Skip to content

Instantly share code, notes, and snippets.

@redleafar

redleafar/acl_edit_own_objects.md

Created September 19, 2016 00:03
Show Gist options
  • Save redleafar/8c6088c63419a3a9a392dba90d714aaf to your computer and use it in GitHub Desktop.
Save redleafar/8c6088c63419a3a9a392dba90d714aaf to your computer and use it in GitHub Desktop.
Download ZIP
Let Sonata admin users only edit entities they own
Raw
acl_edit_own_objects.md

First configure ACL permissions correctly:

https://sonata-project.org/bundles/admin/master/doc/reference/security.html

Remember these 3 things explained in the link:

*Install the ACL tables: php app/console init:acl

*If you have Admin classes, you can install or update the related CRUD ACL rules (I HAD PROBLEMS NOT EXECUTING THIS ONE, REMEMBER TO RUN IT):

$ php app/console sonata:admin:setup-acl

*If you already have objects, you can generate the object ACL rules for each object of an admin:

$ php app/console sonata:admin:generate-object-acl

Install the ACL extension for Sonata Admin

https://github.com/coopTilleuls/CoopTilleulsAclSonataAdminExtensionBundle

Install using dev-master for the bundle

After installation, when creating a user in the construct function you have to set the permissions for the necessary admins without the master. For instance if this is the configuration in config.yml: security: handler: sonata.admin.security.handler.acl # acl security information information: ADMIN: [MASTER] GUEST: [VIEW, LIST] STAFF: [EDIT, LIST, CREATE] EDITOR: [OPERATOR, EXPORT] You have to avoid the Admin (Master) permission. If you don’t, the user could see all the objects of the Admins configured.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment