symfony sonata admin roles on embedded onetomany entities

0
votes

I have Symfony 2.3 + Sonata Admin + Sonata User Bundle.

I have created an entity Student, and another entity Contact. An Student have one-to-many relationship with Contact. I have added Contact to Student with sonata_type_collection in my StudentAdmin class. I also have created a group of users Operator and assigned all permissions to Student, but only list and view to Contact.

My problem is that any user of Operator can't add or delete Contact (from Student edit page), but they can edit (and values are saved).

Any suggestions or examples?

Some code:

Roles assigned:

ROLE_SONATA_ADMIN_STUDENT_EDIT
ROLE_SONATA_ADMIN_STUDENT_LIST
ROLE_SONATA_ADMIN_STUDENT_CREATE
ROLE_SONATA_ADMIN_STUDENT_VIEW
ROLE_SONATA_ADMIN_STUDENT_DELETE 

ROLE_SONATA_ADMIN_CONTACT_LIST
ROLE_SONATA_ADMIN_CONTACT_VIEW 

ROLE_ADMIN: ROLE_USER, ROLE_SONATA_ADMIN 


     /**
     * @ORM\OneToMany(targetEntity="MyBundle\Entity\Contact",
                      mappedBy="student",
                      cascade={"persist", "remove"})
     **/
    private $contact;


->add('contact', 'sonata_type_collection',
                    array(
                            'label' => 'Contact',
                            'by_reference' => false,
                    ),
                    array(
                            'edit' => 'inline',
                            'inline' => 'table',
                    ))

Thanks!

1
symfonyone-to-manyrolessonata-adminsonata-user-bundle
What are you trying to achieve ? You want User with role Operator to add / delete contact ? you have to add the roles ROLE_SONATA_ADMIN_CONTACT_CREATE, ROLE_SONATA_ADMIN_CONTACT_DELETEHypeR
English is not my language maybe i have misspelled something. With roles that i assign, when i'm in student edit page, Operator user cannot add or delete contact (in embedded form), that's ok, because buttons add/delete disappears, but he can edit/change values (added previously by users with access), because the inputs are enabled, and when I save Student, the values are persisted to contact. I don't want that. I have other group of users for that. I think that the problem is to know how roles work with related/embedded entities.Sergio Ordóñez

1 Answers

0
votes

I understood your problem and I don't think Sonata handle this by default.

You have to check the current user roles and either remove contact fields or add readonly or disabled attribute on the contact fields.

Remove Contact Fields

protected function configureFormFields(FormMapper $formMapper)
{
    // check if current user has role contact edition
    $hasContactRole = $this->getConfigurationPool()->getContainer()->get('security.context')->isGranted('ROLE_SONATA_ADMIN_CONTACT_EDIT'));
    if ($hasContactRole) {
        $formMapper->add('contact', 'sonata_type_collection',
            array(
                'label' => 'Contact',
                'by_reference' => false,
            ),
            array(
                'edit' => 'inline',
                'inline' => 'table',
            )
        );
    }
}