Chapters
40 Chapters
|
4:19:16
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
27.
Entity & Field Permissions
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
This tutorial is built on Symfony 6 but works great on Symfony 7!
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2.0",
"ext-ctype": "*",
"ext-iconv": "*",
"composer/package-versions-deprecated": "^1.11", // 1.11.99.4
"doctrine/doctrine-bundle": "^2.1", // 2.5.5
"doctrine/doctrine-migrations-bundle": "^3.0", // 3.2.1
"doctrine/orm": "^2.7", // 2.10.4
"easycorp/easyadmin-bundle": "^4.0", // v4.0.2
"handcraftedinthealps/goodby-csv": "^1.4", // 1.4.0
"knplabs/knp-markdown-bundle": "dev-symfony6", // dev-symfony6
"knplabs/knp-time-bundle": "^1.11", // 1.17.0
"sensio/framework-extra-bundle": "^6.0", // v6.2.5
"stof/doctrine-extensions-bundle": "^1.4", // v1.7.0
"symfony/asset": "6.0.*", // v6.0.1
"symfony/console": "6.0.*", // v6.0.2
"symfony/dotenv": "6.0.*", // v6.0.2
"symfony/flex": "^2.0.0", // v2.4.5
"symfony/framework-bundle": "6.0.*", // v6.0.2
"symfony/mime": "6.0.*", // v6.0.2
"symfony/monolog-bundle": "^3.0", // v3.7.1
"symfony/runtime": "6.0.*", // v6.0.0
"symfony/security-bundle": "6.0.*", // v6.0.2
"symfony/stopwatch": "6.0.*", // v6.0.0
"symfony/twig-bundle": "6.0.*", // v6.0.1
"symfony/ux-chartjs": "^2.0", // v2.0.1
"symfony/webpack-encore-bundle": "^1.7", // v1.13.2
"symfony/yaml": "6.0.*", // v6.0.2
"twig/extra-bundle": "^2.12|^3.0", // v3.3.7
"twig/twig": "^2.12|^3.0" // v3.3.7
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.3", // 3.4.1
"symfony/debug-bundle": "6.0.*", // v6.0.2
"symfony/maker-bundle": "^1.15", // v1.36.4
"symfony/var-dumper": "6.0.*", // v6.0.2
"symfony/web-profiler-bundle": "6.0.*", // v6.0.2
"zenstruck/foundry": "^1.1" // v1.16.0
}
}
10 Comments
Hey there,
Maybe I'm just tired, but I can't find a way to add custom logic on a field-based permission.
For example, I want only the user itself or an admin to be able to modify the password field in my UserCrudController.
I would need something like this but it doesn't work because it's not passing the user as the subject.
Or something like this, but it doesn't work because
setPermissiononly accepts a string.I'm kind of stuck. I'll go sleep on it.
Cheers!
Hey @julien_bonnier!
Hmmm. I like what you tried - what is the subject? It looks like it is... maybe the
FieldDtoobject? Hmm, yea, that's not helpful. I think what you're going to need to do is grab the User object yourself - via theAdminContext. If you inject theAdminContext, you can callgetEntity()to get theEntityDto, then->getInstance()should get the underlying object. This works because you're only using this on a form page, so theUsershould be the "main entity" for that page (this trick would not work on a list page).Let me know if that helps - it looks oddly tricky to me also.
Cheers!
Hey @weaverryan
What you suggested is basically what I tried in my second example, but the problem wasn't there. My problem was that
->setPermission()only accepts a string.So.... I took a step back and figured out I can do it with plain old PHP. It is not a nice as a chained method but at least it works...
Hey @julien_bonnier!
Yea... I think this probably fine - and simpler than what I was suggesting. My suggestion wasn't actually the same as your 2nd solution - I was thinking you would do
->setPermission(UserVoter::UPDATE_PASSWORD), then inUserVoter, grab theAdminContext. to find out whichUserthis is. A bit more complex overall than what you ended up with.Cheers!
Oh! I see.
But I think I will keep it like this for now, as it is less complicated.
Thanks a bunch
What is the best way to define field permission with different ROLES for read and write?
My understand is to duplicate the Field but there is some duplicate codes with the help() for example.
Here is my code for now but I am not sure:
`
yield TextField::new('name', 'Nom')->setColumns(6)
yield TextField::new('name', 'Nom')->setColumns(6)
`
The goal is to have readonly the name for ROLE_ADMIN.
with this code, the ROLE_ADMIN can not edit the name, he can see on index or details but when editing, it is not there but I would like to display the content to indiecate the name of the value he have to write.
One trick is to set this in the configureCrud()
->setEntityLabelInSingular(fn (?Content $content, ?string $pageName) => $content ? $content->getName() : 'Content')Hey Christophe R. !
Hmm, this is a good question. I believe you have the correct approach. The big downside is duplication... and, while I can think of a solution to that... I can't think of a GREAT solution. My first thought was to setup the main properties of the field and set to a variable. Then "clone" that, modify it for the form/view, and yield it. Unfortunately, I don't think this works because clone is "shallow", and the underlying data for the TextField is stored in a DTO (in other words, cloning will still mean that you're modifying the same underlying DTO... so it's not really a clone).
So what about this:
Effectively, we create our own "clone"... which is really a function that creates a new object each time. What do you think?
Cheers!
I know that question is quite old, but what about:
Hey @julien_bonnier
I think it should work too. I'd go with any option that's easier for you or your team to read/understand
Cheers!
Sorry, missing semicolon on line 4, but can't edit
"Houston: no signs of life"
Start the conversation!