如何解决Symfony 4.4 Easyadmin:设置权限以仅访问我拥有的实体
我有一个同事实体,该实体与用户实体具有多对一关系。 我只想访问已标识用户的同事。 这适用于所有CRUD权限:列出,编辑,更新,删除。
我已经尝试了很多事情,例如easy_admin.yaml中的DQL过滤器,但是我无法设法获得经过身份验证的用户ID。 我是Symfony初级,所以我不知道该怎么做,必须使用Easyadmin。 所以,看来我不能使用ColleagueController.php。也许与ColleagueRepository.php合作? 目前,所有内容都在easy_admin.yaml中配置:
easy_admin:
design:
templates:
label_null: 'null_value.html.twig'
entities:
Colleague:
class: App\Entity\Colleague
list:
# dql_filter: "entity.user = 15"
# dql_filter: "entity.user = '%env(AUTHENTICATED_USER)%'"
# dql_filter: "entity.user = (SELECT id FROM user WHERE email = '%env(AUTHENTICATED_USER)%')"
# dql_filter: "entity.user = (SELECT id FROM App\Entity\User WHERE email = 'aaa@gmail.com')"
fields:
- user
- name
- role
- notes
- { property: 'thumbnail',type: 'image',base_path: '%uploads_path%' }
actions: ['show','edit','delete']
form:
fields:
- user
- name
- role
- notes
- { property: 'thumbnailFile',type: 'vich_image' }
show:
fields:
- user
- name
- role
- notes
- { property: 'thumbnail',base_path: '%uploads_path%' }
还有我的Entity \ Colleague.php:
<?php
namespace App\Entity;
use App\Repository\ColleagueRepository;
use Doctrine\ORM\Mapping as ORM;
use Vich\UploaderBundle\Mapping\Annotation as Vich;
use Symfony\Component\HttpFoundation\File\File;
/**
* @ORM\Entity(repositoryClass=ColleagueRepository::class)
* @Vich\Uploadable
*/
class Colleague
{
/**
* @ORM\Id()
* @ORM\GeneratedValue()
* @ORM\Column(type="integer")
*/
private $id;
/**
* @ORM\ManyToOne(targetEntity=User::class,inversedBy="colleagues")
* @ORM\JoinColumn(nullable=false)
*/
private $user;
/**
* @ORM\Column(type="string",length=255)
*/
private $name;
/**
* @ORM\Column(type="string",length=255,nullable=true)
*/
private $role;
/**
* @ORM\Column(type="text",nullable=true)
*/
private $notes;
/**
* @ORM\Column(type="string",nullable=true,options={"default": 0})
*
* @var string
*/
private $thumbnail;
/**
* @Vich\UploadableField(mapping="colleague_thumbnails",fileNameProperty="thumbnail")
*
* @var File
*/
private $thumbnailFile;
/**
* @ORM\Column(type="datetime")
*
* @var \DateTime
*/
private $createdAt;
/**
* @ORM\Column(type="datetime")
*
* @var \DateTime
*/
private $updatedAt;
public function __construct()
{
$this->setCreatedAt(new \DateTime());
$this->setUpdatedAt(new \DateTime());
// var_dump($this->get('security.token_storage')->getToken()->getUser());
// die;
}
public function getId(): ?int
{
return $this->id;
}
public function getUser(): ?User
{
return $this->user;
}
public function setUser(?User $user): self
{
$this->user = $user;
return $this;
}
public function getName(): ?string
{
return $this->name;
}
public function setName(string $name): self
{
$this->name = $name;
return $this;
}
public function getRole(): ?string
{
return $this->role;
}
public function setRole(?string $role): self
{
$this->role = $role;
return $this;
}
public function getNotes(): ?string
{
return $this->notes;
}
public function setNotes(?string $notes): self
{
$this->notes = $notes;
return $this;
}
public function getCreatedAt(): ?\DateTimeInterface
{
return $this->createdAt;
}
public function setCreatedAt(\DateTimeInterface $createdAt): self
{
$this->createdAt = $createdAt;
return $this;
}
public function getUpdatedAt(): ?\DateTimeInterface
{
return $this->updatedAt;
}
public function setUpdatedAt(\DateTimeInterface $updatedAt): self
{
$this->updatedAt = $updatedAt;
return $this;
}
public function getThumbnail(): ?string
{
return $this->thumbnail;
}
public function setThumbnail(?string $thumbnail): self
{
$this->thumbnail = $thumbnail;
return $this;
}
/**
* @return File
*/
public function getThumbnailFile()
{
return $this->thumbnailFile;
}
/**
* @param File|\Symfony\Component\HttpFoundation\File\UploadedFile $image
*
* @return User
*/
public function setThumbnailFile(File $thumbnail = null)
{
$this->thumbnailFile = $thumbnail;
if ($thumbnail) {
$this->updatedAt = new \DateTime('now');
}
return $this;
}
}
在此先感谢您的宝贵帮助。
解决方法
以下是与在Linkedin上提出的答案相同的答案:easy admin advanced permissions。 (法语帖子内容) 您可以将事件订阅者与投票者结合起来,只需遵循以下示例即可。 最好的问候。
,我已经设法通过以下方式进行Easyadmin特定过滤:
config / packages / easy_admin.yaml:
easy_admin:
entities:
Colleague:
class: App\Entity\Colleague
controller: App\Controller\ColleagueController
src / Controller / ColleagueController.php:
<?php
namespace App\Controller;
use Symfony\Component\Routing\Annotation\Route;
use EasyCorp\Bundle\EasyAdminBundle\Controller\EasyAdminController;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class ColleagueController extends EasyAdminController
{
protected function createListQueryBuilder($entityClass,$sortDirection,$sortField = null,$dqlFilter = null)
{
$result = parent::createListQueryBuilder($entityClass,$sortField,$dqlFilter);
if (method_exists($entityClass,'getUser')) {
$result->andWhere('entity.user = :user');
$result->setParameter('user',$this->getUser());
}
return $result;
}
protected function createSearchQueryBuilder($entityClass,$searchQuery,array $searchableFields,$sortDirection = null,$dqlFilter = null)
{
$result = parent::createSearchQueryBuilder($entityClass,$searchableFields,$this->getUser());
}
return $result;
}
protected function createEditForm($entity,array $entityProperties)
{
$result = parent::createEditForm($entity,$entityProperties);
if ($entity->getUser() !== $this->getUser()) {
throw new AccessDeniedException();
}
return $result;
}
protected function showAction()
{
$easyadmin = $this->request->attributes->get('easyadmin');
$entity = $easyadmin['item'];
if ($entity->getUser() !== $this->getUser()) {
throw new AccessDeniedException();
}
$result = parent::showAction();
return $result;
}
protected function deleteAction()
{
$easyadmin = $this->request->attributes->get('easyadmin');
$entity = $easyadmin['item'];
if ($entity->getUser() !== $this->getUser()) {
throw new AccessDeniedException();
}
$result = parent::deleteAction();
return $result;
}
/**
* Create a colleague.
*/
protected function persistEntity($entity)
{
$entity->setUser($this->getUser());
$result = parent::persistEntity($entity);
return $result;
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。