-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security for all type "except entity" if has rol only hide menu #76
Conversation
src/Helper/MenuHelper.php
Outdated
else if ( | ||
'route' === $entry['type'] | ||
&& isset($entry['role']) | ||
&& !$this->adminAuthorizationChecker->isEasyAdminGranted( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use Symfony security.authorization_checker
service. AdminAuthorizationChecker
is intended to check access regarding an entity EasyAdmin config. You can not invent a list action role to deal with this case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding a test to cover the use case would be really kindful too ;-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Necessary? Now it's very simple and uses authorizationChecker:
if (
'route' === $entry['type']
&& isset($entry['role'])
&& !$this->authorizationChecker->isGranted($entry['role'])
)
Security for type "route" only hide menu