AclVoter拒绝访问“列表" [英] AclVoter denies access to 'LIST'
问题描述
将sonata_admin.security.handler
设置为sonata.admin.security.handler.acl
后,唯一具有访问权限的用户就是具有ROLE_SUPER_ADMIN的用户.
我认为我正确地配置了所有东西,显然不正确.
As soon as I set sonata_admin.security.handler
to sonata.admin.security.handler.acl
the only user who has access is the one with ROLE_SUPER_ADMIN.
I think I configured everything right, obviously not.
我尝试过:
- 赋予用户真正的角色
ROLE_VIP_CONTACT_ADMIN
而不是由fos_group进行分配,没有成功. -
security.access_decision_manager.strategy
的所有选项:肯定,共识和一致 - 要删除所有acl表,acl:init,sonata:admin:setup-acl(带有或不带有sonata:admin:generate-object-acl),并每次都清除缓存.
- to give the user the real role
ROLE_VIP_CONTACT_ADMIN
instead of assigning by a fos_group, no success. - all options for
security.access_decision_manager.strategy
: affirmative, consensus and unanimous - to delete all acl tables, acl:init, sonata:admin:setup-acl, with and without sonata:admin:generate-object-acl and cleared the cache every time.
没有成功.
# Acme\MyBundle\Controller\CRUDController.php
$securityContext->getAdminPermissions();
# -> ["CREATE", "LIST", "DELETE", "UNDELETE", "EXPORT", "OPERATOR", "MASTER"]
dump($this->admin->getSecurityInformation());
/* -> array:3 [▼
"GUEST" => array:2 [▼
0 => "VIEW"
1 => "LIST"
]
"STAFF" => array:3 [▼
0 => "EDIT"
1 => "LIST"
2 => "CREATE"
]
"ADMIN" => array:3 [▼
0 => "MASTER"
1 => "OPERATOR"
2 => "EXPORT"
]
] */
dump($this->getUser()->getRoles());
/* -> array:15 [▼
0 => "ROLE_ADMIN"
1 => "ROLE_VIP_CONTACT_GUEST"
2 => "ROLE_VIP_CONTACT_STAFF"
3 => "ROLE_VIP_CONTACT_ADMIN" # <--- I gave him everything!
[...]
9 => "ROLE_ALLOWED_TO_SWITCH"
[...]
16 => "ROLE_USER"
] */
现在,我打开浏览器并转到app_dev.php/my-path-to/vip/contact/list
,导致出现AccessDeniedException.
Now I open my browser and go to app_dev.php/my-path-to/vip/contact/list
, resulting in an AccessDeniedException.
/edit:这是与此处相同的问题 ACL + SonataAdminBundle + SonataUserBundle .
/edit: It's the same problem as here ACL + SonataAdminBundle + SonataUserBundle.
推荐答案
在Symphony> 3.1上,您应该使用以下代码:
On Symphony >3.1 you should use this:
services:
security.acl.permission.map:
class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap
代替
参数: security.acl.permission.map.class:Sonata \ AdminBundle \ Security \ Acl \ Permission \ AdminPermissionMap
parameters: security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap
这篇关于AclVoter拒绝访问“列表"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!