我正在开发一个Symfony项目,我必须管理角色。 我想使用Sonata ACL,但无法使其工作。
拥有ROLE_CONTACT的用户应该能够列出,创建和编辑用户,但他只能列出并添加用户。
我按照文档here。
这是我的代码。
security.yml
role_hierarchy:
ROLE_TRADUCTEUR: [ROLE_USER]
ROLE_CONTACT:
- ROLE_SONATA_ADMIN
- ROLE_SONATA_ADMIN_USER_STAFF
- ...
acl:
connection: default
services.yml
parameters:
# parameter_name: value
security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap
sonata.admin.security.mask.builder.class: Sonata\AdminBundle\Security\Acl\Permission\MaskBuilder
sonata_admin.yml(包含在config.yml中)
sonata_admin:
templates:
layout: SonataAdminBundle::extend_layout.html.twig
security:
handler: sonata.admin.security.handler.acl
# acl security information
information:
GUEST: [VIEW, LIST]
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]