fix acl permission

Admin/Admin.php

@@ -1852,7 +1852,6 @@ abstract class Admin implements AdminInterface, DomainObjectInterface
             sprintf($baseRole, 'LIST')      => array('LIST'),
             sprintf($baseRole, 'CREATE')    => array('CREATE'),
             sprintf($baseRole, 'DELETE')    => array('DELETE'),
-            sprintf($baseRole, 'BATCH')     => array('BATCH'),
             sprintf($baseRole, 'OPERATOR')  => array('OPERATOR'),
         );
     }

Command/DumpActionRolesCommand.php

@@ -70,6 +70,9 @@ class DumpActionRolesCommand extends Command
     public function dumpYaml(OutputInterface $output, array $infos)
     {
 
+        $output->writeln('# ----');
+        $output->writeln('# PLEASE DO NOT EDIT THIS FILE');
+        $output->writeln('# ----');
         $output->writeln('sonata_admin:');
         $output->writeln('    access_control:');
         foreach ($infos as $groups) {

Controller/CRUDController.php

@@ -121,7 +121,7 @@ class CRUDController extends Controller
      */
     public function listAction()
     {
-        if ($this->admin->isGranted('LIST')) {
+        if (false === $this->admin->isGranted('LIST')) {
             throw new AccessDeniedException();
         }
 
@@ -140,7 +140,7 @@ class CRUDController extends Controller
      */
     public function batchActionDelete($idx)
     {
-        if ($this->admin->isGranted('DELETE')) {
+        if (false === $this->admin->isGranted('DELETE')) {
             throw new AccessDeniedException();
         }
 
@@ -153,7 +153,7 @@ class CRUDController extends Controller
 
     public function deleteAction($id)
     {
-        if ($this->admin->isGranted('DELETE')) {
+        if (false === $this->admin->isGranted('DELETE')) {
             throw new AccessDeniedException();
         }
 
@@ -178,7 +178,7 @@ class CRUDController extends Controller
      */
     public function editAction($id)
     {
-        if ($this->admin->isGranted('EDIT')) {
+        if (false === $this->admin->isGranted('EDIT')) {
             throw new AccessDeniedException();
         }
 
@@ -278,7 +278,7 @@ class CRUDController extends Controller
      */
     public function createAction()
     {
-        if ($this->admin->isGranted('CREATE')) {
+        if (false === $this->admin->isGranted('CREATE')) {
             throw new AccessDeniedException();
         }
 

Resources/doc/reference/architecture.rst

@@ -32,7 +32,7 @@ meaning that the following required dependencies are automatically injected:
 * ``FormContractor``: constructs the form using the Symfony ``FormBuilder``
 * ``DatagridBuilder``: builds the filter fields
 * ``Router``: generates the different urls
-* ``Request`` 
+* ``Request``
 * ``ModelManager``: Service which handles specific ORM code
 * ``Translator``
 
@@ -129,7 +129,7 @@ Once you have created an admin class, you must declare the class to use it. Like
 
 Or if you're using a YML configuration file,
 
-.. code-block:: yml
+.. code-block:: yaml
 
     services:
        sonata.news.admin.post:

Resources/doc/reference/dashboard.rst

@@ -4,6 +4,6 @@ Dashboard
 The dashboard is the main landing page. For now the dashboard lists the
 different admin areas available.
 
-.. image:: ../images/dashboard.png 
+.. image:: ../images/dashboard.png
            :alt: Dashboard
-           :width: 50%
+           :width: 200

Resources/doc/reference/form_types_and_transformers.rst

@@ -68,8 +68,8 @@ Now you can edit the settings array with :
 the output will be :
 
 .. image:: ../images/sonata_type_immutable_array.png
-           :alt: Dashboard
-
+           :alt: Immutable Array Type
+           :width: 200
 
 
 Datatransformer

Resources/views/CRUD/edit_boolean.html.twig

@@ -12,7 +12,6 @@ file that was distributed with this source code.
 <div>
 
     <div class="sonata-ba-field {% if field_element.vars.errors|length > 0 %}sonata-ba-field-error{% endif %}">
-
         {% block field %}{{ form_widget(field_element) }}{% endblock %}
         {% block label %}
             {% if field_description.options.name is defined %}

Security/Acl/Permission/MaskBuilder.php

@@ -0,0 +1,21 @@
+<?php
+/*
+ * This file is part of the Sonata project.
+ *
+ * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+
+namespace Sonata\AdminBundle\Security\Acl\Permission;
+
+use Symfony\Component\Security\Acl\Permission\MaskBuilder as BaseMaskBuilder;
+
+class MaskBuilder extends BaseMaskBuilder
+{
+    const MASK_LIST         = 4096;       // 1 << 12
+
+    const CODE_LIST         = 'L';
+}

Tests/Security/Acl/Permission/MaskBuilderTest.php

@@ -0,0 +1,34 @@
+<?php
+
+/*
+ * This file is part of the Sonata package.
+ *
+ * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace Sonata\AdminBundle\Tests\Admin\Security\Acl\Permission;
+
+use Sonata\AdminBundle\Security\Acl\Permission\MaskBuilder;
+
+class MaskBuilderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testGetPattern()
+    {
+        $builder = new MaskBuilder;
+        $this->assertEquals(MaskBuilder::ALL_OFF, $builder->getPattern());
+
+        $builder->add('view');
+        $this->assertEquals(str_repeat('.', 31).'V', $builder->getPattern());
+
+        $builder->add('owner');
+        $this->assertEquals(str_repeat('.', 24).'N......V', $builder->getPattern());
+
+        $builder->add('list');
+        $this->assertEquals(str_repeat('.', 19).'L....N......V', $builder->getPattern());
+
+        $builder->add(1 << 10);
+        $this->assertEquals(str_repeat('.', 19).'L.'.MaskBuilder::ON.'..N......V', $builder->getPattern());
+    }
+}