Restrict users behavior by rows of entity

Question

I am using Sonata Admin Bundle

It can restrict users behavior like editing or viewing by Roles or ACL.

This privilege is depending on each tables.

However, I want to controll users availability by each rows.

[For example]

I have table/entity like this.

Id |User  | data
1  |bear  | sarmon
2  |dog   | meat
3  |monkey| banana
4  |bear  | peanuts
5  |dog   | corn

Row 2 and 4 data is belonging to user bear.

So I want to let user bear view and edit only row 2 and 4.

In the screen for bear, listview should look like

Id |User  | data
1  |bear  | sarmon
4  |bear  | peanuts

This kind of things seems not to be controlled by Roles or ACL

[My Guess]

At first, I am struggling with public function configureListFields(ListMapper $listMapper) however I couldn't make it.

So I guess I need to put this kind of code somewhere else checking each rows.

if ($row->getUser() == 'bear'){
array_push($lists,$row);
}
else {
}

However where? and Am I walking to the right direction???

Is there anyone who use SonataAdminBundle like this??

I guess this situation is not rare case.

For example, in multiple blog management system.

Each user should have the privilege to edit his/her own posts.

http://symfony.com/doc/current/security/voters.html – Mawcel Mar 07 '17 at 16:46 — Mawcel, Mar 07 '17 at 16:46
This sounds like a case for the Security Voters. – Stephan Vierkant Mar 08 '17 at 14:22 — Stephan Vierkant, Mar 08 '17 at 14:22

0 Answers0