In sonata admin the roles are based on admin services name with CRUD export and master permissions but the way it looks not so user friendly to create groups for others user or assign specific permissions to a user considering an example for sonata admin post module the service for admin is named as sonata.news.admin.post and for that service generated roles will look like
ROLE_SONATA_NEWS_ADMIN_POST_EDIT
ROLE_SONATA_NEWS_ADMIN_POST_LIST
ROLE_SONATA_NEWS_ADMIN_POST_CREATE
ROLE_SONATA_NEWS_ADMIN_POST_VIEW
ROLE_SONATA_NEWS_ADMIN_POST_DELETE
ROLE_SONATA_NEWS_ADMIN_POST_EXPORT
ROLE_SONATA_NEWS_ADMIN_POST_OPERATOR
ROLE_SONATA_NEWS_ADMIN_POST_MASTER
For a normal user its difficult to read/assign roles is there a better way for representation of generated roles ?
Adding my own answer
In Sonata admin if you wish to change display security roles as a user friendly view you have to override below sonata's services
- sonata.user.editable_role_builder
- sonata.user.form.type.security_roles
And definitions will look like as below
<services>
<service id="sonata.user.editable_role_builder" class="Acme\DemoBundle\Security\EditableRolesBuilder">
<argument type="service" id="security.context" />
<argument type="service" id="sonata.admin.pool" />
<argument>%security.role_hierarchy.roles%</argument>
</service>
<service id="sonata.user.form.type.security_roles" class="Acme\DemoBundle\Form\Type\SecurityRolesType">
<tag name="form.type" alias="sonata_security_roles" />
<argument type="service" id="sonata.user.editable_role_builder" />
</service>
</services>
And define your classes in these services for, Demo code i have used Acme\DemoBundle
Now SecurityRolesType class is dependendant of Sonata's EditableRolesBuilder you have to make it dependent of your own EditableRolesBuilder Class so in same way override dependency of sonata's RestoreRolesTransformer to your class
I have transformed all roles to an array of module wise roles in SecurityRolesType.php and passed it to view all customization you can view in this file
Also override the twig template for roles you can overrride it by coping form_admin_fields.html.twig from vendor\sonata-project\user-bundle\Resources\views and adding app\Resources\SonataUserBundle\views\Form path it will override parent twig file,In twig file i have tried to use accordion control bootstrap to display roles module wise and with appropriate permissions
Note: This code will only display permissions
[Create,Edit,View,List,Export,Delete,Master] it will not handle custom
permission
Last step import your service file in main configuration file that is config.yml
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: @AcmeDemoBundle/Resources/config/admin.xml }
For full code demo you can find it in below repository
Sonata Admin Enhanced View For Security Roles
Module Permissions Preview
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/H0EVx.png', '推荐 聊天终结者 的文章《Sonata admin enhanced view for security roles》','https://www.manongdao.com/article-933715.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}