I am working on a Symfony project where I have to manage roles. I want to use Sonata ACL but can't make it work.
An user with ROLE_CONTACT should be able to list, create and edit an user, but he can only list and add users.
I followed the documentation here.
Here is my code.
security.yml
role_hierarchy:
ROLE_TRADUCTEUR: [ROLE_USER]
ROLE_CONTACT:
- ROLE_SONATA_ADMIN
- ROLE_SONATA_ADMIN_USER_STAFF
- ...
acl:
connection: default
services.yml
parameters:
# parameter_name: value
security.acl.permission.map.class: Sonata\AdminBundle\Security\Acl\Permission\AdminPermissionMap
sonata.admin.security.mask.builder.class: Sonata\AdminBundle\Security\Acl\Permission\MaskBuilder
sonata_admin.yml (included in config.yml)
sonata_admin:
templates:
layout: SonataAdminBundle::extend_layout.html.twig
security:
handler: sonata.admin.security.handler.acl
# acl security information
information:
GUEST: [VIEW, LIST]
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
Can you help me ? Thank you
