我正在尝试配置SonataAdmin以显示不同角色的某些实体管理。阅读sonata文档,在stackoverflow上有很多QnA,找不到问题......
如果我以ROLE_ADMIN用户身份登录,我可以看到所有块,因此奏鸣曲管理员工作正常。但是如果我和其他用户一起登录,我只看到没有块的空白页面。我想我只需要将角色ROLE_SONATA_CONTRACT添加到我的用户,但由于它不起作用,我尝试了我能想到的每个角色,包括用户管理表单中自动生成的所有角色。
我可以从配置中提供更多信息,现在我只是复制了我认为相关的部分。
参考:http://sonata-project.org/bundles/admin/master/doc/reference/security.html#role-handler
# services.yml
services:
sonata.block.admin.contract:
class: STH\OrderBundle\Admin\ContractAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Orders", label: "Orders" }
arguments: [null, STH\OrderBundle\Entity\Contract, SonataAdminBundle:CRUD ]
# security.yml
role_hierarchy:
ROLE_SONATA_CONTRACT:
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_VIEW
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_GUEST
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH, ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT, ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT]
ROLE_SUPER_ADMIN: ROLE_ADMIN
SONATA:
- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
- ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT
access_decision_manager:
strategy: unanimous
# config.yml
security:
handler: sonata.admin.security.handler.role
# acl security information
information:
GUEST: [VIEW, LIST]
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER, ROLE_ADMIN]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
系统:Symfony 2.5.2,SonataAdminBundle,SonataUserBundle,FOSUserBundle。
答案 0 :(得分:0)
我认为你没有正确定义你的角色hierearchies。你尝试过这样的事情吗?
role_hierarchy:
ROLE_USER: [ROLE_SONATA_BLOCK_ADMIN_CONTRACT_VIEW,ROLE_SONATA_BLOCK_ADMIN_CONTRACT_GUEST ]
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
只是为了触发有关定义层次结构的方式的一些见解。希望它有所帮助。