AclVoter拒绝访问“列表" [英] AclVoter denies access to 'LIST'

问题描述

将sonata_admin.security.handler设置为sonata.admin.security.handler.acl后，唯一具有访问权限的用户就是具有ROLE_SUPER_ADMIN的用户. 我认为我正确地配置了所有东西，显然不正确.

As soon as I set sonata_admin.security.handler to sonata.admin.security.handler.acl the only user who has access is the one with ROLE_SUPER_ADMIN. I think I configured everything right, obviously not.

我尝试过:

• 赋予用户真正的角色ROLE_VIP_CONTACT_ADMIN而不是由fos_group进行分配，没有成功.
• security.access_decision_manager.strategy的所有选项:肯定，共识和一致
• 要删除所有acl表，acl:init，sonata:admin:setup-acl(带有或不带有sonata:admin:generate-object-acl)，并每次都清除缓存.

• to give the user the real role ROLE_VIP_CONTACT_ADMIN instead of assigning by a fos_group, no success.
• all options forsecurity.access_decision_manager.strategy: affirmative, consensus and unanimous
• to delete all acl tables, acl:init, sonata:admin:setup-acl, with and without sonata:admin:generate-object-acl and cleared the cache every time.

没有成功.

# Acme\MyBundle\Controller\CRUDController.php

$securityContext->getAdminPermissions();
# -> ["CREATE", "LIST", "DELETE", "UNDELETE", "EXPORT", "OPERATOR", "MASTER"]

dump($this->admin->getSecurityInformation());
/* -> array:3 [▼
  "GUEST" => array:2 [▼
    0 => "VIEW"
    1 => "LIST"
  ]
  "STAFF" => array:3 [▼
    0 => "EDIT"
    1 => "LIST"
    2 => "CREATE"
  ]
  "ADMIN" => array:3 [▼
    0 => "MASTER"
    1 => "OPERATOR"
    2 => "EXPORT"
  ]
] */

dump($this->getUser()->getRoles());
/* -> array:15 [▼
  0 => "ROLE_ADMIN"
  1 => "ROLE_VIP_CONTACT_GUEST"
  2 => "ROLE_VIP_CONTACT_STAFF"
  3 => "ROLE_VIP_CONTACT_ADMIN"  # <--- I gave him everything!
  [...]
  9 => "ROLE_ALLOWED_TO_SWITCH"
  [...]
  16 => "ROLE_USER"
] */

现在，我打开浏览器并转到app_dev.php/my-path-to/vip/contact/list，导致出现AccessDeniedException.

Now I open my browser and go to app_dev.php/my-path-to/vip/contact/list, resulting in an AccessDeniedException.

/edit:这是与此处相同的问题 ACL + SonataAdminBundle + SonataUserBundle .

/edit: It's the same problem as here ACL + SonataAdminBundle + SonataUserBundle.

推荐答案

在Symphony> 3.1上，您应该使用以下代码:

On Symphony >3.1 you should use this:

services:
  security.acl.permission.map:
    class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap

代替

参数: security.acl.permission.map.class:Sonata \ AdminBundle \ Security \ Acl \ Permission \ AdminPermissionMap

parameters: security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap

这篇关于AclVoter拒绝访问“列表"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！