[英]Allow only ROLE_ADMIN to manage users in Sonata Admin
I have a Symfony 5.4 project using sonata-project/admin-bundle
4.9 and sonata-project/user-bundle
5.0.0-rc.1 and I want to let only the users with role ROLE_ADMIN
to manage the users (CREATE/LIST/EDIT/DELETE), for other roles I want to hide the navbar menu entry and the dashboard entry for "Users".我有一个使用
sonata-project/admin-bundle
4.9 和sonata-project/user-bundle
5.0.0-rc.1 的 Symfony 5.4 项目,我只想让具有角色ROLE_ADMIN
的用户管理用户 (CREATE/LIST/编辑/删除),对于其他角色,我想隐藏导航栏菜单条目和“用户”的仪表板条目。
In my config/packages/sonata_admin.yml
I tried to specify a sonata.user.block.menu
entry as found in some old questions but it seems that it does not exists anymore as the following error is thrown:在我的
config/packages/sonata_admin.yml
,我尝试指定一个sonata.user.block.menu
条目,如在一些旧问题中找到的那样,但它似乎不再存在,因为抛出了以下错误:
An exception has been thrown during the rendering of a template ("The block type "sonata.user.block.menu" does not exist").
As default I had only one admin_list block, I tried adding a sonata.block.service.rss and it is shown correctly in the dashboard but I can't find how to manage the Users block.默认情况下,我只有一个 admin_list 块,我尝试添加一个 sonata.block.service.rss 并且它在仪表板中正确显示,但我找不到如何管理用户块。
sonata_admin:
title: 'Sonata Admin'
dashboard:
blocks:
- { type: sonata.admin.block.admin_list, position: left }
#- { type: sonata.user.block.menu, position: right, roles: [ROLE_ADMIN]}
#- { type: sonata.block.service.rss, position: right, roles: [ROLE_ADMIN]}
templates:
layout: sonataLayout.html.twig
sonata_block:
blocks:
sonata.admin.block.admin_list:
contexts: [admin]
Any hints?有什么提示吗? Explicative picture following.
解释性图片如下。
Note .
注意。 "Disabled both based on Role".
“根据角色禁用两者”。 It`s not "just add/change 2 lines"
它不是“只是添加/更改 2 行”
IMHO.
恕我直言。 "Basic" Sonata Admin`s configuration isn't too obvious.
“基本”Sonata Admin 的配置不太明显。 Therefore customize as much as possible -> to have more control.
因此尽可能定制 -> 以获得更多控制。
I only could suggest U -> go this "right way" (surely,IMHO)我只能建议 U -> go 这种“正确的方式”(当然,恕我直言)
With such approach -> U can easy manage menu items by your Roles.使用这种方法 -> U 可以通过您的角色轻松管理菜单项。 + other advantages surely
+ 肯定还有其他优势
From the very beginning -> create the custom templates.从一开始 -> 创建自定义模板。 If U follow Flex &
/templates/admin
is the folder for Sonata Admin:如果你关注 Flex &
/templates/admin
是 Sonata Admin 的文件夹:
// config/packages/sonata_admin: sonata_admin.... templates: .... layout: '/admin/standard_layout.html.twig' knp_menu_template: '/admin/menu/knp_menu.html.twig' dashboard: 'admin...
2* Eg to extend the default layout. 2* 例如扩展默认布局。 If your specific template do:
如果您的特定模板执行以下操作:
{% extends '@SonataAdmin/standard_layout.html.twig' %}
{% block sonata_nav %}
...
After these steps -> much more easy to control views by your Roles
在这些步骤之后 - >更容易通过您的角色控制视图
So, as per documentation I added an event listener for the Menu and I was able to remove the entry from the left panel like this因此,根据文档,我为菜单添加了一个事件侦听器,并且能够像这样从左侧面板中删除条目
//src/EventListener/MenuBuilderListener.php
<?php
namespace App\EventListener;
use Sonata\AdminBundle\Event\ConfigureMenuEvent;
use Symfony\Component\Security\Core\Security;
final class MenuBuilderListener
{
private $security;
public function __construct( Security $security)
{
$this->security = $security;
}
public function manageMenuItems(ConfigureMenuEvent $event): void
{
$menu = $event->getMenu();
$user = $this->security->getUser();
if(!$user->hasRole("ROLE_ADMIN")){
$menu->removeChild('sonata_user');
}
}
}
With the service registered here使用此处注册的服务
//config/services.yaml
app.menu_listener:
class: App\EventListener\MenuBuilderListener
tags:
- { name: kernel.event_listener, event: sonata.admin.event.configure.menu.sidebar, method: manageMenuItems }
Then I added a firewall entry to manage permissions然后我添加了一个防火墙条目来管理权限
//config/packages/security.yaml
access_control:
- { path: ^/admin/app/sonatauseruser/, role: [ROLE_ADMIN]}
Till now I was not able to remove the Users entry from the dashboard, I tried to extend the dashboard twig template but it seems that the Users entry is added somehow later.到目前为止,我无法从仪表板中删除用户条目,我尝试扩展仪表板 twig 模板,但似乎稍后以某种方式添加了用户条目。
{% extends '@SonataAdmin/Core/dashboard.html.twig' %}
{% block content %}
{% set has_left = false %}
{% dump(blocks.left) %} //this shows only the admin group and not the user group
{% for block in blocks.left %}
{% if not has_left and (block.roles|length == 0 or is_granted_affirmative(block.roles)) %}
{% set has_left = true %}
{% endif %}
{% endfor %}
....
{{ sonata_block_render_event('sonata.admin.dashboard.top') }}
....
{{ sonata_block_render_event('sonata.admin.dashboard.bottom') }}
I also tried to bind both the render events.top and.bottom to a ConfigureEvent Listener but they are not fired (not sure if this is the right class of listener).我还尝试将 render events.top 和 .bottom 都绑定到 ConfigureEvent Listener 但它们没有被触发(不确定这是否是正确的 class 监听器)。
For now I found a sub optimal solution, I did an override of the userAdmin class like this现在我找到了一个次优的解决方案,我像这样覆盖了 userAdmin class
<?php
namespace App\Admin;
use Sonata\UserBundle\Admin\Model\UserAdmin as BaseType;
class UserAdmin extends BaseType
{
protected function configureDashboardActions(array $actions): array
{
$actions = parent::configureDashboardActions($actions);
unset($actions['list']);
unset($actions['create']);
return $actions;
}
}
And registered it in并将其注册在
//config/packages/sonata_user.yaml
sonata_user:
admin:
user:
class: App\Admin\UserAdmin
controller: SonataAdminBundle:CRUD
So the "Users" dashboard element is shown without any action available.因此,“用户”仪表板元素显示时没有任何可用操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.