter: 'login[password]'
+                # Enable login csrf protection
+                enable_csrf: false
+                # Csrf parameter
+                csrf_parameter: 'login[_token]'
+                # Csrf id
+                csrf_token_id: 'login'
+
+            # Set logout route
+            logout:
+                # Logout route
+                path: 'rapsysuser_logout'
+                # Logout default target
+                target: 'rapsystree'
+
+            # Set custom access denied handler
+            #access_denied_handler: Rapsys\BlogBundle\Handler\AccessDeniedHandler
+
+            # Remember me
+            #XXX: see https://symfony.com/doc/current/security/remember_me.html
+            remember_me:
+                # Use APP_SECRET
+                secret: '%kernel.secret%'
+                # Always remember me
+                always_remember_me: true
+
+    # Set providers
+    providers:
+        database:
+            entity:
+                class: 'Rapsys\TreeBundle\Entity\User'
+                property: 'mail'
+
+    # Set role hierarchy
+    role_hierarchy:
+        ROLE_USER: [ 'ROLE_GUEST' ]
+        ROLE_ADMIN: [ 'ROLE_GUEST', 'ROLE_USER' ]
 
 # Services configuration
 services: