I try to configure routes in function of the user roles. This is what I did :
The service :
admin.group:
...
calls:
- [ setTokenStorage, [ "@security.token_storage" ] ]
The Admin class :
public function setTokenStorage (TokenStorageInterface $tokenStorage) {
$this->tokenStorage = $tokenStorage;
$this->user = null;
$token = $this->tokenStorage->getToken();
if (null !== $token && is_object($token->getUser())) {
$this->user = $token->getUser();
}
}
protected function configureRoutes(RouteCollection $collection)
{
if ($this->user && $this->user->hasRole('ROLE_SUPER_ADMIN')) {
$collection->remove('delete');
}
else {
$collection->clearExcept(array('list'));
}
}
I get a crash :
An exception has been thrown during the rendering of a template ("Unable to generate a URL for the named route "sonata_group_edit" as such route does not exist.") in SonataAdminBundle:CRUD:base_list_field.html.twig at line 23.
It seems that we pass two times in configureRoutes, the first time the user is null, the second time the user is not null. The second time $this->user->hasRole('ROLE_SUPER_ADMIN') is true but it creates this crash.
I'm not using SonataUserBundle because it is not available for Symfony 3.
How can I do it ? TY
My bad, I thought Sonata Security would not do the work but it does !
I created specific roles :
ROLE_THEME_VIEWER:
- ROLE_ADMIN_THEME_LIST
ROLE_GROUP_VIEWER:
- ROLE_ADMIN_GROUP_LIST
ROLE_RULES_VIEWER:
- ROLE_ADMIN_RULES_LIST
And :
ROLE_ADMIN: [..., ROLE_THEME_VIEWER, ROLE_GROUP_VIEWER, ROLE_RULES_VIEWER]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_SONATA_ADMIN, ROLE_ALLOWED_TO_SWITCH]
https://sonata-project.org/bundles/admin/master/doc/reference/security.html
If you still want to use "configureRoutes" for checking access, you should read this :
https://github.com/sonata-project/SonataAdminBundle/issues/2590
This is not a good idea as pulzarraider said. To make my code works, you have to clear the cache every time. That's really bad !