group visibility by role

DependencyInjection/Compiler/AddDependencyCallsCompilerPass.php

@@ -68,7 +68,8 @@ class AddDependencyCallsCompilerPass implements CompilerPassInterface
                 if (!isset($groupDefaults[$groupName])) {
                     $groupDefaults[$groupName] = array(
                         'label'           => $groupName,
-                        'label_catalogue' => $labelCatalogue
+                        'label_catalogue' => $labelCatalogue,
+                        'roles' => array()
                     );
                 }
 
@@ -84,7 +85,8 @@ class AddDependencyCallsCompilerPass implements CompilerPassInterface
                 if (!isset($groupDefaults[$groupName])) {
                     $groupDefaults[$groupName] = array(
                         'items' => array(),
-                        'label' => $groupName
+                        'label' => $groupName,
+                        'roles' => array()
                     );
                 }
 
@@ -103,6 +105,10 @@ class AddDependencyCallsCompilerPass implements CompilerPassInterface
                 if (!empty($group['item_adds'])) {
                     $group['items'] = array_merge($groupDefaults[$groupName]['items'], $group['item_adds']);
                 }
+
+                if (empty($group['roles'])) {
+                    $groups[$groupName]['roles'] = $groupDefaults[$groupName]['roles'];
+                }
             }
         } else {
             $groups = $groupDefaults;

DependencyInjection/Configuration.php

@@ -97,6 +97,9 @@ class Configuration implements ConfigurationInterface
                                     ->arrayNode('item_adds')
                                         ->prototype('scalar')->end()
                                     ->end()
+                                    ->arrayNode('roles')
+                                        ->prototype('scalar')->defaultValue(array())->end()
+                                    ->end()
                                 ->end()
                             ->end()
                         ->end()

Resources/doc/reference/dashboard.rst

@@ -128,6 +128,7 @@ configuration method overrides the configuration defined as part of the
                     items: ~
                     item_adds:
                         - sonata.admin.page
+                    roles: [ ROLE_ONE, ROLE_TWO ]
                 acme.admin.group.misc: ~
 
 .. note::
@@ -147,6 +148,10 @@ declared as belonging to this group will not be displayed here.
 Secondly, we declare a ``acme.admin.group.blog`` as having all its default items 
 (by default we mean the ones specified in the ``Admin`` services declaration), plus
 an additional ``sonata.admin.page`` mapping, that was not initially part of this group.
+We also use the ``roles`` option here, used to specify that , instead of being visible
+to everyone, only users with ``ROLE_ONE`` or ``ROLE_TWO`` will be able to see this group. 
+Users with ``ROLE_SUPER_ADMIN`` are always able to see groups that would otherwise be
+hidden by this configuration option. 
 
 The third group keeps all the default values, as declared on the ``Admin`` service
 declaration.
@@ -214,4 +219,4 @@ which can be configured to better fit this scenario.
 In this example, you would have two ``Admin`` list blocks on your dashboard, each of
 them containing just the respectively configured groups.
 
-.. _`documentation page`:  http://sonata-project.org/bundles/block/master/doc/index.html
+.. _`documentation page`:  http://sonata-project.org/bundles/block/master/doc/index.html

Resources/views/Block/block_admin_list.html.twig

@@ -13,53 +13,60 @@ file that was distributed with this source code.
 
 {% block block %}
     {% for group in groups %}
-        <table class="table table-bordered table-striped sonata-ba-list">
-            <thead>
-                <tr>
-                    <th colspan="3">{{ group.label|trans({}, group.label_catalogue) }}</th>
-                </tr>
-            </thead>
+        {% set display = (group.roles is empty or is_granted('ROLE_SUPER_ADMIN') ) %}
+        {% for role in group.roles if not display %}
+            {% set display = is_granted(role)%}
+        {% endfor %}
 
-            <tbody>
-                {% for admin in group.items %}
-                    {% if admin.hasroute('create') and admin.isGranted('CREATE') or admin.hasroute('list') and admin.isGranted('LIST') %}
-                        <tr>
-                            <td class="sonata-ba-list-label">{{ admin.label|trans({}, admin.translationdomain) }}</td>
-                            <td>
-                                <div class="btn-group">
-                                    {% if admin.hasroute('create') and admin.isGranted('CREATE') %}
-                                        {% if admin.subClasses is empty %}
-                                            <a class="btn btn-small" href="{{ admin.generateUrl('create')}}">
-                                                <i class="icon-plus"></i>
-                                                {% trans from 'SonataAdminBundle' %}link_add{% endtrans %}
-                                            </a>
-                                        {% else %}
-                                            <a class="btn btn-small dropdown-toggle" data-toggle="dropdown" href="#">
-                                                <i class="icon-plus"></i>
-                                                {% trans from 'SonataAdminBundle' %}link_add{% endtrans %}
-                                                <span class="caret"></span>
+        {% if display %}
+            <table class="table table-bordered table-striped sonata-ba-list">
+                <thead>
+                    <tr>
+                        <th colspan="3">{{ group.label|trans({}, group.label_catalogue) }}</th>
+                    </tr>
+                </thead>
+
+                <tbody>
+                    {% for admin in group.items %}
+                        {% if admin.hasroute('create') and admin.isGranted('CREATE') or admin.hasroute('list') and admin.isGranted('LIST') %}
+                            <tr>
+                                <td class="sonata-ba-list-label">{{ admin.label|trans({}, admin.translationdomain) }}</td>
+                                <td>
+                                    <div class="btn-group">
+                                        {% if admin.hasroute('create') and admin.isGranted('CREATE') %}
+                                            {% if admin.subClasses is empty %}
+                                                <a class="btn btn-small" href="{{ admin.generateUrl('create')}}">
+                                                    <i class="icon-plus"></i>
+                                                    {% trans from 'SonataAdminBundle' %}link_add{% endtrans %}
+                                                </a>
+                                            {% else %}
+                                                <a class="btn btn-small dropdown-toggle" data-toggle="dropdown" href="#">
+                                                    <i class="icon-plus"></i>
+                                                    {% trans from 'SonataAdminBundle' %}link_add{% endtrans %}
+                                                    <span class="caret"></span>
+                                                </a>
+                                                <ul class="dropdown-menu">
+                                                    {% for subclass in admin.subclasses|keys %}
+                                                    <li>
+                                                        <a href="{{ admin.generateUrl('create', {'subclass': subclass}) }}">{{ subclass }}</a>
+                                                    </li>
+                                                    {% endfor %}
+                                                </ul>
+                                            {% endif %}
+                                        {% endif %}
+                                        {% if admin.hasroute('list') and admin.isGranted('LIST') %}
+                                            <a class="btn btn-small" href="{{ admin.generateUrl('list')}}">
+                                                <i class="icon-list"></i>
+                                                {% trans from 'SonataAdminBundle' %}link_list{% endtrans -%}
                                             </a>
-                                            <ul class="dropdown-menu">
-                                                {% for subclass in admin.subclasses|keys %}
-                                                <li>
-                                                    <a href="{{ admin.generateUrl('create', {'subclass': subclass}) }}">{{ subclass }}</a>
-                                                </li>
-                                                {% endfor %}
-                                            </ul>
                                         {% endif %}
-                                    {% endif %}
-                                    {% if admin.hasroute('list') and admin.isGranted('LIST') %}
-                                        <a class="btn btn-small" href="{{ admin.generateUrl('list')}}">
-                                            <i class="icon-list"></i>
-                                            {% trans from 'SonataAdminBundle' %}link_list{% endtrans -%}
-                                        </a>
-                                    {% endif %}
-                                </div>
-                            </td>
-                        </tr>
-                    {% endif %}
-                {% endfor %}
-            </tbody>
-        </table>
+                                    </div>
+                                </td>
+                            </tr>
+                        {% endif %}
+                    {% endfor %}
+                </tbody>
+            </table>
+        {% endif %}
     {% endfor %}
 {% endblock %}

Resources/views/standard_layout.html.twig

@@ -103,6 +103,12 @@ file that was distributed with this source code.
                                     {% block sonata_top_bar_nav %}
                                         {% if app.security.token and is_granted('ROLE_SONATA_ADMIN') %}
                                             {% for group in admin_pool.dashboardgroups %}
+                                                {% set display = (group.roles is empty or is_granted('ROLE_SUPER_ADMIN') ) %}
+                                                {% for role in group.roles if not display %}
+                                                    {% set display = is_granted(role)%}
+                                                {% endfor %}
+
+                                                {% if display %}
                                                 <li class="dropdown">
                                                     <a href="#" class="dropdown-toggle" data-toggle="dropdown">{{ group.label|trans({}, group.label_catalogue) }} <span class="caret"></span></a>
                                                     <ul class="dropdown-menu">
@@ -113,6 +119,7 @@ file that was distributed with this source code.
                                                         {% endfor %}
                                                     </ul>
                                                 </li>
+                                                {% endif %}
                                             {% endfor %}
                                         {% endif %}
                                     {% endblock %}