Easyadminbundle: Show/Use entities depending on user's roles

Created on 14 May 2018 · 7Comments · Source: EasyCorp/EasyAdminBundle

Hello,
I was asked in a project to restrict accessibility to some entities depending on user's roles.
Instead of manipulating twig/css and adding a persisting logic within an eventlistener I forked the bundle added some code in it and now I can put this restriction using the yml config file like below

easy_admin:
    design:
            menu:
                - entity: TEST
                  icon: 'question'
                  #only users with ROLE_ADMIN can see this entity in the menu section
                  roles:
                    - ROLE_ADMIN
    entities:
              TEST:
                  #only users with ROLE_ADMIN can have access to the entity
                  roles:
                    - ROLE_ADMIN
                  class: App\Entity\Test

After this I removed the original bundle from composer.json and added mine :

"repositories":
    [
        {
            "type": "vcs",
            "url": "http://github.com/luxferoo/EasyAdminBundle"
        }
    ],
    "require": {
        "luxferoo/EasyAdminBundle" : "^1",

What do you think guys ? is that correcte ? (the problem is if EasyCorp add a new feature I will have to merge it with the forked bundle).

feature

Source

luxferoo

👍3

Most helpful comment

There is a pending pull request for this. Also, it's my top priority at the moment, so it will be implemented soon.

javiereguiluz on 23 Feb 2019

❤3 🎉1 👍1

All 7 comments

Feature is in the "Features that MIGHT be implemented #3" list. https://github.com/EasyCorp/EasyAdminBundle/projects/1

COil on 6 Jul 2018

👍2

@luxferoo this is the most important lacking feature of the bundle. We're going to add this feature in the future. See our roadmap. We intend to restrict views, actions, fields, etc. For now I'm closing this to not have it duplicated. Thanks!

javiereguiluz on 10 Aug 2018

🎉1 👍1

Thanks @javiereguiluz ! Meanwhile I overridden ActionConfigPass and MenuConfigPass and know I can restrict access to entities with easy_admin.yml 👍

luxferoo on 10 Aug 2018

What is the status on this issue? Missing permission handling is the elephant in the room - easyadmin is a great tool, but of course permission handling is a very basic requirement for anything real-life that is urgently needed.

I understand how to do that on an entity-level with the symfony low-level security component, but of course it would be much better to have that abstracted away in a generic tool like easy_admin.

Also I was wondering that everybody seems to implement permission handling from zero on its own - not having to implement security on my own is one of the best reasons to use open source. DI, Templates, Routing, CRUD - yes, this is all fine and really good to have, but the most important part where I want to have as many eyes on as possible is security! And that, unfortunately, is mostly DIY in the Symfony world, based on some primitives, but still lot of room to make it wrong. So having a best practice permission handling implementation is really important.

@luxferoo - it would be great to see how you solved that - maybe I missed the details, is it possible to study your code somewhere? Thank you very much!

symfonysos on 23 Feb 2019

👍1

There is a pending pull request for this. Also, it's my top priority at the moment, so it will be implemented soon.

javiereguiluz on 23 Feb 2019

❤3 🎉1 👍1

Great, great, great, thank you so much! It feels like christmas :)
Looks like my next project will be done with symfony, finally since V4 I see lot of good things happen!

symfonysos on 25 Feb 2019

Its this one I guess?

Good to see the alterphp implementation grow into this project - it is very nice to see open-minded developers doing the right thing!