我正在尝试配置SonataAdmin以显示不同角色的某些实体管理 . 阅读sonata文档,stackoverflow上有很多QnA,找不到问题...
问题:
如果我以ROLE_ADMIN用户身份登录,我可以看到所有块,所以sonata admin工作正常 . 但是如果我和其他用户一起登录,我只看到没有块的空白页面 . 我想我只需要将角色ROLE_SONATA_CONTRACT添加到我的用户,但由于它不起作用,我尝试了我能想到的每个角色,包括用户管理表单中自动生成的所有角色 .
我可以从配置中提供更多信息,现在我只是复制了我认为相关的部分 .
我的配置:
参考:http://sonata-project.org/bundles/admin/master/doc/reference/security.html#role-handler
# services.yml
services:
sonata.block.admin.contract:
class: STH\OrderBundle\Admin\ContractAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Orders", label: "Orders" }
arguments: [null, STH\OrderBundle\Entity\Contract, SonataAdminBundle:CRUD ]
# security.yml
role_hierarchy:
ROLE_SONATA_CONTRACT:
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_VIEW
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_GUEST
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH, ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT, ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT]
ROLE_SUPER_ADMIN: ROLE_ADMIN
SONATA:
- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
- ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT
access_decision_manager:
strategy: unanimous
# config.yml
security:
handler: sonata.admin.security.handler.role
# acl security information
information:
GUEST: [VIEW, LIST]
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER, ROLE_ADMIN]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
系统:Symfony 2.5.2,SonataAdminBundle,SonataUserBundle,FOSUserBundle .
1 回答
我认为你没有正确定义你的角色hierearchies . 你尝试过类似的东西:
只是为了触发有关定义层次结构的方式的一些见解 . 希望能帮助到你 .