Describe the bug
Can someone confirm that? is this a bug or am I doing something wrong?
The code is shortened, the same voter works correctly for the default EA actions like NEW, EDIT or DETAILS.
Got error performing default EA actions copying the link on account !ROLE_ADMIN
custom action - is not visible on index list (good)
but i can perform that action on user without permission copying a link (got nice green success flash message)
// TournamentVoter
namespace App\Security\Voter\Tournament;
use App\Entity\Tournament\Tournament;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Bundle\SecurityBundle\Security;
class TournamentVoter extends Voter
{
public const MAKE_SERIES = 'TOURNAMENT_MAKE_SERIES';
public function __construct(private Security $security)
{
}
protected function supports(string $attribute, mixed $subject): bool
{
return in_array($attribute, [self::MAKE_SERIES])
&& $subject instanceof Tournament;
}
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
{
$user = $token->getUser();
if (!$user instanceof UserInterface) {
return false;
}
switch ($attribute) {
case self::MAKE_SERIES:
if (
(in_array("ROLE_ADMIN", $user->getRoles()))
)
{
return true;
}
break;
}
return false;
}
}
//TournamentCrudController
#[\Override]
public function configureActions(Actions $actions): Actions
{
$makeSeries = Action::new('Clone series', 'Klonuj serię')->linkToCrudAction('makeSeries');
return $actions
->add(Crud::PAGE_INDEX, $makeSeries)->setPermission($makeSeries, TournamentVoter::MAKE_SERIES)
;
}
public function makeSeries(AdminUrlGenerator $adminUrlGenerator)
{
$this->addFlash('success', 'Success');
$url = $adminUrlGenerator
->setAction(Action::INDEX)
->generateUrl();
return $this->redirect($url);
}
#[IsGranted('ROLE_ADMIN')]
public function makeSeries(AdminUrlGenerator $adminUrlGenerator)
{
...
$this->denyAccessUnlessGranted('TOURNAMENT_MAKE_SERIES', $entity);
Describe the bug Can someone confirm that? is this a bug or am I doing something wrong? The code is shortened, the same voter works correctly for the default EA actions like NEW, EDIT or DETAILS. Got error performing default EA actions copying the link on account !ROLE_ADMIN
custom action - is not visible on index list (good) but i can perform that action on user without permission copying a link (got nice green success flash message)
// TournamentVoter
}
//TournamentCrudController
To Reproduce Symfony 7.0.6, EA 4.10.0