Sonata admin bundle: display role wise sidebar menu

0
votes

I successfully setup sonata admin bundle with acl editor. I am easily able to set user wise permission on object as well as roles users using acl editor. but when i trying to login using particular role then i cannot see in sidebar menu which i permitted to particular role.

e.g

i have roles like ROLE_MASTER_ADMIN, ROLE_SUPER_ADMIN, ROLE_VENDOR, ROLE_RETAILER. i have set two menu for now using USERBUNDLE i.e. users and group. which is shown for two roles ROLE_MASTER_ADMIN, ROLE_SUPER_ADMIN with full list, edit, delete, undelete, operator, master and owner permissions.

Then i set permissions for ROLE_VENDOR which has access of users list, edit, delete and undelete. same as i set permission for ROLE_RETAILER which has access of groups list, edit, delete and undelete.

after login with ROLE_VENDOR, ROLE_RETAILER users i am not able to see anything in sidebar menu.

i need help to implement this. thanks in advance.

this is what i set in my config.yml file

sonata_admin: dashboard: groups: sonata_user: label: sonata_user label_catalogue: SonataUserBundle icon: '<i class="fa fa-users"></i>' items: - admin: sonata.user.admin.user route: admin_sonata_user_user_list label: users roles: ['ROLE_MASTER_ADMIN', 'ROLE_SUPER_ADMIN', 'ROLE_VENDOR'] - admin: sonata.user.admin.group route: admin_sonata_user_group_list label: groups roles: ['ROLE_MASTER_ADMIN', 'ROLE_SUPER_ADMIN', 'ROLE_RETAILER'] roles: ['ROLE_MASTER_ADMIN', 'ROLE_SUPER_ADMIN', 'ROLE_VENDOR', 'ROLE_RETAILER']

but it shows me error like below:

An exception has been thrown during the rendering of a template ("Warning: get_class() expects parameter 1 to be object, string given").

UPDATED Command Output

=> php app/console sonata:admin:generate-object-acl

Welcome to the AdminBundle object ACL generator

This command helps you to generate ACL entities for the objects handled by the AdminBundle.

If the step option is used, you will be asked if you want to generate the object ACL entities for each Admin. You must use the shortcut notation like AcmeDemoBundle:User if you want to set an object owner.

generate ACLs for sonata.user.admin.user

[TOTAL] generated class ACEs for 4 objects (added 0, updated 4)

generate ACLs for sonata.user.admin.group

[TOTAL] generated class ACEs for 0 objects (added 0, updated 0)

=> php app/console sonata:admin:setup-acl

Starting ACL AdminBundle configuration

install ACL for sonata.user.admin.user

update role: ROLE_SONATA_USER_ADMIN_USER_ROLE_RETAILER, permissions: ["LIST"]

update role: ROLE_SONATA_USER_ADMIN_USER_ROLE_VENDOR, permissions: ["LIST","EDIT","CREATE"]

update role: ROLE_SONATA_USER_ADMIN_USER_ROLE_MASTER_ADMIN, permissions: ["MASTER"]

install ACL for sonata.user.admin.group

update role: ROLE_SONATA_USER_ADMIN_GROUP_ROLE_RETAILER, permissions: ["LIST"]

update role: ROLE_SONATA_USER_ADMIN_GROUP_ROLE_VENDOR, permissions: ["LIST","EDIT","CREATE"]

update role: ROLE_SONATA_USER_ADMIN_GROUP_ROLE_MASTER_ADMIN, permissions: ["MASTER"]

3
symfonysonata-adminsymfony-sonatasonatasonata-user-bundle

3 Answers

1
votes

Try configuring roles in sonata-admin configuration:

sonata_admin:
    dashboard:
        groups:
            users:
                label: ~
                roles: [ ROLE_VENDOR, ROLE_RETAILER]
0
votes

you need to run these two commands

bin/console sonata:admin:generate-object-acl
bin/console sonata:admin:setup-acl

and for 

parameters:

# ...
# Symfony 3 and above
security.acl.permission.map:
  class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap

# optionally use a custom MaskBuilder
#sonata.admin.security.mask.builder:
#  class: Sonata\AdminBundle\Security\Acl\Permission\MaskBuilder


# Symfony < 3
#security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap

let me know if it works for you

  sonata_admin:
      title: Project Api Documentation
      title_logo: "images/logo_title.png"
      templates:
           layout: admin/layout.html.twig
      security:
      handler: sonata.admin.security.handler.acl

    # acl security information
      information:
           GUEST:    [VIEW, LIST]
           STAFF:    [EDIT, LIST, CREATE]
           EDITOR:   [OPERATOR, EXPORT]
           ADMIN:    [MASTER]

    # permissions not related to an object instance and also to be available when objects do not exist
    # the DELETE admin permission means the user is allowed to batch delete objects
        admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]

    # permission related to the objects
        object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
0
votes

You need to add next config to your services.yaml:

security.acl.permission.map:
  class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap