From be2edec605eb19a091aa13cabd042a88e7474d69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Fastr=C3=A9?= Date: Thu, 20 Apr 2017 16:27:06 +0200 Subject: [PATCH] add specific role for LIST and STAT --- DataFixtures/ORM/LoadPersonACL.php | 9 +++++++++ DependencyInjection/ChillPersonExtension.php | 3 +-- Export/Export/ListPerson.php | 2 +- Resources/translations/messages.fr.yml | 1 + Security/Authorization/PersonVoter.php | 3 ++- 5 files changed, 14 insertions(+), 4 deletions(-) diff --git a/DataFixtures/ORM/LoadPersonACL.php b/DataFixtures/ORM/LoadPersonACL.php index 01cf0ade9..691866294 100644 --- a/DataFixtures/ORM/LoadPersonACL.php +++ b/DataFixtures/ORM/LoadPersonACL.php @@ -24,6 +24,7 @@ use Doctrine\Common\DataFixtures\OrderedFixtureInterface; use Doctrine\Common\Persistence\ObjectManager; use Chill\MainBundle\DataFixtures\ORM\LoadPermissionsGroup; use Chill\MainBundle\Entity\RoleScope; +use Chill\PersonBundle\Security\Authorization\PersonVoter; /** * Add a role CHILL_PERSON_UPDATE & CHILL_PERSON_CREATE for all groups except administrative, @@ -57,6 +58,14 @@ class LoadPersonACL extends AbstractFixture implements OrderedFixtureInterface ->setRole('CHILL_PERSON_CREATE') ->setScope(null); $permissionsGroup->addRoleScope($roleScopeCreate); + $roleScopeList = (new RoleScope()) + ->setRole(PersonVoter::LISTS) + ->setScope(null); + $permissionsGroup->addRoleScope($roleScopeList); + $roleScopeStats = (new RoleScope()) + ->setRole(PersonVoter::STATS) + ->setScope(null); + $permissionsGroup->addRoleScope($roleScopeStats); $manager->persist($roleScopeUpdate); $manager->persist($roleScopeCreate); break; diff --git a/DependencyInjection/ChillPersonExtension.php b/DependencyInjection/ChillPersonExtension.php index 42ac8bd4d..38d796ae6 100644 --- a/DependencyInjection/ChillPersonExtension.php +++ b/DependencyInjection/ChillPersonExtension.php @@ -160,8 +160,7 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac $container->prependExtensionConfig('security', array( 'role_hierarchy' => array( 'CHILL_PERSON_UPDATE' => array('CHILL_PERSON_SEE'), - 'CHILL_PERSON_CREATE' => array('CHILL_PERSON_SEE'), - 'CHILL_PERSON_SEE' => array(PersonVoter::STATS) + 'CHILL_PERSON_CREATE' => array('CHILL_PERSON_SEE') ) )); } diff --git a/Export/Export/ListPerson.php b/Export/Export/ListPerson.php index a5e90b2fa..340430f91 100644 --- a/Export/Export/ListPerson.php +++ b/Export/Export/ListPerson.php @@ -421,7 +421,7 @@ class ListPerson implements ListInterface, ExportElementValidatedInterface */ public function requiredRole() { - return new Role(PersonVoter::STATS); + return new Role(PersonVoter::LISTS); } /** diff --git a/Resources/translations/messages.fr.yml b/Resources/translations/messages.fr.yml index fea668bc4..a37105871 100644 --- a/Resources/translations/messages.fr.yml +++ b/Resources/translations/messages.fr.yml @@ -141,6 +141,7 @@ CHILL_PERSON_SEE: Voir les personnes CHILL_PERSON_UPDATE: Modifier les personnes CHILL_PERSON_CREATE: Ajouter des personnes CHILL_PERSON_STATS: Statistiques sur les personnes +CHILL_PERSON_LISTS: Liste des personnes #period Period closed!: Période clôturée! diff --git a/Security/Authorization/PersonVoter.php b/Security/Authorization/PersonVoter.php index ad9f0c2a4..722e962dd 100644 --- a/Security/Authorization/PersonVoter.php +++ b/Security/Authorization/PersonVoter.php @@ -35,6 +35,7 @@ class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte const UPDATE = 'CHILL_PERSON_UPDATE'; const SEE = 'CHILL_PERSON_SEE'; const STATS = 'CHILL_PERSON_STATS'; + const LISTS = 'CHILL_PERSON_LISTS'; /** * @@ -49,7 +50,7 @@ class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte protected function getSupportedAttributes() { - return array(self::CREATE, self::UPDATE, self::SEE, self::STATS); + return array(self::CREATE, self::UPDATE, self::SEE, self::STATS, self::LISTS); } protected function getSupportedClasses()