Php Symfony 4.4 Easyadmin:设置权限以仅访问我拥有的实体
我有一个同事实体,它与用户实体有多对一的关系。 我只希望能够访问附加到已识别用户的同事。 这适用于所有CRUD权限:列表、编辑、更新、删除 我尝试过很多方法,比如easy_admin.yaml中的DQL过滤器,但我无法获得经过身份验证的用户id。 我是一名Symfony junior,所以我不知道如何做到这一点,我必须使用Easyadmin。 所以,我似乎不能使用collaguecontroller.php。可能使用collaguerepositionory.php? 目前,一切都在easy_admin.yaml中配置:Php Symfony 4.4 Easyadmin:设置权限以仅访问我拥有的实体,php,symfony,authentication,rights,easyadmin,Php,Symfony,Authentication,Rights,Easyadmin,我有一个同事实体,它与用户实体有多对一的关系。 我只希望能够访问附加到已识别用户的同事。 这适用于所有CRUD权限:列表、编辑、更新、删除 我尝试过很多方法,比如easy_admin.yaml中的DQL过滤器,但我无法获得经过身份验证的用户id。 我是一名Symfony junior,所以我不知道如何做到这一点,我必须使用Easyadmin。 所以,我似乎不能使用collaguecontroller.php。可能使用collaguerepositionory.php? 目前,一切都在easy_a
easy_admin:
design:
templates:
label_null: 'null_value.html.twig'
entities:
Colleague:
class: App\Entity\Colleague
list:
# dql_filter: "entity.user = 15"
# dql_filter: "entity.user = '%env(AUTHENTICATED_USER)%'"
# dql_filter: "entity.user = (SELECT id FROM user WHERE email = '%env(AUTHENTICATED_USER)%')"
# dql_filter: "entity.user = (SELECT id FROM App\Entity\User WHERE email = 'aaa@gmail.com')"
fields:
- user
- name
- role
- notes
- { property: 'thumbnail', type: 'image', base_path: '%uploads_path%' }
actions: ['show', 'edit', 'delete']
form:
fields:
- user
- name
- role
- notes
- { property: 'thumbnailFile', type: 'vich_image' }
show:
fields:
- user
- name
- role
- notes
- { property: 'thumbnail', type: 'image', base_path: '%uploads_path%' }
easy_admin:
entities:
Colleague:
class: App\Entity\Colleague
controller: App\Controller\ColleagueController
和我的实体\同事.php:
<?php
namespace App\Entity;
use App\Repository\ColleagueRepository;
use Doctrine\ORM\Mapping as ORM;
use Vich\UploaderBundle\Mapping\Annotation as Vich;
use Symfony\Component\HttpFoundation\File\File;
/**
* @ORM\Entity(repositoryClass=ColleagueRepository::class)
* @Vich\Uploadable
*/
class Colleague
{
/**
* @ORM\Id()
* @ORM\GeneratedValue()
* @ORM\Column(type="integer")
*/
private $id;
/**
* @ORM\ManyToOne(targetEntity=User::class, inversedBy="colleagues")
* @ORM\JoinColumn(nullable=false)
*/
private $user;
/**
* @ORM\Column(type="string", length=255)
*/
private $name;
/**
* @ORM\Column(type="string", length=255, nullable=true)
*/
private $role;
/**
* @ORM\Column(type="text", nullable=true)
*/
private $notes;
/**
* @ORM\Column(type="string", length=255, nullable=true, options={"default": 0})
*
* @var string
*/
private $thumbnail;
/**
* @Vich\UploadableField(mapping="colleague_thumbnails", fileNameProperty="thumbnail")
*
* @var File
*/
private $thumbnailFile;
/**
* @ORM\Column(type="datetime")
*
* @var \DateTime
*/
private $createdAt;
/**
* @ORM\Column(type="datetime")
*
* @var \DateTime
*/
private $updatedAt;
public function __construct()
{
$this->setCreatedAt(new \DateTime());
$this->setUpdatedAt(new \DateTime());
// var_dump($this->get('security.token_storage')->getToken()->getUser());
// die;
}
public function getId(): ?int
{
return $this->id;
}
public function getUser(): ?User
{
return $this->user;
}
public function setUser(?User $user): self
{
$this->user = $user;
return $this;
}
public function getName(): ?string
{
return $this->name;
}
public function setName(string $name): self
{
$this->name = $name;
return $this;
}
public function getRole(): ?string
{
return $this->role;
}
public function setRole(?string $role): self
{
$this->role = $role;
return $this;
}
public function getNotes(): ?string
{
return $this->notes;
}
public function setNotes(?string $notes): self
{
$this->notes = $notes;
return $this;
}
public function getCreatedAt(): ?\DateTimeInterface
{
return $this->createdAt;
}
public function setCreatedAt(\DateTimeInterface $createdAt): self
{
$this->createdAt = $createdAt;
return $this;
}
public function getUpdatedAt(): ?\DateTimeInterface
{
return $this->updatedAt;
}
public function setUpdatedAt(\DateTimeInterface $updatedAt): self
{
$this->updatedAt = $updatedAt;
return $this;
}
public function getThumbnail(): ?string
{
return $this->thumbnail;
}
public function setThumbnail(?string $thumbnail): self
{
$this->thumbnail = $thumbnail;
return $this;
}
/**
* @return File
*/
public function getThumbnailFile()
{
return $this->thumbnailFile;
}
/**
* @param File|\Symfony\Component\HttpFoundation\File\UploadedFile $image
*
* @return User
*/
public function setThumbnailFile(File $thumbnail = null)
{
$this->thumbnailFile = $thumbnail;
if ($thumbnail) {
$this->updatedAt = new \DateTime('now');
}
return $this;
}
}
以下是与Linkedin上建议的答案相同的答案:。(法语帖子内容)
您可以将事件订阅服务器与投票者组合,只需遵循以下示例。
致以最诚挚的问候。我已经通过以下方式实现了Easyadmin特定的筛选:
config/packages/easy_admin.yaml:
easy_admin:
design:
templates:
label_null: 'null_value.html.twig'
entities:
Colleague:
class: App\Entity\Colleague
list:
# dql_filter: "entity.user = 15"
# dql_filter: "entity.user = '%env(AUTHENTICATED_USER)%'"
# dql_filter: "entity.user = (SELECT id FROM user WHERE email = '%env(AUTHENTICATED_USER)%')"
# dql_filter: "entity.user = (SELECT id FROM App\Entity\User WHERE email = 'aaa@gmail.com')"
fields:
- user
- name
- role
- notes
- { property: 'thumbnail', type: 'image', base_path: '%uploads_path%' }
actions: ['show', 'edit', 'delete']
form:
fields:
- user
- name
- role
- notes
- { property: 'thumbnailFile', type: 'vich_image' }
show:
fields:
- user
- name
- role
- notes
- { property: 'thumbnail', type: 'image', base_path: '%uploads_path%' }
easy_admin:
entities:
Colleague:
class: App\Entity\Colleague
controller: App\Controller\ColleagueController
src/Controller/collaguecontroller.php:
<?php
namespace App\Controller;
use Symfony\Component\Routing\Annotation\Route;
use EasyCorp\Bundle\EasyAdminBundle\Controller\EasyAdminController;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class ColleagueController extends EasyAdminController
{
protected function createListQueryBuilder($entityClass, $sortDirection, $sortField = null, $dqlFilter = null)
{
$result = parent::createListQueryBuilder($entityClass, $sortDirection, $sortField, $dqlFilter);
if (method_exists($entityClass, 'getUser')) {
$result->andWhere('entity.user = :user');
$result->setParameter('user', $this->getUser());
}
return $result;
}
protected function createSearchQueryBuilder($entityClass, $searchQuery, array $searchableFields, $sortField = null, $sortDirection = null, $dqlFilter = null)
{
$result = parent::createSearchQueryBuilder($entityClass, $searchQuery, $searchableFields, $sortField, $sortDirection, $dqlFilter);
if (method_exists($entityClass, 'getUser')) {
$result->andWhere('entity.user = :user');
$result->setParameter('user', $this->getUser());
}
return $result;
}
protected function createEditForm($entity, array $entityProperties)
{
$result = parent::createEditForm($entity, $entityProperties);
if ($entity->getUser() !== $this->getUser()) {
throw new AccessDeniedException();
}
return $result;
}
protected function showAction()
{
$easyadmin = $this->request->attributes->get('easyadmin');
$entity = $easyadmin['item'];
if ($entity->getUser() !== $this->getUser()) {
throw new AccessDeniedException();
}
$result = parent::showAction();
return $result;
}
protected function deleteAction()
{
$easyadmin = $this->request->attributes->get('easyadmin');
$entity = $easyadmin['item'];
if ($entity->getUser() !== $this->getUser()) {
throw new AccessDeniedException();
}
$result = parent::deleteAction();
return $result;
}
/**
* Create a colleague.
*/
protected function persistEntity($entity)
{
$entity->setUser($this->getUser());
$result = parent::persistEntity($entity);
return $result;
}
}
您好,您需要创建自定义投票者:请参见此处的文档,好的,但是如何使用Easy admin调用投票者?因为show($id)和edit($id)方法似乎没有被这个包调用。