仅允许 ROLE_ADMIN 管理 Sonata Admin 中的用户
[英]Allow only ROLE_ADMIN to manage users in Sonata Admin
问题描述
I have a Symfony 5.4 project using sonata-project/admin-bundle 4.9 and sonata-project/user-bundle 5.0.0-rc.1 and I want to let only the users with role ROLE_ADMIN to manage the users (CREATE/LIST/EDIT/DELETE), for other roles I want to hide the navbar menu entry and the dashboard entry for "Users".
我有一个使用sonata-project/admin-bundle 4.9 和sonata-project/user-bundle 5.0.0-rc.1 的 Symfony 5.4 项目,我只想让具有角色ROLE_ADMIN的用户管理用户 (CREATE/LIST/编辑/删除),对于其他角色,我想隐藏导航栏菜单条目和“用户”的仪表板条目。
In my config/packages/sonata_admin.yml I tried to specify a sonata.user.block.menu entry as found in some old questions but it seems that it does not exists anymore as the following error is thrown:在我的config/packages/sonata_admin.yml ,我尝试指定一个sonata.user.block.menu条目,如在一些旧问题中找到的那样,但它似乎不再存在,因为抛出了以下错误:
An exception has been thrown during the rendering of a template ("The block type "sonata.user.block.menu" does not exist").
As default I had only one admin_list block, I tried adding a sonata.block.service.rss and it is shown correctly in the dashboard but I can't find how to manage the Users block.默认情况下,我只有一个 admin_list 块,我尝试添加一个 sonata.block.service.rss 并且它在仪表板中正确显示,但我找不到如何管理用户块。
sonata_admin:
title: 'Sonata Admin'
dashboard:
blocks:
- { type: sonata.admin.block.admin_list, position: left }
#- { type: sonata.user.block.menu, position: right, roles: [ROLE_ADMIN]}
#- { type: sonata.block.service.rss, position: right, roles: [ROLE_ADMIN]}
templates:
layout: sonataLayout.html.twig
sonata_block:
blocks:
sonata.admin.block.admin_list:
contexts: [admin]
Any hints?有什么提示吗? Explicative picture following.解释性图片如下。
2 个解决方案
解决方案1
1 2022-03-11 17:08:53
Note .
IMHO.
I only could suggest U -> go this "right way" (surely,IMHO)我只能建议 U -> go 这种“正确的方式”(当然,恕我直言)
- Create/manage the admin-menu with a event listener.使用事件侦听器创建/管理管理菜单。 U may read/check good example there Using events to allow a menu to be extended and the official -> Sonata Admin -> KnpMenu你可以在那里阅读/检查很好的例子 使用事件来允许扩展菜单和官方 -> Sonata Admin -> KnpMenu
With such approach -> U can easy manage menu items by your Roles.使用这种方法 -> U 可以通过您的角色轻松管理菜单项。 + other advantages surely + 肯定还有其他优势
From the very beginning -> create the custom templates.
从一开始 -> 创建自定义模板。 If U follow Flex & /templates/adminis the folder for Sonata Admin:如果你关注 Flex & /templates/admin是 Sonata Admin 的文件夹:// config/packages/sonata_admin: sonata_admin.... templates: .... layout: '/admin/standard_layout.html.twig' knp_menu_template: '/admin/menu/knp_menu.html.twig' dashboard: 'admin...
2* Eg to extend the default layout. 2* 例如扩展默认布局。 If your specific template do:如果您的特定模板执行以下操作:
{% extends '@SonataAdmin/standard_layout.html.twig' %}
{% block sonata_nav %}
...
After these steps -> much more easy to control views by your Roles
解决方案2
0 2022-03-14 15:01:31
So, as per documentation I added an event listener for the Menu and I was able to remove the entry from the left panel like this因此,根据文档,我为菜单添加了一个事件侦听器,并且能够像这样从左侧面板中删除条目
//src/EventListener/MenuBuilderListener.php
<?php
namespace App\EventListener;
use Sonata\AdminBundle\Event\ConfigureMenuEvent;
use Symfony\Component\Security\Core\Security;
final class MenuBuilderListener
{
private $security;
public function __construct( Security $security)
{
$this->security = $security;
}
public function manageMenuItems(ConfigureMenuEvent $event): void
{
$menu = $event->getMenu();
$user = $this->security->getUser();
if(!$user->hasRole("ROLE_ADMIN")){
$menu->removeChild('sonata_user');
}
}
}
With the service registered here使用此处注册的服务
//config/services.yaml
app.menu_listener:
class: App\EventListener\MenuBuilderListener
tags:
- { name: kernel.event_listener, event: sonata.admin.event.configure.menu.sidebar, method: manageMenuItems }
Then I added a firewall entry to manage permissions然后我添加了一个防火墙条目来管理权限
//config/packages/security.yaml
access_control:
- { path: ^/admin/app/sonatauseruser/, role: [ROLE_ADMIN]}
Till now I was not able to remove the Users entry from the dashboard, I tried to extend the dashboard twig template but it seems that the Users entry is added somehow later.到目前为止,我无法从仪表板中删除用户条目,我尝试扩展仪表板 twig 模板,但似乎稍后以某种方式添加了用户条目。
{% extends '@SonataAdmin/Core/dashboard.html.twig' %}
{% block content %}
{% set has_left = false %}
{% dump(blocks.left) %} //this shows only the admin group and not the user group
{% for block in blocks.left %}
{% if not has_left and (block.roles|length == 0 or is_granted_affirmative(block.roles)) %}
{% set has_left = true %}
{% endif %}
{% endfor %}
....
{{ sonata_block_render_event('sonata.admin.dashboard.top') }}
....
{{ sonata_block_render_event('sonata.admin.dashboard.bottom') }}
I also tried to bind both the render events.top and.bottom to a ConfigureEvent Listener but they are not fired (not sure if this is the right class of listener).我还尝试将 render events.top 和 .bottom 都绑定到 ConfigureEvent Listener 但它们没有被触发(不确定这是否是正确的 class 监听器)。
For now I found a sub optimal solution, I did an override of the userAdmin class like this现在我找到了一个次优的解决方案,我像这样覆盖了 userAdmin class
<?php
namespace App\Admin;
use Sonata\UserBundle\Admin\Model\UserAdmin as BaseType;
class UserAdmin extends BaseType
{
protected function configureDashboardActions(array $actions): array
{
$actions = parent::configureDashboardActions($actions);
unset($actions['list']);
unset($actions['create']);
return $actions;
}
}
And registered it in并将其注册在
//config/packages/sonata_user.yaml
sonata_user:
admin:
user:
class: App\Admin\UserAdmin
controller: SonataAdminBundle:CRUD
So the "Users" dashboard element is shown without any action available.因此,“用户”仪表板元素显示时没有任何可用操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.