Pie*_*NAY 2 security symfony sonata-admin sonata-user-bundle
我已经扩展了SonataUserBundle,我想自定义Admin查询来限制列表:
class UserAdmin extends BaseUserAdmin
{
// ...
public function createQuery($context = 'list')
{
$query = parent::createQuery($context);
$query->andWhere(
$query->expr()->eq($query->getRootAlias().'.company', ':comp')
);
$query->setParameter('comp', $securityContext->user->getCompany());
return $query;
}
// ...
}
在这里,我试图让用户只看到他公司的用户.
但是$securityContext没有设定.
有人可以告诉我如何将安全上下文注入我的管理类吗?
您必须在UserAdmin服务中注入安全上下文服务.
为此,您必须更新捆绑包的services.yml:
services:
# ...
sonata.admin.user:
class: My\ProjectBundle\Admin\UserAdmin
tags:
- {name: sonata.admin, manager_type: orm, group: users, label: users}
arguments:
- null
- Application\Sonata\UserBundle\Entity\User
- SonataAdminBundle:CRUD
- @security.context #forth argument
calls:
- [setTranslationDomain, [MyProjectBundle]]
- [setUserManager, [@fos_user.user_manager]]
在您的UserAdmin类中,重写构造函数:
namespace My\ProjectBundle\Admin;
class UserAdmin extends Admin
{
private $securityContext = null;
public function __construct($code, $class, $baseControllerName, $secutiryContext=null)
{
parent::__construct($code, $class, $baseControllerName);
$this->securityContext = $securityContext;
}
public function createQuery($context = 'list')
{
$query = parent::createQuery($context);
$query->andWhere(
$query->expr()->eq($query->getRootAlias().'.company', ':comp')
);
$query->setParameter('comp', $this->securityContext->user->getCompany());
return $query;
}
}
我没有测试此代码,但我使用此方法在sonata admin中注入service_container以使用Gedmo Uploadable管理文件上载.
希望这可以帮助.