Sonata Admin: Let users only edit entities they own (ACL)
There is a new Symfony bundle doing just that: https://github.com/coopTilleuls/CoopTilleulsAclSonataAdminExtensionBundle
All you need to do is enable ACL in Sonata Admin, install the bundle and activate it. Pretty easy and effective, I use it in my Symfony2 project with Sonata Admin 2.2.
I saw 2 ways to do that:
- Create a custom AclVoter
- Override your Admin Class'
CreateQuery()
I was not able to do any of these for doing the very simple thing that I needed, but I think this is the idea.
Actually this is one of many Symfony things on which I spent many hours and thousands lines of code without big success... Such simple needs should not be as much pain in the arse...
Don't grant the EDIT
permission to the users. They can edit the instances they own but not others' instances.
I use this configuration:
#app/config/config.ymlsonata_admin: security: information: STAFF: [VIEW, LIST, CREATE] EDITOR: [OPERATOR, EXPORT] ADMIN: [MASTER]