Merged in FD3-53 (pull request #14)

FD3-53 ROLES por Grupos

app/config/config.yml

@@ -124,6 +124,8 @@ sonata_admin:
         user_block: BaseOAuthClientBundle:Core:oauth_user_block.html.twig
         list: BaseAdminBundle::standard_list.html.twig
     persist_filters: true
+    security:
+        handler: sonata.admin.security.handler.role
 
 doctrine_migrations:
     dir_name: "%kernel.root_dir%/DoctrineMigrations"

app/config/roles.yml

@@ -0,0 +1,52 @@
+security:
+
+    role_hierarchy:
+
+        # CABLEMODEM
+        ROLE_SONATA_CABLEMODEM_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_CABLEMODEM_LIST, ROLE_SONATA_ADMIN_CABLEMODEM_VIEW]
+        ROLE_SONATA_CABLEMODEM_EDITOR: [ROLE_SONATA_CABLEMODEM_READER, ROLE_SONATA_ADMIN_CABLEMODEM_CREATE, ROLE_SONATA_ADMIN_CABLEMODEM_EDIT]
+        ROLE_SONATA_CABLEMODEM_ADMIN: [ROLE_SONATA_CABLEMODEM_EDITOR, ROLE_SONATA_ADMIN_CABLEMODEM_DELETE, ROLE_SONATA_ADMIN_CABLEMODEM_EXPORT]
+
+        # PROFILE
+        ROLE_SONATA_PROFILE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_PROFILE_LIST, ROLE_SONATA_ADMIN_PROFILE_VIEW]
+        ROLE_SONATA_PROFILE_EDITOR: [ROLE_SONATA_PROFILE_READER, ROLE_SONATA_ADMIN_PROFILE_CREATE, ROLE_SONATA_ADMIN_PROFILE_EDIT]
+        ROLE_SONATA_PROFILE_ADMIN: [ROLE_SONATA_PROFILE_EDITOR, ROLE_SONATA_ADMIN_PROFILE_DELETE, ROLE_SONATA_ADMIN_PROFILE_EXPORT]
+
+        # NODE
+        ROLE_SONATA_NODE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_NODE_LIST, ROLE_SONATA_ADMIN_NODE_VIEW]
+        ROLE_SONATA_NODE_EDITOR: [ROLE_SONATA_NODE_READER, ROLE_SONATA_ADMIN_NODE_CREATE, ROLE_SONATA_ADMIN_NODE_EDIT]
+        ROLE_SONATA_NODE_ADMIN: [ROLE_SONATA_NODE_EDITOR, ROLE_SONATA_ADMIN_NODE_DELETE, ROLE_SONATA_ADMIN_NODE_EXPORT]
+
+        # CMTS
+        ROLE_SONATA_CMTS_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_CMTS_LIST, ROLE_SONATA_ADMIN_CMTS_VIEW]
+        ROLE_SONATA_CMTS_EDITOR: [ROLE_SONATA_CMTS_READER, ROLE_SONATA_ADMIN_CMTS_CREATE, ROLE_SONATA_ADMIN_CMTS_EDIT]
+        ROLE_SONATA_CMTS_ADMIN: [ROLE_SONATA_CMTS_EDITOR, ROLE_SONATA_ADMIN_CMTS_DELETE, ROLE_SONATA_ADMIN_CMTS_EXPORT]
+
+        # CABLEMODEM_MODEL
+        ROLE_SONATA_CABLEMODEM_MODEL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_CABLEMODEM_MODEL_LIST, ROLE_SONATA_ADMIN_CABLEMODEM_MODEL_VIEW]
+        ROLE_SONATA_CABLEMODEM_MODEL_EDITOR: [ROLE_SONATA_CABLEMODEM_MODEL_READER, ROLE_SONATA_ADMIN_CABLEMODEM_MODEL_CREATE, ROLE_SONATA_ADMIN_CABLEMODEM_MODEL_EDIT]
+        ROLE_SONATA_CABLEMODEM_MODEL_ADMIN: [ROLE_SONATA_CABLEMODEM_MODEL_EDITOR, ROLE_SONATA_ADMIN_CABLEMODEM_MODEL_DELETE, ROLE_SONATA_ADMIN_CABLEMODEM_MODEL_EXPORT]
+
+        # CMTS_MODEL
+        ROLE_SONATA_CMTS_MODEL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_CMTS_MODEL_LIST, ROLE_SONATA_ADMIN_CMTS_MODEL_VIEW]
+        ROLE_SONATA_CMTS_MODEL_EDITOR: [ROLE_SONATA_CMTS_MODEL_READER, ROLE_SONATA_ADMIN_CMTS_MODEL_CREATE, ROLE_SONATA_ADMIN_CMTS_MODEL_EDIT]
+        ROLE_SONATA_CMTS_MODEL_ADMIN: [ROLE_SONATA_CMTS_MODEL_EDITOR, ROLE_SONATA_ADMIN_CMTS_MODEL_DELETE, ROLE_SONATA_ADMIN_CMTS_MODEL_EXPORT]
+
+        # TEMPLATE
+        ROLE_SONATA_TEMPLATE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_TEMPLATE_LIST, ROLE_SONATA_ADMIN_TEMPLATE_VIEW]
+        ROLE_SONATA_TEMPLATE_EDITOR: [ROLE_SONATA_TEMPLATE_READER, ROLE_SONATA_ADMIN_TEMPLATE_CREATE, ROLE_SONATA_ADMIN_TEMPLATE_EDIT]
+        ROLE_SONATA_TEMPLATE_ADMIN: [ROLE_SONATA_TEMPLATE_EDITOR, ROLE_SONATA_ADMIN_TEMPLATE_DELETE, ROLE_SONATA_ADMIN_TEMPLATE_EXPORT]
+
+        # WORKFLOW
+        ROLE_SONATA_WORKFLOW_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_WORKFLOW_LIST, ROLE_SONATA_ADMIN_WORKFLOW_VIEW]
+        ROLE_SONATA_WORKFLOW_EDITOR: [ROLE_SONATA_WORKFLOW_READER, ROLE_SONATA_ADMIN_WORKFLOW_CREATE, ROLE_SONATA_ADMIN_WORKFLOW_EDIT]
+        ROLE_SONATA_WORKFLOW_ADMIN: [ROLE_SONATA_WORKFLOW_EDITOR, ROLE_SONATA_ADMIN_WORKFLOW_DELETE, ROLE_SONATA_ADMIN_WORKFLOW_EXPORT]
+
+        # ACTION
+        ROLE_SONATA_ACTION_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_ACTION_LIST, ROLE_SONATA_ADMIN_ACTION_VIEW]
+        ROLE_SONATA_ACTION_EDITOR: [ROLE_SONATA_ACTION_READER, ROLE_SONATA_ADMIN_ACTION_CREATE, ROLE_SONATA_ADMIN_ACTION_EDIT]
+        ROLE_SONATA_ACTION_ADMIN: [ROLE_SONATA_ACTION_EDITOR, ROLE_SONATA_ADMIN_ACTION_DELETE, ROLE_SONATA_ADMIN_ACTION_EXPORT]
+
+        ROLE_ADMIN_TENANCIES: ROLE_ADMIN_TENANCIES
+        ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
+        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_USER_CREATE, ROLE_ADMIN_TENANCIES, ROLE_ALLOWED_TO_SWITCH]

app/config/security.yml

@@ -1,12 +1,11 @@
+imports:
+    - { resource: roles.yml }
+
 security:
     providers:
         oauth:
             id: base_oauth_bundle.oauth_user_provider
 
-    role_hierarchy:
-        ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
-        ROLE_SUPER_ADMIN: ROLE_ADMIN
-
     firewalls:
 
         dev:

composer.lock

@@ -1511,7 +1511,7 @@
             "source": {
                 "type": "git",
                 "url": "ssh://git@gogs.infra.flowdat.com:222/VendorSoftwareFlowdat3/ExtraDataBundle.git",
-                "reference": "06741a4abbe823cc750f3b1d746745a1ab934a60"
+                "reference": "47473cde04aa24d659598a1661a89015376cfe16"
             },
             "type": "library",
             "autoload": {
@@ -1526,7 +1526,7 @@
                 "bundle",
                 "extra-data"
             ],
-            "time": "2018-03-15T12:49:20+00:00"
+            "time": "2018-04-03T12:13:19+00:00"
         },
         {
             "name": "ik/leaflet-bundle",
@@ -1651,7 +1651,7 @@
             "source": {
                 "type": "git",
                 "url": "ssh://git@gogs.infra.flowdat.com:222/VendorSoftwareFlowdat3/TemplateBundle.git",
-                "reference": "54859222f517480ba9e218092170fcd049472a4d"
+                "reference": "69e6761d6f3d3e9f85f5a43b72324f3d56dce4de"
             },
             "require": {
                 "ik/base-admin-bundle": "*"
@@ -1669,7 +1669,7 @@
                 "bundle",
                 "template"
             ],
-            "time": "2018-03-14T12:13:59+00:00"
+            "time": "2018-04-04T17:49:43+00:00"
         },
         {
             "name": "ik/webservice-bundle",
@@ -1698,7 +1698,7 @@
             "source": {
                 "type": "git",
                 "url": "ssh://git@gogs.infra.flowdat.com:222/VendorSoftwareFlowdat3/WorkflowBundle.git",
-                "reference": "23fe93a7c76b4314d81c06f35748cb8107b45e0a"
+                "reference": "02e9a07ebe7c40417f4e78c451e26a893abc9164"
             },
             "require": {
                 "php-amqplib/rabbitmq-bundle": "^1.12"
@@ -1728,7 +1728,7 @@
                 "bundle",
                 "workflow"
             ],
-            "time": "2018-03-26T15:18:45+00:00"
+            "time": "2018-04-05T14:41:00+00:00"
         },
         {
             "name": "incenteev/composer-parameter-handler",

src/CablemodemBundle/Resources/config/services.yml

@@ -1,6 +1,6 @@
 services:
 
-    cablemodem.admin.cablemodem:
+    sonata.admin.cablemodem:
         class: CablemodemBundle\Admin\CablemodemAdmin
         arguments: [~, CablemodemBundle\Entity\Cablemodem, WorkflowBundle:CRUD]
         tags:
@@ -9,7 +9,7 @@ services:
             - [setTranslationDomain, [CablemodemBundle]]
         public: true
 
-    cablemodem.admin.profile:
+    sonata.admin.profile:
         class: CablemodemBundle\Admin\ProfileAdmin
         arguments: [~, CablemodemBundle\Entity\Profile, BaseAdminBundle:CRUD]
         tags:
@@ -18,7 +18,7 @@ services:
             - [setTranslationDomain, [CablemodemBundle]]
         public: true
 
-    cablemodem.admin.node:
+    sonata.admin.node:
         class: CablemodemBundle\Admin\NodeAdmin
         arguments: [~, CablemodemBundle\Entity\Node, BaseAdminBundle:CRUD]
         tags:
@@ -27,7 +27,7 @@ services:
             - [setTranslationDomain, [CablemodemBundle]]
         public: true
 
-    cablemodem.admin.cmts:
+    sonata.admin.cmts:
         class: CablemodemBundle\Admin\CMTSAdmin
         arguments: [~, CablemodemBundle\Entity\CMTS, BaseAdminBundle:CRUD]
         tags:
@@ -36,7 +36,7 @@ services:
             - [setTranslationDomain, [CablemodemBundle]]
         public: true
 
-    cablemodem.admin.cablemodem_model:
+    sonata.admin.cablemodem_model:
         class: CablemodemBundle\Admin\CablemodemModelAdmin
         arguments: [~, CablemodemBundle\Entity\CablemodemModel, BaseAdminBundle:CRUD]
         tags:
@@ -45,7 +45,7 @@ services:
             - [setTranslationDomain, [CablemodemBundle]]
         public: true
 
-    cablemodem.admin.cmts_model:
+    sonata.admin.cmts_model:
         class: CablemodemBundle\Admin\CMTSModelAdmin
         arguments: [~, CablemodemBundle\Entity\CMTSModel, BaseAdminBundle:CRUD]
         tags: