Sonata Admin: Let users only edit entities they own (ACL)

symfony acl sonata-admin

There is a new Symfony bundle doing just that: https://github.com/coopTilleuls/CoopTilleulsAclSonataAdminExtensionBundle

All you need to do is enable ACL in Sonata Admin, install the bundle and activate it. Pretty easy and effective, I use it in my Symfony2 project with Sonata Admin 2.2.

symfony acl sonata-admin

I saw 2 ways to do that:

Create a custom AclVoter
Override your Admin Class' CreateQuery()

I was not able to do any of these for doing the very simple thing that I needed, but I think this is the idea.

Actually this is one of many Symfony things on which I spent many hours and thousands lines of code without big success... Such simple needs should not be as much pain in the arse...

symfony acl sonata-admin

Don't grant the EDIT permission to the users. They can edit the instances they own but not others' instances.

I use this configuration:

#app/config/config.ymlsonata_admin:    security:        information:            STAFF:    [VIEW, LIST, CREATE]            EDITOR:   [OPERATOR, EXPORT]            ADMIN:    [MASTER]

Documentation

CodeHunter

Sonata Admin: Let users only edit entities they own (ACL)

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last