Php SonataAdmin:阻止管理员删除自己的帐户
我正在使用Sonatamin进行symfony 2项目。有时管理员用户可能会意外删除自己的帐户。如何防止管理员用户删除自己的帐户?谢谢 要防止管理员删除自己的帐户,您需要为sonata用户定义自己的Php SonataAdmin:阻止管理员删除自己的帐户,php,symfony,sonata-admin,Php,Symfony,Sonata Admin,我正在使用Sonatamin进行symfony 2项目。有时管理员用户可能会意外删除自己的帐户。如何防止管理员用户删除自己的帐户?谢谢 要防止管理员删除自己的帐户,您需要为sonata用户定义自己的CRUDController,方法如下 然后在控制器中覆盖这些函数中的函数,检查请求是否包含管理对象/id,然后在此进行限制 public function deleteAction($id) { $id = $this->get('request')->ge
CRUDController
,方法如下
然后在控制器中覆盖这些函数中的函数,检查请求是否包含管理对象/id,然后在此进行限制
public function deleteAction($id)
{
$id = $this->get('request')->get($this->admin->getIdParameter());
$object = $this->admin->getObject($id);
if (!$object) {
throw new NotFoundHttpException(sprintf('unable to find the object with id : %s', $id));
}
$userid = $this->getUser()->getId() // get id of logged in user
if($userid == $id){
$this->addFlash(
'sonata_flash_error',
'Error you cannot delete your own account'
);
return $this->redirectTo($object);
}
// other code from base class
}
batchActionDelete()
函数的逻辑相同我将SonataUserBundle与FOSUserBundle一起使用,最后得到了以下解决方案
config.yml:
parameters:
sonata.user.admin.user.controller: AppBundle:CRUD\CRUD
AppBundle\Controller\CRUD\CRUDController:
<?php
namespace AppBundle\Controller\CRUD;
use Sonata\AdminBundle\Controller\CRUDController as Controller;
use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
class CRUDController extends Controller
{
public function deleteAction($id)
{
$request = $this->getRequest();
$id = $request->get($this->admin->getIdParameter());
$object = $this->admin->getObject($id);
if (!$object) {
throw $this->createNotFoundException(sprintf('unable to find the object with id: %s', $id));
}
$currentUserId = $this->getUser()->getId(); // ID of the current user
if ($currentUserId == $id) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return $this->redirectTo($object);
}
return parent::deleteAction($id);
}
public function batchActionDelete(ProxyQueryInterface $query)
{
$request = $this->getRequest();
$currentUserId = $this->getUser()->getId(); // ID of the current user
$selectedUsers = $query->execute();
foreach ($selectedUsers as $selectedUser) {
if ($selectedUser->getId() == $currentUserId) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return new RedirectResponse(
$this->admin->generateUrl('list', array('filter' => $this->admin->getFilterParameters()))
);
}
}
return parent::batchActionDelete($query);
}
}
这可能有助于您验证模板,如果行中的用户是管理员,则删除复选框。我尝试了类似的操作。但有一点是,用户仍然可以在帐户编辑页面中删除他的帐户。所以我可能需要一些代码修改
<?php
namespace AppBundle\Controller\CRUD;
use Sonata\AdminBundle\Controller\CRUDController as Controller;
use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
class CRUDController extends Controller
{
public function deleteAction($id)
{
$request = $this->getRequest();
$id = $request->get($this->admin->getIdParameter());
$object = $this->admin->getObject($id);
if (!$object) {
throw $this->createNotFoundException(sprintf('unable to find the object with id: %s', $id));
}
$currentUserId = $this->getUser()->getId(); // ID of the current user
if ($currentUserId == $id) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return $this->redirectTo($object);
}
return parent::deleteAction($id);
}
public function batchActionDelete(ProxyQueryInterface $query)
{
$request = $this->getRequest();
$currentUserId = $this->getUser()->getId(); // ID of the current user
$selectedUsers = $query->execute();
foreach ($selectedUsers as $selectedUser) {
if ($selectedUser->getId() == $currentUserId) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return new RedirectResponse(
$this->admin->generateUrl('list', array('filter' => $this->admin->getFilterParameters()))
);
}
}
return parent::batchActionDelete($query);
}
}