允许用户只编辑他们的奏鸣曲

Question

我想允许一些用户添加新闻，但我也不希望他们编辑对方的新曲目。所以登录到管理面板后，他们应该只能看到他们的新品。我现在正在用奏鸣曲做这个。

有没有这方面的配置？

我service.yml：

services: 
    sonata.admin.news: 
     class: MyBundle\Admin\NewsAdmin 
     tags: 
      - { name: sonata.admin, manager_type: orm, group: "Content", label: "News" } 
     arguments: 
      - ~ 
      - MyBundle\Entity\News 
      - ~ 
      - "@doctrine.orm.entity_manager" 
     calls: 
      - [ setTranslationDomain, [MyBundle]] 

NewsAdmin包含常规的东西，所以有地把它在这里没有任何意义。

Answer 1

，你可以注入的安全上下文服务到您的NewsAdmin

class NewsAdmin extends Admin 
{ 
    protected $security; 
    protected $em; 

    public function __construct($code, $class, $baseControllerName, $entityManager, SecurityContext $security) 
    { 
     parent::__construct($code, $class, $baseControllerName); 

     $this->em = $entityManager; 
     $this->security = $security; 
    } 

    public function getNewInstance() 
    { 
     $news = parent::getNewInstance(); 
     $news->setUser($this->security->getToken()->getUser()); 

     return $formDefinition; 
    } 

    public function createQuery($context = 'list') 
    { 
     $queryBuilder = $this->getModelManager()->getEntityManager($this->getClass())->createQueryBuilder(); 

     $queryBuilder 
      ->select('news') 
      ->from($this->getClass(), 'news') 
      ->andWhere('news.user = :user') 
      ->setParameter(':user', $this->security->getToken()->getUser()); 

     $proxyQuery = new ProxyQuery($queryBuilder); 
     return $proxyQuery; 
    } 

而且在您的管理的定义：

services: 
    sonata.admin.news: 
     class: MyBundle\Admin\NewsAdmin 
     tags: 
      - { name: sonata.admin, manager_type: orm, group: "Content", label: "News" } 
     arguments: 
      - ~ 
      - MyBundle\Entity\News 
      - ~ 
      - "@doctrine.orm.entity_manager" 
      - "@security.context" 
     calls: 
      - [ setTranslationDomain, [MyBundle]]