move service definitions to security.xml

DependencyInjection/SonataAdminExtension.php

@@ -70,15 +70,7 @@ class SonataAdminExtension extends Extension
         $container->setAlias('sonata.admin.security.handler', $config['security']['handler']);
 
         switch ($config['security']['handler']) {
-            case 'sonata.admin.security.handler.noop':
-                $container->setParameter('sonata.admin.security.handler.noop.class', 'Sonata\AdminBundle\Security\Handler\NoopSecurityHandler');
-                $container->setDefinition('sonata.admin.security.handler.noop', new Definition('%sonata.admin.security.handler.noop.class%'));
-                break;
             case 'sonata.admin.security.handler.role':
-                $container->setParameter('sonata.admin.security.handler.role.class', 'Sonata\AdminBundle\Security\Handler\RoleSecurityHandler');
-                $roleService = new Definition('%sonata.admin.security.handler.role.class%', array(new Reference('security.context'), array('ROLE_SUPER_ADMIN')));
-                $container->setDefinition('sonata.admin.security.handler.role', $roleService);
-
                 if (count($config['security']['information']) === 0) {
                     $config['security']['information'] = array(
                         'EDIT'      => array('EDIT'),
@@ -92,10 +84,6 @@ class SonataAdminExtension extends Extension
                 }
                 break;
             case 'sonata.admin.security.handler.acl':
-                $container->setParameter('sonata.admin.configuration.security.admin_permissions', $config['security']['admin_permissions']);
-                $container->setParameter('sonata.admin.configuration.security.object_permissions', $config['security']['object_permissions']);
-                $loader->load('security_acl.xml');
-
                 if (count($config['security']['information']) === 0) {
                     $config['security']['information'] = array(
                         'GUEST'    => array('VIEW', 'LIST'),
@@ -105,11 +93,11 @@ class SonataAdminExtension extends Extension
                     );
                 }
                 break;
-            default:
-                throw new \InvalidArgumentException(sprintf('Unknown security handler "%s"', $config['security']['handler']));
         }
-
         $container->setParameter('sonata.admin.configuration.security.information', $config['security']['information']);
+        $container->setParameter('sonata.admin.configuration.security.admin_permissions', $config['security']['admin_permissions']);
+        $container->setParameter('sonata.admin.configuration.security.object_permissions', $config['security']['object_permissions']);
+        $loader->load('security.xml');
 
         /**
          * This is a work in progress, so for now it is hardcoded

Resources/config/security_acl.xml

@@ -5,12 +5,21 @@
     xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
 
     <parameters>
+        <parameter key="sonata.admin.security.handler.noop.class" >Sonata\AdminBundle\Security\Handler\NoopSecurityHandler</parameter>
+        <parameter key="sonata.admin.security.handler.role.class" >Sonata\AdminBundle\Security\Handler\RoleSecurityHandler</parameter>
         <parameter key="sonata.admin.security.handler.acl.class" >Sonata\AdminBundle\Security\Handler\AclSecurityHandler</parameter>
         <parameter key="sonata.admin.security.mask.builder.class" >Sonata\AdminBundle\Security\Acl\Permission\MaskBuilder</parameter>
     </parameters>
 
     <services>
-        <service id="sonata.admin.security.handler.acl" class="%sonata.admin.security.handler.acl.class%">
+        <service id="sonata.admin.security.handler.noop" class="%sonata.admin.security.handler.noop.class%" public="false" />
+        <service id="sonata.admin.security.handler.role" class="%sonata.admin.security.handler.role.class%" public="false">
+            <argument type="service" id="security.context" on-invalid="null" />
+            <argument type="collection">
+                <argument>ROLE_SUPER_ADMIN</argument>
+            </argument>
+        </service>
+        <service id="sonata.admin.security.handler.acl" class="%sonata.admin.security.handler.acl.class%" public="false">
             <argument type="service" id="security.context" on-invalid="null" />
             <argument type="service" id="security.acl.provider" on-invalid="null" />
             <argument>%sonata.admin.security.mask.builder.class%</argument>
@@ -22,7 +31,7 @@
             </call>
             <call method="setObjectPermissions">
                 <argument>%sonata.admin.configuration.security.object_permissions%</argument>
-            </call>            
+            </call>
         </service>
-    </services>    
+    </services>
 </container>