Symfony FOSCommentBundle访问控制回复、删除和编辑注释
我已成功地在我的symfony2.3项目上安装了Symfony FOSCommentBundle访问控制回复、删除和编辑注释,symfony,php-5.4,foscommentbundle,Symfony,Php 5.4,Foscommentbundle,我已成功地在我的symfony2.3项目上安装了FOSComentBundle。 我将FOSCommentBundle与FOSUserBundle集成,然后添加了基于角色的ACL安全性。我发现可以控制的操作有:创建、查看、删除、编辑。 我只想为管理员显示回复按钮,但我还没有找到如何将访问角色添加到回复事件中。 这是我的配置文件: acl: true service: acl: thread: fos_comment.acl.thread.roles co
FOSComentBundle
。
我将FOSCommentBundle与FOSUserBundle集成,然后添加了基于角色的ACL安全性。我发现可以控制的操作有:创建、查看、删除、编辑
。
我只想为管理员显示回复按钮,但我还没有找到如何将访问角色添加到回复事件中。
这是我的配置文件:
acl: true
service:
acl:
thread: fos_comment.acl.thread.roles
comment: fos_comment.acl.comment.roles
vote: fos_comment.acl.vote.roles
manager:
thread: fos_comment.manager.thread.acl
comment: fos_comment.manager.comment.acl
vote: fos_comment.manager.vote.acl
acl_roles:
comment:
create: IS_AUTHENTICATED_ANONYMOUSLY
view: IS_AUTHENTICATED_ANONYMOUSLY
edit: ROLE_ADMIN
delete: ROLE_ADMIN
thread:
create: IS_AUTHENTICATED_ANONYMOUSLY
view: IS_AUTHENTICATED_ANONYMOUSLY
edit: ROLE_ADMIN
delete: ROLE_ADMIN
vote:
create: IS_AUTHENTICATED_ANONYMOUSLY
view: IS_AUTHENTICATED_ANONYMOUSLY
edit: ROLE_ADMIN
delete: ROLE_ADMIN
有我必须重写的类吗?回复按钮是否有文档?在查看了
FOSCommentBundle
之后,我找到了解决问题的方法:
1。首先,您必须覆盖RoleCommentAcl
:
通过在MyBundle中创建名为Acl的文件夹。在这个文件夹中,我创建了一个名为RoleCommentAcl的php类:
namespace MyProject\MyBundle\Acl;
use FOS\CommentBundle\Acl\RoleCommentAcl as BaseRoleCommentAcl;
use FOS\CommentBundle\Model\CommentInterface;
use FOS\CommentBundle\Model\SignedCommentInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
class RoleCommentAcl extends BaseRoleCommentAcl {
/**
* The current Security Context.
*
* @var SecurityContextInterface
*/
private $securityContext;
/**
* Constructor.
*
* @param SecurityContextInterface $securityContext
* @param string $createRole
* @param string $viewRole
* @param string $editRole
* @param string $deleteRole
* @param string $commentClass
*/
public function __construct(SecurityContextInterface $securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass
) {
parent::__construct(
$securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass);
$this->securityContext = $securityContext;
}
/**
* Checks if the Security token has an appropriate role to edit the supplied Comment.
*
* @param CommentInterface $comment
* @return boolean
*/
public function canEdit(CommentInterface $comment) {
// the comment owner can edit the comment whenever he want.
if ($comment instanceof SignedCommentInterface) {
if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
return true;
}
}
return parent::canEdit($comment);
}
/**
* Checks if the Security token is allowed to delete a specific Comment.
*
* @param CommentInterface $comment
* @return boolean
*/
public function canDelete(CommentInterface $comment) {
// the comment owner can delete the comment
if ($comment instanceof SignedCommentInterface) {
if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
return true;
}
}
return parent::canDelete($comment);
}
/**
* Checks if the Security token is allowed to reply to a parent comment.
*
* @param CommentInterface|null $parent
* @return boolean
*/
public function canReply(CommentInterface $parent = null) {
if ($parent instanceof SignedCommentInterface) {
//only the comment owner or the admin can reply to the comment.
if ($parent->getAuthor() == $this->securityContext->getToken()->getUser() ||
$this->securityContext->isGranted('ROLE_ADMIN')) {
return true;
}
}
if($parent !=null) {
// if the user have no access to reply then return false.
return false;
}
//this ligne allow all users to post new comments.
return parent::canCreate();
}
}
2。然后,您必须将访问权限添加到services.xml中:
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
<services>
<service id="myproject.name_bundle.acl.comment.roles" class="MyProject\MyBundle\Acl\RoleCommentAcl" public="false">
<argument type="service" id="security.context" />
<argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- Create role -->
<argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- View role -->
<argument>ROLE_ADMIN</argument> <!-- Edit role -->
<argument>ROLE_ADMIN</argument> <!-- Delete role -->
<argument>%fos_comment.model.comment.class%</argument>
</service>
</services> </container>
打开你的页面,你会注意到回复将仅由评论所有者和管理员用户访问。此外,删除和编辑也可以仅为评论所有者和管理员显示
$loader = new Loader\XmlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
$loader->load('services.xml');