9

I've installed SonataAdminBundle, SonataUserBundle and FOSUserBundle as well as CoopTilleulsAclSonataAdminExtensionBundle while using ACL in the SonataAdminBundle.

The listings are filtered by owners and all is fine. Customer A can see just his items, customer b also just his ones. But if i'm going to create a new object i can see items of other customers too.

Lets say a customer can create groups that will be used to assign products to. This is done while creating a product as a dropdown list (many-to-one relation as of products view). But i also can see groups that have been created by another customer.

How can i filter this? I think i have to do any filtering in the ProductsAdmin.php. Or does it have to happen in the ProductsRepository.php? I can't find any hints in the docs so far and would appriciate any kind of hint or link where i can find informations for this.

Michael
  • 178
  • 1
  • 11
  • Check this out https://sonata-project.org/bundles/admin/master/doc/reference/security.html – Filchev Oct 13 '16 at 09:22
  • @Filchev I have been reading this several times before, especially the part with CoopTilleulsAclSonataAdminExtensionBundle, which works in List Mode but not in Edit mode – Michael Oct 13 '16 at 09:51
  • Still looking for a good answer. – Michael Oct 26 '16 at 08:55

1 Answers1

0

You need to either overwrite the edit twig template or create a custom select box. See this question about about overriding. I don`t know your entity structure but the process should go like 

{% for object in objects %}
 {% if owned by this user flag display %}
  {{object}}
 {% endif %}
{% endfor%}

Custom select query in the admin class like 

    $em = $this->getConfigurationPool()->getContainer()->get('doctrine.orm.entity_manager');
    $user = $this->getConfigurationPool()->getContainer()->get('security.token_storage')->getToken()->getUser();
    $query = $em->createQueryBuilder('p')
        ->select('p')
        ->from('MyBundle:Product', 'p')
        ->where('p.user = :user')
        ->setParameter('user', $user);

    $formMapper
            ...
            ->add('categoria', 'sonata_type_model', array(
    'required' => true,
    'query' => $query
))
Community
  • 1
  • 1
Filchev
  • 224
  • 1
  • 12
  • I see your approoach. But i can't gain access to em in an adminclass, as it extends from AbstractAdmin, where no $this->get() is possible. Perhaps i can't see the forest for the trees. – Michael Oct 28 '16 at 13:20
  • @Michael you can get em in the admin class using the configuration pool. I updated my answer. – Filchev Oct 28 '16 at 13:23
  • I wasn't aware of the getConfigurationPool. Thanks for this. But still the question is, how to just get elements, where the current user is the owner of? In your example you reference to a column user in Product. But i'm using the ACL with CoopTilleulsAclSonataAdminExtensionBundle. So i can't reference on a column like user. – Michael Oct 28 '16 at 13:50
  • @Michael in your entity you don't have product owner? – Filchev Oct 28 '16 at 13:58
  • @Michael so I`m guessing you have a user role then? Get the role from your user object and filter by it. – Filchev Oct 28 '16 at 14:04
  • No i don't have a product owner column in the table. This is handled by the upper called extension, that generates ACL tables for objects. The user role is set by Sonata Adminbundle. You worked with SonataAdminBundle, CoopTilleulsAclSonataAdminExtensionBundle and sonata.admin.security.handler.acl before? – Michael Oct 28 '16 at 14:12
  • I did but lets see what you are trying to achieve here. You want user specific data and yet you don't have any way to filter it, because what this bundles provides you are usergroups. So if we take 2 users from the same group they have equal rights, basicly you need an anchor to filter them. – Filchev Oct 28 '16 at 14:35
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/126916/discussion-between-michael-and-filchev). – Michael Oct 28 '16 at 14:41
  • I have made a very interessting spotting today: if i use `$fromMapper->add('foo')`where foo is another admin, i got my problem as discribed above. So the FormMapper sets sonata_type_model as default. If i set it this way `$formMapper->add('foo', 'sonata_type_model_autocomplete')` the acl is working fine. – Michael Nov 09 '16 at 13:24