stackoom
  简体   繁体   中英

Sonata Admin Bundle ACL don't grant edit

 原文  2017-11-05 11:08:06       symfony/ acl/ sonata-admin/ sonata/ sonata-user-bundle

Question

I integrated the Sonata Admin Bundle with ACL, and have the following configs:

config.yml 

sonata_admin:
    security:
       handler: sonata.admin.security.handler.acl

       # acl security information
       information:
           GUEST:    [VIEW, LIST]
           MAINTAINER:    [EDIT, LIST]
           STAFF:    [EDIT, LIST, CREATE]
           EDITOR:   [OPERATOR, EXPORT]
           ADMIN:    [MASTER]

      # permissions not related to an object instance and also to be available when objects do not exist
      # the DELETE admin permission means the user is allowed to batch delete objects
      admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]

      # permission related to the objects
      object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]

security.yml

security: 

role_hierarchy:
    ROLE_OPERATOR:
        - ROLE_ADMIN_BOOKING_ADMIN
        - ROLE_ADMIN_PAYMENT_ADMIN

The flow is we create a booking object via BookingAdmin class and in postPersist doctrine event listener I create the payment Object. 

$payment = new Payment();
//... set here
$this->entityManager->persist($payment);
$this->entityManager->flush();

The problem is in list I'm not able to see the edit button, but I can delete.

And when run manual the command: 

php bin/console sonata:admin:generate-object-acl

after that I'm able to see the edit button.

What I do wrong here ? Because I'm logged with the same user.

EDIT

After few research I found the next problem https://sonata-project.org/bundles/admin/2-3/doc/reference/security.html#acl-and-friendsofsymfony-userbundle

A listener must be implemented that creates the object Access Control List with the required rules if objects are created outside the Admin

What this mean, and how I should do in listener to take the correct ACL role?

1 answers

solution1
 0  2017-11-06 07:57:55

我认为您没有足够详细地说明允许的操作...仅使用“ ROLE_ADMIN_BOOKING_ADMIN”指向管理员...在文档之后,配置应为“ ROLE_ADMIN_BOOKING_ADMIN_EDIT”,例如,以允许该角色编辑您的管理员...编写“ ROLE_ADMIN_BOOKING_ADMIN_ALL”以允许编辑所有内容...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Edit Object Sonata admin bundle Sonata Admin Bundle grant permissions to a custom admin role Sonata Admin Bundle loosing filter settings on edit Custom action in the edit view of sonata admin Bundle Sonata Admin: Let users only edit entities they own (ACL) sonata admin bundle acl-class-field and acl-object-field Sonata admin bundle, how do not show any results and don't execute any query to DB if user don't select any filters? How to edit sonata user with avatar outside admin bundle Add custom button to edit page of sonata admin bundle Sonata Admin User - ACL Setup
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM