FOSCommentBundle访问控制回复,删除和编辑评论

时间:2015-05-19 16:02:16

标签: symfony php-5.4 foscommentbundle

我已在我的symfony2.3项目上成功安装了FOSComentBundle。 我已将FOSCommentBundle与FOSUserBundle集成,然后我添加了基于角色的ACL安全性。我已经看到可以控制的操作是:create,view,delete,edit。 我想仅显示管理员的回复按钮,但我还没有找到如何为回复事件添加访问角色。 这是我的配置文件:

acl: true
service:
    acl:
        thread:  fos_comment.acl.thread.roles
        comment: fos_comment.acl.comment.roles
        vote:    fos_comment.acl.vote.roles
    manager:
        thread:  fos_comment.manager.thread.acl
        comment: fos_comment.manager.comment.acl
        vote:    fos_comment.manager.vote.acl
acl_roles:
    comment:
        create: IS_AUTHENTICATED_ANONYMOUSLY
        view: IS_AUTHENTICATED_ANONYMOUSLY
        edit: ROLE_ADMIN
        delete: ROLE_ADMIN
    thread:
        create: IS_AUTHENTICATED_ANONYMOUSLY
        view: IS_AUTHENTICATED_ANONYMOUSLY
        edit: ROLE_ADMIN
        delete: ROLE_ADMIN
    vote:
        create: IS_AUTHENTICATED_ANONYMOUSLY
        view: IS_AUTHENTICATED_ANONYMOUSLY
        edit: ROLE_ADMIN
        delete: ROLE_ADMIN

我必须覆盖任何课程吗?是否有回复按钮的文档?

1 个答案:

答案 0 :(得分:1)

在查看jlc = JenkinsLocationConfiguration.get() // ... jlc.save() 后,我找到了解决问题的方法:

<强> 1。首先,您必须覆盖FOSCommentBundle : 通过在MyBundle中创建名为Acl的文件夹。在这个文件夹中,我创建了一个名为 RoleCommentAcl

的php类 
RoleCommentAcl

}

<强> 2。然后,您必须向services.xml添加访问权限: 

namespace MyProject\MyBundle\Acl;

use FOS\CommentBundle\Acl\RoleCommentAcl as BaseRoleCommentAcl;
use FOS\CommentBundle\Model\CommentInterface;
use FOS\CommentBundle\Model\SignedCommentInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;

class RoleCommentAcl extends BaseRoleCommentAcl {

/**
 * The current Security Context.
 *
 * @var SecurityContextInterface
 */
private $securityContext;

/**
 * Constructor.
 *
 * @param SecurityContextInterface $securityContext
 * @param string                   $createRole
 * @param string                   $viewRole
 * @param string                   $editRole
 * @param string                   $deleteRole
 * @param string                   $commentClass
 */
public function __construct(SecurityContextInterface $securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass
) {
    parent::__construct(
            $securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass);

    $this->securityContext = $securityContext;
}

/**
 * Checks if the Security token has an appropriate role to edit the supplied Comment.
 *
 * @param  CommentInterface $comment
 * @return boolean
 */
public function canEdit(CommentInterface $comment) {
    // the comment owner can edit the comment whenever he want.
    if ($comment instanceof SignedCommentInterface) {
        if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
            return true;
        }
    }
    return parent::canEdit($comment);
}

/**
 * Checks if the Security token is allowed to delete a specific Comment.
 *
 * @param  CommentInterface $comment
 * @return boolean
 */
public function canDelete(CommentInterface $comment) {
     // the comment owner can delete the comment
    if ($comment instanceof SignedCommentInterface) {
        if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
            return true;
        }
    }
    return parent::canDelete($comment);
}

/**
 * Checks if the Security token is allowed to reply to a parent comment.
 *
 * @param  CommentInterface|null $parent
 * @return boolean
 */
public function canReply(CommentInterface $parent = null) {

    if ($parent instanceof SignedCommentInterface) {
          //only the comment owner or the admin can reply to the comment.
        if ($parent->getAuthor() == $this->securityContext->getToken()->getUser() ||
                $this->securityContext->isGranted('ROLE_ADMIN')) {
            return true;
        }
    }
     if($parent !=null) {
       // if the user have no access to reply then return false.
          return false;
     }  
   //this ligne allow all users to post new comments.
    return parent::canCreate();
}

PS:如果您正在使用service.yml,则可以将此xml文件转换为yaml但如果要使用<?xml version="1.0" ?> <container xmlns="http://symfony.com/schema/dic/services" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"> <services> <service id="myproject.name_bundle.acl.comment.roles" class="MyProject\MyBundle\Acl\RoleCommentAcl" public="false"> <argument type="service" id="security.context" /> <argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- Create role --> <argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- View role --> <argument>ROLE_ADMIN</argument> <!-- Edit role --> <argument>ROLE_ADMIN</argument> <!-- Delete role --> <argument>%fos_comment.model.comment.class%</argument> </service> </services> </container> ,则必须将配置集更改为 DependencyInjection :

services.xml

打开您的页面,您会发现只有评论所有者和管理员用户才能访问回复。此外,只有评论所有者和管理员才能显示删除和编辑。

相关问题
最新问题