search

sonata-project / SonataAdminBundle

The missing Symfony Admin Generator
https://docs.sonata-project.org/projects/SonataAdminBundle
MIT License
2.1k stars 1.26k forks source link

Enable security information mapping for RoleSecurityHandler #8192

Closed core23 closed 2 days ago

core23 commented 1 week ago

Subject

I am targeting this branch, because this feature is BC.

Finally provide #4925 feature

Changelog

### Added
-  Enable security information mapping for `RoleSecurityHandler`

If you want to combine multiple permissions, you can now use the sonata.admin.security.handler.role for this.

sonata_admin:
    security:
        handler:    sonata.admin.security.handler.role

        information:
            VIEWER:    [VIEW, LIST, EXPORT]
            EDITOR:    [EDIT, LIST, CREATE]
            ADMIN:     [OPERATOR, MASTER]

If you have a user with a ROLE_ACME_ADMIN_VIEWER permission, the security handler will work if your admin asks for VIEW, LIST or EXPORTER grants.

The changes are BC, because if will also work if you have no special information mapping.

core23 commented 2 days ago

phpstan is also failing on the dev-kit PRs :(

https://github.com/sonata-project/SonataAdminBundle/actions/runs/9930955039/job/27430272674?pr=8195