2017 © Pedro Peláez
 

symfony-bundle acl-sonata-admin-extension-bundle

ACL list filtering for SonataAdmin with MASTER ACL

image

mrgreenstuff/acl-sonata-admin-extension-bundle

ACL list filtering for SonataAdmin with MASTER ACL

  • Sunday, January 26, 2014
  • by MrGreenStuff
  • Repository
  • 2 Watchers
  • 4 Stars
  • 73 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 16 Forks
  • 0 Open issues
  • 2 Versions
  • 6 % Grown

The README.md

ACL extension for Sonata Admin

This bundle is a fork of CoopTilleulsAclSonataAdminExtensionBundle

This bundle provides ACL list filtering for SonataAdminBundle. When enabled, list screens only display data the logged in user has right to view., (*1)

This bundle is a good complementary of the SonataAdminBundle ACL editor., (*2)

SensioLabsInsight, (*3)

Install

Be sure that SonataAdminBundle is working and has ACL enabled., (*4)

Install this bundle using composer:, (*5)

composer require mrgreenstuff/acl-sonata-admin-extension-bundle

Register the bundle in your AppKernel:, (*6)

// app/AppKernel.php

public function registerBundles()
{
    return array(
        // ...
        new MrGreenStuff\Bundle\AclSonataAdminExtensionBundle\MrGreenStuffAclSonataAdminExtensionBundle(),
        // ...
    );
}

Enable

This extension is automatically enabled for all admins., (*7)

Special case (Master ACL Entity)

Enhancement By JUILLARD YOANN

Application example :

3 Tables : Shop, Product and Country

  • Between this tables relation ManyToOne (1 Country have N Shop) (1 Shop have N products). It should be work on all relation types but it's not tested.

4 Users :

  • Admin (SUPER_ADMIN)
  • MainManager (NOT SUPER ADMIN !)
  • EnglandManager
  • FranceManager

Behavior expected :

  • MainManager have OPERATOR ACL on all Countries so he can access to all shop and products of the matching country (even if ACL record for him not exists but because they have ACL access to the parent or the grand parent in this case all countries)
  • EnglandManager or FranceManager can acces to all shop and products of the matching coutry (even if the products or shop has been created by MainManager or the SUPER_ADMIN without ACLs for this users but because they have ACL acces to the parent or the grand parent in this case only one country)
  • Admin keep SUPER_ADMIN role (normal behavior)

Configuration :

  • Create method : getMasterAclClass() on your sonata admin classes (only classes where you want to enabled the behavior). This method must return a string of master entity ACL like :
/*In Shop and Product admin classes*/
public function getMasterAclClass(){
    return 'Acme\DemoBundle\Entity\Country';
}
  • Create method getMasterAclPath() on your sonata admin classes (only classes where you want to enabled the behavior). This method must return a array like :
/*In Shop admin class*/
public function getMasterAclPath(){
    return  array(
                array('coutry','c')
                );
}
//Where 'country' is the property name of the Shop entity who made the relation with Country Entity and 'c' a unique identifier (IMPORTANT the unique shortcut identifier CANNOT BE 'o' because 'o' is the default identifier of Sonata Admin)

/*In Product admin class*/
public function getMasterAclPath(){
    return  array(
                 array('shop','s'),
                 array('coutry','c')
                );
}

BE CAREFULL WHITH ORDER IN ARRAY IT MUST BE parent->grandParent->grandGrandParent... untill the MASTER ACL CLASS DEFINED ABOVE

DISABLED STRICT MODE (Enabled by default)

When an child object of master ACL is created by an user the ACL is still added like without the bundle. When you delete the ACL acces to one record of the master class the users still can't acces to record created by him before the ACL master update (Even if ACL record defined him as owner). If you want that users still can access to child record created by him before the ACL master update you have to disabled the stict mode :, (*8)

To do this write the method getMasterAclStrict() in the admin class., (*9)

public function getMasterAclStrict(){
    return false;
}

Credits

Created by Kévin Dunglas for La Coopérative des Tilleuls., (*10)

Enhanced by JUILLARD Yoann, (*11)

The Versions

26/01 2014

dev-master

9999999-dev http://www.agence-web-grenoble.fr

ACL list filtering for SonataAdmin with MASTER ACL

  Sources   Download

MIT

The Requires

 

acl admin sonata

11/01 2014

dev-merge

dev-merge http://les-tilleuls.coop

ACL list filtering for SonataAdmin

  Sources   Download

MIT

The Requires

 

acl admin sonata