Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
teebbstudios
teebblog
提交
a2d53529
T
teebblog
项目概览
teebbstudios
/
teebblog
通知
0
Star
5
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
teebblog
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
a2d53529
编写于
7月 22, 2021
作者:
伟
伟伟权
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
90. update crud actions and ROLE_ADMIN permission
上级
382ddd18
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
28 addition
and
1 deletion
+28
-1
src/Controller/Admin/PostCrudController.php
src/Controller/Admin/PostCrudController.php
+14
-0
src/Security/Voter/PostVoter.php
src/Security/Voter/PostVoter.php
+14
-1
未找到文件。
src/Controller/Admin/PostCrudController.php
浏览文件 @
a2d53529
...
...
@@ -3,6 +3,9 @@
namespace
App\Controller\Admin
;
use
App\Entity\Post
;
use
App\Security\Voter\PostVoter
;
use
EasyCorp\Bundle\EasyAdminBundle\Config\Action
;
use
EasyCorp\Bundle\EasyAdminBundle\Config\Actions
;
use
EasyCorp\Bundle\EasyAdminBundle\Config\Crud
;
use
EasyCorp\Bundle\EasyAdminBundle\Config\Filters
;
use
EasyCorp\Bundle\EasyAdminBundle\Controller\AbstractCrudController
;
...
...
@@ -56,4 +59,15 @@ class PostCrudController extends AbstractCrudController
return
$filters
->
add
(
ChoiceFilter
::
new
(
'status'
)
->
setChoices
([
'draft'
=>
'draft'
,
'published'
=>
'published'
]));
}
public
function
configureActions
(
Actions
$actions
):
Actions
{
return
$actions
->
update
(
Crud
::
PAGE_INDEX
,
Action
::
EDIT
,
function
(
Action
$action
)
{
return
$action
->
displayIf
(
fn
(
$entity
)
=>
$this
->
isGranted
(
PostVoter
::
POST_OWNER_EDIT
,
$entity
));
})
->
update
(
Crud
::
PAGE_INDEX
,
Action
::
DELETE
,
function
(
Action
$action
)
{
return
$action
->
displayIf
(
fn
(
$entity
)
=>
$this
->
isGranted
(
PostVoter
::
POST_OWNER_DELETE
,
$entity
));
});
}
}
src/Security/Voter/PostVoter.php
浏览文件 @
a2d53529
...
...
@@ -5,12 +5,22 @@ namespace App\Security\Voter;
use
App\Entity\Post
;
use
Symfony\Component\Security\Core\Authentication\Token\TokenInterface
;
use
Symfony\Component\Security\Core\Authorization\Voter\Voter
;
use
Symfony\Component\Security\Core\Security
;
use
Symfony\Component\Security\Core\User\UserInterface
;
class
PostVoter
extends
Voter
{
const
POST_OWNER_EDIT
=
'post_owner_edit'
;
const
POST_OWNER_DELETE
=
'post_owner_delete'
;
/**
* @var Security
*/
private
Security
$security
;
public
function
__construct
(
Security
$security
)
{
$this
->
security
=
$security
;
}
protected
function
supports
(
string
$attribute
,
$subject
):
bool
{
...
...
@@ -37,7 +47,10 @@ class PostVoter extends Voter
case
self
::
POST_OWNER_DELETE
:
// logic to determine if the user can VIEW
// return true or false
if
(
$subject
->
getAuthor
()
==
$user
){
if
(
$this
->
security
->
isGranted
(
'ROLE_ADMIN'
))
{
return
true
;
}
if
(
$subject
->
getAuthor
()
==
$user
)
{
return
true
;
}
break
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录