SonataAdmin:阻止管理员删除自己的帐户
[英]SonataAdmin: Prevent Admin From Deleting His Own Account
问题描述
I am using sonatadmin for a symfony 2 project. 
我正在使用sonatadmin进行symfony 2项目。 Sometimes admin user may accidently delete his own account. 有时管理员用户可能会意外删除自己的帐户。 how to prevent admin user to delete his own account? 如何防止管理员用户删除自己的帐户? Thanks! 谢谢!
2 个解决方案
解决方案1
4 已采纳 2016-03-02 18:01:35
To prevent admin to delete his own account you need define your own CRUDController for sonata user by following ADVANCED CONFIGURATION 要防止管理员删除自己的帐户,您需要按照ADVANCED CONFIGURATION为sonata用户定义自己的CRUDController
admin: # Admin Classes
user:
class: Sonata\UserBundle\Admin\Entity\UserAdmin
controller: YourUserBundle:CRUD
translation: SonataUserBundle
and then in your controller override batchActionDelete() & deleteAction() functions in these functions check if request contains admin object/id then restrict here. 然后在你的控制器中覆盖这些函数中的batchActionDelete()和deleteAction()函数,检查请求是否包含admin对象/ id然后在此处进行限制。
public function deleteAction($id)
{
$id = $this->get('request')->get($this->admin->getIdParameter());
$object = $this->admin->getObject($id);
if (!$object) {
throw new NotFoundHttpException(sprintf('unable to find the object with id : %s', $id));
}
$userid = $this->getUser()->getId() // get id of logged in user
if($userid == $id){
$this->addFlash(
'sonata_flash_error',
'Error you cannot delete your own account'
);
return $this->redirectTo($object);
}
// other code from base class
}
Same logic for batchActionDelete() function batchActionDelete()函数的逻辑相同
解决方案2
1 2017-12-04 14:16:07
I am using SonataUserBundle along with FOSUserBundle and I ended up with the following solution. 我正在使用SonataUserBundle和FOSUserBundle,我最终得到了以下解决方案。
config.yml: config.yml:
parameters:
sonata.user.admin.user.controller: AppBundle:CRUD\CRUD
AppBundle\\Controller\\CRUD\\CRUDController: 的appbundle \\控制器\\ CRUD \\ CRUDController:
<?php
namespace AppBundle\Controller\CRUD;
use Sonata\AdminBundle\Controller\CRUDController as Controller;
use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
class CRUDController extends Controller
{
public function deleteAction($id)
{
$request = $this->getRequest();
$id = $request->get($this->admin->getIdParameter());
$object = $this->admin->getObject($id);
if (!$object) {
throw $this->createNotFoundException(sprintf('unable to find the object with id: %s', $id));
}
$currentUserId = $this->getUser()->getId(); // ID of the current user
if ($currentUserId == $id) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return $this->redirectTo($object);
}
return parent::deleteAction($id);
}
public function batchActionDelete(ProxyQueryInterface $query)
{
$request = $this->getRequest();
$currentUserId = $this->getUser()->getId(); // ID of the current user
$selectedUsers = $query->execute();
foreach ($selectedUsers as $selectedUser) {
if ($selectedUser->getId() == $currentUserId) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return new RedirectResponse(
$this->admin->generateUrl('list', array('filter' => $this->admin->getFilterParameters()))
);
}
}
return parent::batchActionDelete($query);
}
}
References: 参考文献:
- M Khalid Junaid's answer M Khalid Junaid的答案
- https://sonata-project.org/bundles/admin/3-x/doc/cookbook/recipe_custom_action.html (Sonata documentation) https://sonata-project.org/bundles/admin/3-x/doc/cookbook/recipe_custom_action.html(Sonata文档)
- https://sonata-project.org/bundles/user/2-0/doc/reference/advanced_configuration.html (advanced configuration) https://sonata-project.org/bundles/user/2-0/doc/reference/advanced_configuration.html (高级配置)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.