【发布时间】:2023-03-25 06:15:02
【问题描述】:
我正在尝试配置 SonataAdmin 以显示不同角色的某些实体管理。阅读奏鸣曲文档,stackoverflow上的大量QnA,找不到问题...
问题:
如果我以 ROLE_ADMIN 用户身份登录,我可以看到所有块,所以奏鸣曲管理员工作正常。但是如果我用其他用户登录,我只会看到没有块的空白页面。我想说我只需要将角色 ROLE_SONATA_CONTRACT 添加到我的用户,但由于它不起作用,我尝试了所有我能想到的角色,包括在用户管理表单中自动生成的所有角色。
我可以从配置中提供更多信息,现在我只是复制了我认为相关的部分。
我的配置:
参考:http://sonata-project.org/bundles/admin/master/doc/reference/security.html#role-handler
# services.yml
services:
sonata.block.admin.contract:
class: STH\OrderBundle\Admin\ContractAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Orders", label: "Orders" }
arguments: [null, STH\OrderBundle\Entity\Contract, SonataAdminBundle:CRUD ]
# security.yml
role_hierarchy:
ROLE_SONATA_CONTRACT:
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_VIEW
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_GUEST
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH, ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT, ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT]
ROLE_SUPER_ADMIN: ROLE_ADMIN
SONATA:
- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
- ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT
access_decision_manager:
strategy: unanimous
# config.yml
security:
handler: sonata.admin.security.handler.role
# acl security information
information:
GUEST: [VIEW, LIST]
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER, ROLE_ADMIN]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
系统:Symfony 2.5.2、SonataAdminBundle、SonataUserBundle、FOSUserBundle。
【问题讨论】:
标签: symfony roles sonata-admin