FD3-53 refactory

app/config/roles.yml

@@ -0,0 +1,52 @@
+security:
+
+    role_hierarchy:
+
+        # HOST
+        ROLE_SONATA_HOST_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_HOST_LIST, ROLE_SONATA_ADMIN_HOST_VIEW]
+        ROLE_SONATA_HOST_EDITOR: [ROLE_SONATA_HOST_READER, ROLE_SONATA_ADMIN_HOST_CREATE, ROLE_SONATA_ADMIN_HOST_EDIT]
+        ROLE_SONATA_HOST_ADMIN: [ROLE_SONATA_HOST_EDITOR, ROLE_SONATA_ADMIN_HOST_DELETE, ROLE_SONATA_ADMIN_HOST_EXPORT]
+
+        # HOST_TYPE
+        ROLE_SONATA_HOST_TYPE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_HOST_TYPE_LIST, ROLE_SONATA_ADMIN_HOST_TYPE_VIEW]
+        ROLE_SONATA_HOST_TYPE_EDITOR: [ROLE_SONATA_HOST_TYPE_READER, ROLE_SONATA_ADMIN_HOST_TYPE_CREATE, ROLE_SONATA_ADMIN_HOST_TYPE_EDIT]
+        ROLE_SONATA_HOST_TYPE_ADMIN: [ROLE_SONATA_HOST_TYPE_EDITOR, ROLE_SONATA_ADMIN_HOST_TYPE_DELETE, ROLE_SONATA_ADMIN_HOST_TYPE_EXPORT]
+
+        # NET_GROUP
+        ROLE_SONATA_NET_GROUP_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_NET_GROUP_LIST, ROLE_SONATA_ADMIN_NET_GROUP_VIEW]
+        ROLE_SONATA_NET_GROUP_EDITOR: [ROLE_SONATA_NET_GROUP_READER, ROLE_SONATA_ADMIN_NET_GROUP_CREATE, ROLE_SONATA_ADMIN_NET_GROUP_EDIT]
+        ROLE_SONATA_NET_GROUP_ADMIN: [ROLE_SONATA_NET_GROUP_EDITOR, ROLE_SONATA_ADMIN_NET_GROUP_DELETE, ROLE_SONATA_ADMIN_NET_GROUP_EXPORT]
+
+        # POOL
+        ROLE_SONATA_POOL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_POOL_LIST, ROLE_SONATA_ADMIN_POOL_VIEW]
+        ROLE_SONATA_POOL_EDITOR: [ROLE_SONATA_POOL_READER, ROLE_SONATA_ADMIN_POOL_CREATE, ROLE_SONATA_ADMIN_POOL_EDIT]
+        ROLE_SONATA_POOL_ADMIN: [ROLE_SONATA_POOL_EDITOR, ROLE_SONATA_ADMIN_POOL_DELETE, ROLE_SONATA_ADMIN_POOL_EXPORT]
+
+        # SUB_NET
+        ROLE_SONATA_SUB_NET_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_SUB_NET_LIST, ROLE_SONATA_ADMIN_SUB_NET_VIEW]
+        ROLE_SONATA_SUB_NET_EDITOR: [ROLE_SONATA_SUB_NET_READER, ROLE_SONATA_ADMIN_SUB_NET_CREATE, ROLE_SONATA_ADMIN_SUB_NET_EDIT]
+        ROLE_SONATA_SUB_NET_ADMIN: [ROLE_SONATA_SUB_NET_EDITOR, ROLE_SONATA_ADMIN_SUB_NET_DELETE, ROLE_SONATA_ADMIN_SUB_NET_EXPORT]
+
+        # DHCP
+        ROLE_SONATA_DHCP_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_DHCP_LIST, ROLE_SONATA_ADMIN_DHCP_VIEW]
+        ROLE_SONATA_DHCP_EDITOR: [ROLE_SONATA_DHCP_READER, ROLE_SONATA_ADMIN_DHCP_CREATE, ROLE_SONATA_ADMIN_DHCP_EDIT]
+        ROLE_SONATA_DHCP_ADMIN: [ROLE_SONATA_DHCP_EDITOR, ROLE_SONATA_ADMIN_DHCP_DELETE, ROLE_SONATA_ADMIN_DHCP_EXPORT]
+
+        # DHCP_MODEL
+        ROLE_SONATA_DHCP_MODEL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_DHCP_MODEL_LIST, ROLE_SONATA_ADMIN_DHCP_MODEL_VIEW]
+        ROLE_SONATA_DHCP_MODEL_EDITOR: [ROLE_SONATA_DHCP_MODEL_READER, ROLE_SONATA_ADMIN_DHCP_MODEL_CREATE, ROLE_SONATA_ADMIN_DHCP_MODEL_EDIT]
+        ROLE_SONATA_DHCP_MODEL_ADMIN: [ROLE_SONATA_DHCP_MODEL_EDITOR, ROLE_SONATA_ADMIN_DHCP_MODEL_DELETE, ROLE_SONATA_ADMIN_DHCP_MODEL_EXPORT]
+
+        # WORKFLOW
+        ROLE_SONATA_WORKFLOW_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_WORKFLOW_LIST, ROLE_SONATA_ADMIN_WORKFLOW_VIEW]
+        ROLE_SONATA_WORKFLOW_EDITOR: [ROLE_SONATA_WORKFLOW_READER, ROLE_SONATA_ADMIN_WORKFLOW_CREATE, ROLE_SONATA_ADMIN_WORKFLOW_EDIT]
+        ROLE_SONATA_WORKFLOW_ADMIN: [ROLE_SONATA_WORKFLOW_EDITOR, ROLE_SONATA_ADMIN_WORKFLOW_DELETE, ROLE_SONATA_ADMIN_WORKFLOW_EXPORT]
+
+        # ACTION
+        ROLE_SONATA_ACTION_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_ACTION_LIST, ROLE_SONATA_ADMIN_ACTION_VIEW]
+        ROLE_SONATA_ACTION_EDITOR: [ROLE_SONATA_ACTION_READER, ROLE_SONATA_ADMIN_ACTION_CREATE, ROLE_SONATA_ADMIN_ACTION_EDIT]
+        ROLE_SONATA_ACTION_ADMIN: [ROLE_SONATA_ACTION_EDITOR, ROLE_SONATA_ADMIN_ACTION_DELETE, ROLE_SONATA_ADMIN_ACTION_EXPORT]
+
+        ROLE_ADMIN_TENANCIES: ROLE_ADMIN_TENANCIES
+        ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
+        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_USER_CREATE, ROLE_ADMIN_TENANCIES, ROLE_ALLOWED_TO_SWITCH]

app/config/security.yml

@@ -1,60 +1,12 @@
+imports:
+    - { resource: roles.yml }
+
 security:
 
     providers:
         oauth:
             id: base_oauth_bundle.oauth_user_provider
 
-    role_hierarchy:
-
-        # HOST
-        ROLE_SONATA_HOST_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_HOST_LIST, ROLE_SONATA_ADMIN_HOST_VIEW]
-        ROLE_SONATA_HOST_EDITOR: [ROLE_SONATA_HOST_READER, ROLE_SONATA_ADMIN_HOST_CREATE, ROLE_SONATA_ADMIN_HOST_EDIT]
-        ROLE_SONATA_HOST_ADMIN: [ROLE_SONATA_HOST_EDITOR, ROLE_SONATA_ADMIN_HOST_DELETE, ROLE_SONATA_ADMIN_HOST_EXPORT]
-
-        # HOST_TYPE
-        ROLE_SONATA_HOST_TYPE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_HOST_TYPE_LIST, ROLE_SONATA_ADMIN_HOST_TYPE_VIEW]
-        ROLE_SONATA_HOST_TYPE_EDITOR: [ROLE_SONATA_HOST_TYPE_READER, ROLE_SONATA_ADMIN_HOST_TYPE_CREATE, ROLE_SONATA_ADMIN_HOST_TYPE_EDIT]
-        ROLE_SONATA_HOST_TYPE_ADMIN: [ROLE_SONATA_HOST_TYPE_EDITOR, ROLE_SONATA_ADMIN_HOST_TYPE_DELETE, ROLE_SONATA_ADMIN_HOST_TYPE_EXPORT]
-
-        # NET_GROUP
-        ROLE_SONATA_NET_GROUP_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_NET_GROUP_LIST, ROLE_SONATA_ADMIN_NET_GROUP_VIEW]
-        ROLE_SONATA_NET_GROUP_EDITOR: [ROLE_SONATA_NET_GROUP_READER, ROLE_SONATA_ADMIN_NET_GROUP_CREATE, ROLE_SONATA_ADMIN_NET_GROUP_EDIT]
-        ROLE_SONATA_NET_GROUP_ADMIN: [ROLE_SONATA_NET_GROUP_EDITOR, ROLE_SONATA_ADMIN_NET_GROUP_DELETE, ROLE_SONATA_ADMIN_NET_GROUP_EXPORT]
-
-        # POOL
-        ROLE_SONATA_POOL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_POOL_LIST, ROLE_SONATA_ADMIN_POOL_VIEW]
-        ROLE_SONATA_POOL_EDITOR: [ROLE_SONATA_POOL_READER, ROLE_SONATA_ADMIN_POOL_CREATE, ROLE_SONATA_ADMIN_POOL_EDIT]
-        ROLE_SONATA_POOL_ADMIN: [ROLE_SONATA_POOL_EDITOR, ROLE_SONATA_ADMIN_POOL_DELETE, ROLE_SONATA_ADMIN_POOL_EXPORT]
-
-        # SUB_NET
-        ROLE_SONATA_SUB_NET_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_SUB_NET_LIST, ROLE_SONATA_ADMIN_SUB_NET_VIEW]
-        ROLE_SONATA_SUB_NET_EDITOR: [ROLE_SONATA_SUB_NET_READER, ROLE_SONATA_ADMIN_SUB_NET_CREATE, ROLE_SONATA_ADMIN_SUB_NET_EDIT]
-        ROLE_SONATA_SUB_NET_ADMIN: [ROLE_SONATA_SUB_NET_EDITOR, ROLE_SONATA_ADMIN_SUB_NET_DELETE, ROLE_SONATA_ADMIN_SUB_NET_EXPORT]
-
-        # DHCP
-        ROLE_SONATA_DHCP_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_DHCP_LIST, ROLE_SONATA_ADMIN_DHCP_VIEW]
-        ROLE_SONATA_DHCP_EDITOR: [ROLE_SONATA_DHCP_READER, ROLE_SONATA_ADMIN_DHCP_CREATE, ROLE_SONATA_ADMIN_DHCP_EDIT]
-        ROLE_SONATA_DHCP_ADMIN: [ROLE_SONATA_DHCP_EDITOR, ROLE_SONATA_ADMIN_DHCP_DELETE, ROLE_SONATA_ADMIN_DHCP_EXPORT]
-
-        # DHCP_MODEL
-        ROLE_SONATA_DHCP_MODEL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_DHCP_MODEL_LIST, ROLE_SONATA_ADMIN_DHCP_MODEL_VIEW]
-        ROLE_SONATA_DHCP_MODEL_EDITOR: [ROLE_SONATA_DHCP_MODEL_READER, ROLE_SONATA_ADMIN_DHCP_MODEL_CREATE, ROLE_SONATA_ADMIN_DHCP_MODEL_EDIT]
-        ROLE_SONATA_DHCP_MODEL_ADMIN: [ROLE_SONATA_DHCP_MODEL_EDITOR, ROLE_SONATA_ADMIN_DHCP_MODEL_DELETE, ROLE_SONATA_ADMIN_DHCP_MODEL_EXPORT]
-
-        # WORKFLOW
-        ROLE_SONATA_WORKFLOW_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_WORKFLOW_LIST, ROLE_SONATA_ADMIN_WORKFLOW_VIEW]
-        ROLE_SONATA_WORKFLOW_EDITOR: [ROLE_SONATA_WORKFLOW_READER, ROLE_SONATA_ADMIN_WORKFLOW_CREATE, ROLE_SONATA_ADMIN_WORKFLOW_EDIT]
-        ROLE_SONATA_WORKFLOW_ADMIN: [ROLE_SONATA_WORKFLOW_EDITOR, ROLE_SONATA_ADMIN_WORKFLOW_DELETE, ROLE_SONATA_ADMIN_WORKFLOW_EXPORT]
-
-        # ACTION
-        ROLE_SONATA_ACTION_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_ACTION_LIST, ROLE_SONATA_ADMIN_ACTION_VIEW]
-        ROLE_SONATA_ACTION_EDITOR: [ROLE_SONATA_ACTION_READER, ROLE_SONATA_ADMIN_ACTION_CREATE, ROLE_SONATA_ADMIN_ACTION_EDIT]
-        ROLE_SONATA_ACTION_ADMIN: [ROLE_SONATA_ACTION_EDITOR, ROLE_SONATA_ADMIN_ACTION_DELETE, ROLE_SONATA_ADMIN_ACTION_EXPORT]
-
-        ROLE_ADMIN_TENANCIES: ROLE_ADMIN_TENANCIES
-        ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
-        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_USER_CREATE, ROLE_ADMIN_TENANCIES, ROLE_ALLOWED_TO_SWITCH]
-
     firewalls:
         dev:
             pattern: ^/(_(profiler|wdt)|css|images|js)/