{% extends '@WebProfiler/Profiler/layout.html.twig' %} {% block page_title 'Security' %} {% block toolbar %} {% if collector.firewall %} {% set color_code = collector.enabled and not collector.authenticatorManagerEnabled ? 'yellow' %} {% set icon %} {{ include('@Security/Collector/icon.svg') }} {{ collector.user|default('n/a') }} {% endset %} {% set text %} {% if collector.impersonated %}
Impersonator {{ collector.impersonatorUser }}
{% endif %}
{% if collector.enabled %} {% if collector.token %}
Logged in as {{ collector.user }}
Authenticated {{ collector.authenticated ? 'Yes' : 'No' }}
Roles {% set remainingRoles = collector.roles|slice(1) %} {{ collector.roles|first }} {% if remainingRoles is not empty %} + {{ remainingRoles|length }} more {% endif %}
Token class {{ collector.tokenClass|abbr_class }}
{% else %}
Authenticated No
{% endif %} {% if collector.firewall %}
Firewall name {{ collector.firewall.name }}
{% endif %} {% if collector.token and collector.logoutUrl %}
Actions Logout {% if collector.impersonated and collector.impersonationExitPath %} | Exit impersonation {% endif %}
{% endif %} {% else %}
The security is disabled.
{% endif %}
{% endset %} {{ include('@WebProfiler/Profiler/toolbar_item.html.twig', { link: profiler_url, status: color_code }) }} {% endif %} {% endblock %} {% block menu %} {{ include('@Security/Collector/icon.svg') }} Security {% endblock %} {% block panel %}

Security

{% if collector.enabled %}

Token

{% if collector.token %}
{{ collector.user == 'anon.' ? 'Anonymous' : collector.user }} Username
{{ include('@WebProfiler/Icon/' ~ (collector.authenticated ? 'yes' : 'no') ~ '.svg') }} Authenticated
{% if collector.supportsRoleHierarchy %} {% endif %} {% if collector.token %} {% endif %}
Property Value
Roles {{ collector.roles is empty ? 'none' : profiler_dump(collector.roles, maxDepth=1) }} {% if not collector.authenticated and collector.roles is empty %}

User is not authenticated probably because they have no roles.

{% endif %}
Inherited Roles {{ collector.inheritedRoles is empty ? 'none' : profiler_dump(collector.inheritedRoles, maxDepth=1) }}
Token {{ profiler_dump(collector.token) }}
{% elseif collector.enabled %}

There is no security token.

{% endif %}

Firewall

{% if collector.firewall %}
{{ collector.firewall.name }} Name
{{ include('@WebProfiler/Icon/' ~ (collector.firewall.security_enabled ? 'yes' : 'no') ~ '.svg') }} Security enabled
{{ include('@WebProfiler/Icon/' ~ (collector.firewall.stateless ? 'yes' : 'no') ~ '.svg') }} Stateless
{% if collector.authenticatorManagerEnabled == false %}
{{ include('@WebProfiler/Icon/' ~ (collector.firewall.allows_anonymous ? 'yes' : 'no') ~ '.svg') }} Allows anonymous
{% endif %}
{% if collector.firewall.security_enabled %}

Configuration

{% if collector.authenticatorManagerEnabled %} {% else %} {% endif %}
Key Value
provider {{ collector.firewall.provider ?: '(none)' }}
context {{ collector.firewall.context ?: '(none)' }}
entry_point {{ collector.firewall.entry_point ?: '(none)' }}
user_checker {{ collector.firewall.user_checker ?: '(none)' }}
access_denied_handler {{ collector.firewall.access_denied_handler ?: '(none)' }}
access_denied_url {{ collector.firewall.access_denied_url ?: '(none)' }}
authenticators {{ collector.firewall.authenticators is empty ? '(none)' : profiler_dump(collector.firewall.authenticators, maxDepth=1) }}
listeners {{ collector.firewall.listeners is empty ? '(none)' : profiler_dump(collector.firewall.listeners, maxDepth=1) }}
{% endif %} {% endif %}

Listeners

{% if collector.listeners|default([]) is empty %}

No security listeners have been recorded. Check that debugging is enabled in the kernel.

{% else %} {% set previous_event = (collector.listeners|first) %} {% for listener in collector.listeners %} {% if loop.first or listener != previous_event %} {% if not loop.first %} {% endif %} {% set previous_event = listener %} {% endif %} {% if loop.last %} {% endif %} {% endfor %}
Listener Duration Response
{{ profiler_dump(listener.stub) }} {{ '%0.2f'|format(listener.time * 1000) }} ms {{ listener.response ? profiler_dump(listener.response) : '(none)' }}
{% endif %}

Authenticators

{% if collector.authenticators|default([]) is not empty %} {% set previous_event = (collector.listeners|first) %} {% for authenticator in collector.authenticators %} {% if loop.first or authenticator != previous_event %} {% if not loop.first %} {% endif %} {% set previous_event = authenticator %} {% endif %} {% if loop.last %} {% endif %} {% endfor %}
Authenticator Supports Duration Passport
{{ profiler_dump(authenticator.stub) }} {{ include('@WebProfiler/Icon/' ~ (authenticator.supports ? 'yes' : 'no') ~ '.svg') }} {{ '%0.2f'|format(authenticator.duration * 1000) }} ms {{ authenticator.passport ? profiler_dump(authenticator.passport) : '(none)' }}
{% else %}

No authenticators have been recorded. Check previous profiles on your authentication endpoint.

{% endif %}

Access Decision

{% if collector.voters|default([]) is not empty %}
{{ collector.voterStrategy|default('unknown') }} Strategy
{% for voter in collector.voters %} {% endfor %}
# Voter class
{{ loop.index }} {{ profiler_dump(voter) }}
{% endif %} {% if collector.accessDecisionLog|default([]) is not empty %}

Access decision log

{% for decision in collector.accessDecisionLog %} {% endfor %}
# Result Attributes Object
{{ loop.index }} {{ decision.result ? 'GRANTED' : 'DENIED' }} {% if decision.attributes|length == 1 %} {% set attribute = decision.attributes|first %} {% if attribute.expression is defined %} Expression: 
{{ attribute.expression }}
{% elseif attribute.type == 'string' %} {{ attribute }} {% else %} {{ profiler_dump(attribute) }} {% endif %} {% else %} {{ profiler_dump(decision.attributes) }} {% endif %} 		{{ profiler_dump(decision.seek('object')) }}
{% if decision.voter_details is not empty %} {% set voter_details_id = 'voter-details-' ~ loop.index %}
{% for voter_detail in decision.voter_details %} {% if collector.voterStrategy == 'unanimous' %} {% endif %} {% endfor %}
{{ profiler_dump(voter_detail['class']) }}attribute {{ voter_detail['attributes'][0] }} {% if voter_detail['vote'] == constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_GRANTED') %} ACCESS GRANTED {% elseif voter_detail['vote'] == constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_ABSTAIN') %} ACCESS ABSTAIN {% elseif voter_detail['vote'] == constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_DENIED') %} ACCESS DENIED {% else %} unknown ({{ voter_detail['vote'] }}) {% endif %}
Show voter details {% endif %}
{% endif %}
{% endif %} {% endblock %}