Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
kohinos
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
9
Issues
9
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
cooperatic-mlc
kohinos
Commits
e0839f9a
Commit
e0839f9a
authored
Oct 26, 2020
by
Mathieu Poisbeau
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
#206: en admin, trésoriers et admins siège peuvent "voir les comptoirs"
(en lecture seule, c-à-d en mode LIST et VIEW)
parent
704e5af3
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
8 additions
and
3 deletions
+8
-3
security.yaml
config/packages/security.yaml
+5
-2
ComptoirAdmin.php
src/Admin/ComptoirAdmin.php
+3
-1
No files found.
config/packages/security.yaml
View file @
e0839f9a
...
...
@@ -109,14 +109,17 @@ security:
ROLE_API
:
ROLE_USER
ROLE_ADHERENT
:
ROLE_USER
ROLE_PRESTATAIRE
:
ROLE_USER
ROLE_ADMIN_SIEGE
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_ADMIN_SIEGE
:
[
ROLE_USER
,
ROLE_ADMIN
,
ROLE_ADMIN_COMPTOIR_READER
]
ROLE_REDACTEUR
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_TRESORIER
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_TRESORIER
:
[
ROLE_USER
,
ROLE_ADMIN
,
ROLE_ADMIN_COMPTOIR_READER
]
ROLE_CONTROLEUR
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_GESTION_GROUPE
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_COMPTOIR
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_CONTACT
:
[
ROLE_USER
,
ROLE_ADMIN
]
ROLE_ADMIN
:
[
ROLE_USER
,
ROLE_SONATA_ADMIN
]
ROLE_ADMIN_COMPTOIR_READER
:
-
ROLE_ADMIN_COMPTOIR_GERER_LIST
-
ROLE_ADMIN_COMPTOIR_GERER_VIEW
ROLE_SUPER_ADMIN
:
[
ROLE_ADMIN
,
ROLE_ALLOWED_TO_SWITCH
,
ROLE_API
]
# Easy way to control access for large sections of your site
...
...
src/Admin/ComptoirAdmin.php
View file @
e0839f9a
...
...
@@ -53,7 +53,9 @@ class ComptoirAdmin extends AbstractAdmin
$query
=
parent
::
createQuery
(
$context
);
$user
=
$this
->
security
->
getUser
();
if
(
empty
(
$this
->
getRequest
()
->
getSession
()
->
get
(
'_groupegere'
)))
{
if
(
$user
->
isGranted
(
'ROLE_GESTION_GROUPE'
)
||
$user
->
isGranted
(
'ROLE_CONTACT'
)
||
$user
->
isGranted
(
'ROLE_TRESORIER'
))
{
// TODO: Pourquoi empêcher toutes les "requêtes comptoir" pour ces rôles ?
//if ($user->isGranted('ROLE_GESTION_GROUPE') || $user->isGranted('ROLE_CONTACT') || $user->isGranted('ROLE_TRESORIER')) {
if
(
$user
->
isGranted
(
'ROLE_GESTION_GROUPE'
)
||
$user
->
isGranted
(
'ROLE_CONTACT'
))
{
$query
->
andWhere
(
'false = true'
);
}
}
else
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment