具有ACL和角色的FOS评论权限 [英] FOS Comment permissions with ACL and Roles
问题描述
因此,我安装了foscomment(迄今为止最新的版本)并成功将其设置为ACL。然后,我决定也添加基于角色的权限。问题是,发表评论的用户无法再编辑自己的评论。并且如果我赋予其角色编辑权限,则他们可以编辑所有注释。
So, I installed foscomment (most current version to date) and set it up for ACL, with success. I then decided to add their role based permissions as well. The problem is, the user who posts a comment can no longer edit their own comment. and if I give their role the edit power, then they can edit all comments.
是否可以在foscomment软件包中本地使用ACL和Roles?这样,可以将编辑和删除设置为ROLE_ADMIN,但是ACL可以允许用户编辑和删除自己的帖子,即使他们是ROLE_USER?
Is it possible to use ACL and Roles natively in the foscomment bundle? SO that edit and delete can be set to ROLE_ADMIN, but ACL can allow users to edit and delete their own posts, even if they are ROLE_USER?
还是我必须
这是我的config.yml foscomment代码段
here is my config.yml foscomment snippet
fos_comment:
db_driver: orm
class:
model:
comment: Application\Bundle\CommentBundle\Entity\Comment
thread: Application\Bundle\CommentBundle\Entity\Thread
acl: true
service:
acl:
thread: fos_comment.acl.thread.roles
comment: fos_comment.acl.comment.roles
vote: fos_comment.acl.vote.roles
manager:
thread: fos_comment.manager.thread.acl
comment: fos_comment.manager.comment.acl
vote: fos_comment.manager.vote.acl
acl_roles:
comment:
create: ROLE_USER
view: IS_AUTHENTICATED_ANONYMOUSLY
edit: ROLE_ADMIN
delete: ROLE_ADMIN
thread:
create: IS_AUTHENTICATED_ANONYMOUSLY
view: IS_AUTHENTICATED_ANONYMOUSLY
edit: ROLE_ADMIN
delete: ROLE_ADMIN
vote:
create: IS_AUTHENTICATED_ANONYMOUSLY
view: IS_AUTHENTICATED_ANONYMOUSLY
edit: ROLE_ADMIN
delete: ROLE_ADMIN
推荐答案
是可能的。
安装FOSUser捆绑包,并按照 https: //github.com/FriendsOfSymfony/FOSCommentBundle/blob/master/Resources/doc/6-integration_with_fosuserbundle.md 。
Install FOSUser bundle and follow https://github.com/FriendsOfSymfony/FOSCommentBundle/blob/master/Resources/doc/6-integration_with_fosuserbundle.md .
然后,创建以下类:
<?php
namespace Application\Sonata\CommentBundle\Acl;
use FOS\CommentBundle\Acl\RoleCommentAcl as BaseRoleCommentAcl;
use FOS\CommentBundle\Model\CommentInterface;
use FOS\CommentBundle\Model\SignedCommentInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
class RoleCommentAcl extends BaseRoleCommentAcl
{
/**
* The current Security Context.
*
* @var SecurityContextInterface
*/
private $securityContext;
/**
* Constructor.
*
* @param SecurityContextInterface $securityContext
* @param string $createRole
* @param string $viewRole
* @param string $editRole
* @param string $deleteRole
* @param string $commentClass
*/
public function __construct(SecurityContextInterface $securityContext,
$createRole,
$viewRole,
$editRole,
$deleteRole,
$commentClass
)
{
parent::__construct(
$securityContext,
$createRole,
$viewRole,
$editRole,
$deleteRole,
$commentClass);
$this->securityContext = $securityContext;
}
/**
* Checks if the Security token has an appropriate role to edit the supplied Comment.
*
* @param CommentInterface $comment
* @return boolean
*/
public function canEdit(CommentInterface $comment)
{
if ($comment instanceof SignedCommentInterface)
{
if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
return true;
}
}
return parent::canEdit($comment);
}
/**
* Checks if the Security token is allowed to delete a specific Comment.
*
* @param CommentInterface $comment
* @return boolean
*/
public function canDelete(CommentInterface $comment)
{
if ($comment instanceof SignedCommentInterface)
{
if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
return true;
}
}
return parent::canDelete($comment);
}
}
并将以下内容添加到服务中。 yml:
And add the following to service.yml :
<service id="application.sonata.comment.acl.comment.roles" class="Application\Sonata\CommentBundle\Acl\RoleCommentAcl" public="false">
<argument type="service" id="security.context" />
<argument>IS_AUTHENTICATED_FULLY</argument> <!-- Create role -->
<argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- View role -->
<argument>ROLE_ADMIN</argument> <!-- Edit role -->
<argument>ROLE_ADMIN</argument> <!-- Delete role -->
<argument>%fos_comment.model.comment.class%</argument>
</service>
最后,使用以下命令更新config.yml:
Finally, update your config.yml with the following :
fos_comment:
service:
acl:
comment: application.sonata.comment.acl.comment.roles
您可以根据需要调整创建的类。
You can adapt the created class depending on your requirements.
这篇关于具有ACL和角色的FOS评论权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!