- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我正在尝试实现自定义选民。
从 Controller 我这样称呼它:
$prj = $this->getDoctrine()->getRepository('AppBundle:Project')->findOneById($id);
if (false === $this->get('security.authorization_checker')->isGranted('responsible', $prj)) {
throw new AccessDeniedException('Unauthorised access!');
}
<?php
namespace AppBundle\Security\Authorization\Voter;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\User\UserInterface;
class ProjectVoter implements VoterInterface
{
const RESPONSIBLE = 'responsible';
const ACCOUNTABLE = 'accountable';
const SUPPORT = 'support';
const CONSULTED = 'consulted';
const INFORMED = 'informed';
public function supportsAttribute($attribute)
{
return in_array($attribute, array(
self::RESPONSIBLE,
self::ACCOUNTABLE,
self::SUPPORT,
self::CONSULTED,
self::INFORMED,
));
}
public function supportsClass($class)
{
$supportedClass = 'AppBundle\Entity\Project';
return $supportedClass === $class || is_subclass_of($class, $supportedClass);
}
/**
* @var \AppBundle\Entity\Project $project
*/
public function vote(TokenInterface $token, $project, array $attributes)
{
// check if class of this object is supported by this voter
if (!$this->supportsClass(get_class($project))) {
return VoterInterface::ACCESS_ABSTAIN;
}
// check if the voter is used correct, only allow one attribute
// this isn't a requirement, it's just one easy way for you to
// design your voter
if (1 !== count($attributes)) {
throw new \InvalidArgumentException(
'Only one attribute is allowed'
); //in origin it was 'for VIEW or EDIT, which were the supported attributes
}
// set the attribute to check against
$attribute = $attributes[0];
// check if the given attribute is covered by this voter
if (!$this->supportsAttribute($attribute)) {
return VoterInterface::ACCESS_ABSTAIN;
}
// get current logged in user
$user = $token->getUser();
// make sure there is a user object (i.e. that the user is logged in)
if (!$user instanceof UserInterface) {
return VoterInterface::ACCESS_DENIED;
}
$em = $this->getDoctrine()->getManager();
$projects = $em->getRepository('AppBundle:Project')->findPrjByUserAndRole($user, $attribute);
foreach ($projects as $key => $prj) {
if ($prj['id'] === $project['id'])
{
$granted = true;
$index = $key; // save the index of the last time a specifif project changed status
}
}
if($projects[$index]['is_active']===true) //if the last status is active
return VoterInterface::ACCESS_GRANTED;
else
return VoterInterface::ACCESS_DENIED;
}
}
Attempted to call method "getDoctrine" on class "AppBundle\Security\Authorization\Voter\ProjectVoter".
最佳答案
我解决了。这很奇怪:我花了几个小时或几天来解决一个问题,然后在这里发布一个问题,然后我在一个小时内自己解决了:/
我需要在我的选民课中添加以下内容:
public function __construct(EntityManager $em)
{
$this->em = $em;
}
use Doctrine\ORM\EntityManager;
security.access.project_voter:
class: AppBundle\Security\Authorization\Voter\ProjectVoter
arguments: [ @doctrine.orm.entity_manager ]
public: false
tags:
- { name: security.voter }
关于Symfony2 自定义选民 : cannot have access to getDoctrine from inside the Voter,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27509363/
我已经实现了一个投票系统来检查用户是否可以查看他没有订阅的帖子。我在 Controller 的一个 Action 中调用它。 $this->denyAccessUnlessGranted('view'
我正在尝试使用 Java Config 设置一个 Spring Security 3.2 项目,根本不使用 XML。我想要一个支持 RoleHierarchyVoter 和 AclEntryVoter
我有属于特定用户的帖子。我创建了一个投票器来检查用户是否拥有帖子,但我也希望管理员(即 ROLE_ADMIN 及以上)能够访问所有帖子。 我已按照 How to Use Voters to Check
我想在 API PLATFORM 中使用 symfony 选民。当我在 itempsOperations(GET、PUT、DELETE)上使用它时没有任何问题,但是当我在 collectionOper
关闭。这个问题需要更多focused .它目前不接受答案。 想改进这个问题吗? 更新问题,使其只关注一个问题 editing this post . 关闭 7 年前。 Improve this qu
我是一名优秀的程序员,十分优秀!