作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我开始使用 SonataAdminBundle在 Symfony2.1 应用。我开发的所有Admin
类,现在我希望添加角色以防止对此类用户组(例如非管理员用户)进行查看、列出和编辑操作。
请注意,我没有使用 SonataUserBundle(派生自 FOSUserBundle),我想使用 sonata.admin.security.handler.role
Sonata 提供的安全处理程序:ACL 对于我的小项目来说太强大了(并提供了很多开销)。
我自己的 UserBundle 提供了 User 类和 Group 类(最后用来指定每个用户的角色)。角色层次结构在我的 security.yml 文件中提供,例如:
security:
role_hierarchy:
ROLE_POST_AUTHOR: ROLE_USER
ROLE_ADMIN: [ ROLE_USER, ROLE_POST_AUTHOR]
ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
sonata_admin:
security:
handler: sonata.admin.security.handler.role
最佳答案
尝试使用 ROLE_<service.name>_<RIGHT>
创建角色在哪里
<service.name>
是您的奏鸣曲管理服务名称的大写字母和点替换的下划线版本 <RIGHT>
是 ( reference ) 之一:CREATE
DELETE
EDIT
LIST
VIEW
EXPORT
OPERATOR
MASTER
role_hierarchy:
ROLE_MANAGER:
- ROLE_USER
- ROLE_SONATA_STUFF # have no effect on the UI
- ROLE_SONATA_ADMIN # with this role you have a nice navbar with search box
# user
- ROLE_SONATA_ADMIN_USER_LIST
- ROLE_SONATA_ADMIN_USER_VIEW
# product
- ROLE_SONATA_ADMIN_PRODUCT_LIST
- ROLE_SONATA_ADMIN_PRODUCT_VIEW
- ROLE_SONATA_ADMIN_PRODUCT_EDIT
# product category
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_LIST
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_VIEW
ROLE_ADMIN:
- ROLE_SONATA_ADMIN # with this role you have a nice navbar with search box
# user
- ROLE_SONATA_ADMIN_USER_CREATE
- ROLE_SONATA_ADMIN_USER_DELETE
- ROLE_SONATA_ADMIN_USER_EDIT
- ROLE_SONATA_ADMIN_USER_LIST
- ROLE_SONATA_ADMIN_USER_VIEW
- ROLE_SONATA_ADMIN_USER_EXPORT
- ROLE_SONATA_ADMIN_USER_OPERATOR
- ROLE_SONATA_ADMIN_USER_MASTER
# product
- ROLE_SONATA_ADMIN_PRODUCT_CREATE
- ROLE_SONATA_ADMIN_PRODUCT_DELETE
- ROLE_SONATA_ADMIN_PRODUCT_EDIT
- ROLE_SONATA_ADMIN_PRODUCT_LIST
- ROLE_SONATA_ADMIN_PRODUCT_VIEW
- ROLE_SONATA_ADMIN_PRODUCT_EXPORT
- ROLE_SONATA_ADMIN_PRODUCT_OPERATOR
- ROLE_SONATA_ADMIN_PRODUCT_MASTER
# product category
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_CREATE
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_DELETE
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_EDIT
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_LIST
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_VIEW
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_EXPORT
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_OPERATOR
- ROLE_SONATA_ADMIN_PRODUCT_CATEGORY_MASTER
# purchase
- ROLE_SONATA_ADMIN_PURCHASE_CREATE
- ROLE_SONATA_ADMIN_PURCHASE_DELETE
- ROLE_SONATA_ADMIN_PURCHASE_EDIT
- ROLE_SONATA_ADMIN_PURCHASE_LIST
- ROLE_SONATA_ADMIN_PURCHASE_VIEW
- ROLE_SONATA_ADMIN_PURCHASE_EXPORT
- ROLE_SONATA_ADMIN_PURCHASE_OPERATOR
- ROLE_SONATA_ADMIN_PURCHASE_MASTER
# payment
- ROLE_SONATA_ADMIN_PAYMENT_CREATE
- ROLE_SONATA_ADMIN_PAYMENT_DELETE
- ROLE_SONATA_ADMIN_PAYMENT_EDIT
- ROLE_SONATA_ADMIN_PAYMENT_LIST
- ROLE_SONATA_ADMIN_PAYMENT_VIEW
- ROLE_SONATA_ADMIN_PAYMENT_EXPORT
- ROLE_SONATA_ADMIN_PAYMENT_OPERATOR
- ROLE_SONATA_ADMIN_PAYMENT_MASTER
# notification: email template
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_CREATE
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_DELETE
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_EDIT
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_LIST
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_VIEW
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_EXPORT
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_OPERATOR
- ROLE_SONATA_ADMIN_NOTIFICATION_EMAIL_TEMPLATE_MASTER
ROLE_SUPER_ADMIN:
- ROLE_ADMIN
- ROLE_ALLOWED_TO_SWITCH
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_SONATA_ADMIN }
sonata.admin.user:
class: Acme\AdminBundle\Admin\UserAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "User", label: "User" }
arguments:
- ~
- Acme\UserBundle\Entity\User
- ~
calls:
- [ setTranslationDomain, [AcmeAdminBundle]]
sonata.admin.product:
class: Acme\AdminBundle\Admin\ProductAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Store", label: "Product" }
arguments:
- ~
- Acme\StoreBundle\Entity\Product
- ~
calls:
- [ setTranslationDomain, [AcmeAdminBundle]]
sonata.admin.product_category:
class: Acme\AdminBundle\Admin\ProductCategoryAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Store", label: "Category" }
arguments:
- ~
- Acme\StoreBundle\Entity\ProductCategory
- ~
calls:
- [ setTranslationDomain, [AcmeAdminBundle]]
sonata.admin.purchase:
class: Acme\AdminBundle\Admin\PurchaseAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Store", label: "Purchase" }
arguments:
- ~
- Acme\StoreBundle\Entity\Purchase
- ~
calls:
- [ setTranslationDomain, [AcmeAdminBundle]]
sonata.admin.payment:
class: Acme\AdminBundle\Admin\PaymentAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Payment", label: "Payment" }
arguments:
- ~
- Acme\PaymentBundle\Entity\Payment
- ~
calls:
- [ setTranslationDomain, [AcmeAdminBundle]]
sonata.admin.notification.email_template:
class: Acme\AdminBundle\Admin\Notification\EmailTemplateAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Notification", label: "Email Template" }
arguments:
- ~
- Acme\NotificationBundle\Entity\EmailTemplate
- ~
calls:
- [ setTranslationDomain, [AcmeAdminBundle]]
关于symfony - 如何在 SonataAdminBundle 中使用角色,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14154505/
我是一名优秀的程序员,十分优秀!