Symfony FOSCommentBundle访问控制回复、删除和编辑注释_Symfony_Php 5.4_Foscommentbundle

Symfony FOSCommentBundle访问控制回复、删除和编辑注释

symfony

Symfony FOSCommentBundle访问控制回复、删除和编辑注释,symfony,php-5.4,foscommentbundle,Symfony,Php 5.4,Foscommentbundle,我已成功地在我的symfony2.3项目上安装了FOSComentBundle。我将FOSCommentBundle与FOSUserBundle集成，然后添加了基于角色的ACL安全性。我发现可以控制的操作有：创建、查看、删除、编辑。我只想为管理员显示回复按钮，但我还没有找到如何将访问角色添加到回复事件中。这是我的配置文件： acl: true service: acl: thread: fos_comment.acl.thread.roles co

我已成功地在我的symfony2.3项目上安装了

FOSComentBundle

。我将FOSCommentBundle与FOSUserBundle集成，然后添加了基于角色的ACL安全性。我发现可以控制的操作有：

创建、查看、删除、编辑

。我只想为管理员显示回复按钮，但我还没有找到如何将访问角色添加到回复事件中。这是我的配置文件：

acl: true
service:
    acl:
        thread:  fos_comment.acl.thread.roles
        comment: fos_comment.acl.comment.roles
        vote:    fos_comment.acl.vote.roles
    manager:
        thread:  fos_comment.manager.thread.acl
        comment: fos_comment.manager.comment.acl
        vote:    fos_comment.manager.vote.acl
acl_roles:
    comment:
        create: IS_AUTHENTICATED_ANONYMOUSLY
        view: IS_AUTHENTICATED_ANONYMOUSLY
        edit: ROLE_ADMIN
        delete: ROLE_ADMIN
    thread:
        create: IS_AUTHENTICATED_ANONYMOUSLY
        view: IS_AUTHENTICATED_ANONYMOUSLY
        edit: ROLE_ADMIN
        delete: ROLE_ADMIN
    vote:
        create: IS_AUTHENTICATED_ANONYMOUSLY
        view: IS_AUTHENTICATED_ANONYMOUSLY
        edit: ROLE_ADMIN
        delete: ROLE_ADMIN

有我必须重写的类吗？回复按钮是否有文档？

在查看了

FOSCommentBundle

之后，我找到了解决问题的方法：

1。首先，您必须覆盖
RoleCommentAcl
：通过在MyBundle中创建名为Acl的文件夹。在这个文件夹中，我创建了一个名为RoleCommentAcl的php类：

namespace MyProject\MyBundle\Acl;

use FOS\CommentBundle\Acl\RoleCommentAcl as BaseRoleCommentAcl;
use FOS\CommentBundle\Model\CommentInterface;
use FOS\CommentBundle\Model\SignedCommentInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;

class RoleCommentAcl extends BaseRoleCommentAcl {

/**
 * The current Security Context.
 *
 * @var SecurityContextInterface
 */
private $securityContext;

/**
 * Constructor.
 *
 * @param SecurityContextInterface $securityContext
 * @param string                   $createRole
 * @param string                   $viewRole
 * @param string                   $editRole
 * @param string                   $deleteRole
 * @param string                   $commentClass
 */
public function __construct(SecurityContextInterface $securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass
) {
    parent::__construct(
            $securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass);

    $this->securityContext = $securityContext;
}

/**
 * Checks if the Security token has an appropriate role to edit the supplied Comment.
 *
 * @param  CommentInterface $comment
 * @return boolean
 */
public function canEdit(CommentInterface $comment) {
    // the comment owner can edit the comment whenever he want.
    if ($comment instanceof SignedCommentInterface) {
        if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
            return true;
        }
    }
    return parent::canEdit($comment);
}

/**
 * Checks if the Security token is allowed to delete a specific Comment.
 *
 * @param  CommentInterface $comment
 * @return boolean
 */
public function canDelete(CommentInterface $comment) {
     // the comment owner can delete the comment
    if ($comment instanceof SignedCommentInterface) {
        if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
            return true;
        }
    }
    return parent::canDelete($comment);
}

/**
 * Checks if the Security token is allowed to reply to a parent comment.
 *
 * @param  CommentInterface|null $parent
 * @return boolean
 */
public function canReply(CommentInterface $parent = null) {

    if ($parent instanceof SignedCommentInterface) {
          //only the comment owner or the admin can reply to the comment.
        if ($parent->getAuthor() == $this->securityContext->getToken()->getUser() ||
                $this->securityContext->isGranted('ROLE_ADMIN')) {
            return true;
        }
    }
     if($parent !=null) {
       // if the user have no access to reply then return false.
          return false;
     }  
   //this ligne allow all users to post new comments.
    return parent::canCreate();
}

}

2。然后，您必须将访问权限添加到services.xml中：

<?xml version="1.0" ?>

<container xmlns="http://symfony.com/schema/dic/services"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
<services>
    <service id="myproject.name_bundle.acl.comment.roles" class="MyProject\MyBundle\Acl\RoleCommentAcl" public="false">
        <argument type="service" id="security.context" />
        <argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- Create role -->
        <argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- View role -->
        <argument>ROLE_ADMIN</argument> <!-- Edit role -->
        <argument>ROLE_ADMIN</argument> <!-- Delete role -->
        <argument>%fos_comment.model.comment.class%</argument>
    </service>
</services>  </container>

打开你的页面，你会注意到回复将仅由评论所有者和管理员用户访问。此外，删除和编辑也可以仅为评论所有者和管理员显示

$loader = new Loader\XmlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
    $loader->load('services.xml');