FD3-495 FD3-511 fix cambio tenencia

app/config/config.yml

@@ -112,3 +112,5 @@ sonata_admin:
         layout: BaseAdminBundle::standard_layout.html.twig
         user_block: BaseOAuthClientBundle:Core:oauth_user_block.html.twig
     persist_filters: true
+    security:
+        handler: sonata.admin.security.handler.role

app/config/roles.yml

@@ -0,0 +1,42 @@
+security:
+
+    role_hierarchy:
+
+        # RADIUS_PROFILE
+        ROLE_SONATA_RADIUS_PROFILE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_RADIUS_PROFILE_LIST, ROLE_SONATA_ADMIN_RADIUS_PROFILE_VIEW]
+        ROLE_SONATA_RADIUS_PROFILE_EDITOR: [ROLE_SONATA_RADIUS_PROFILE_READER, ROLE_SONATA_ADMIN_RADIUS_PROFILE_CREATE, ROLE_SONATA_ADMIN_RADIUS_PROFILE_EDIT]
+        ROLE_SONATA_RADIUS_PROFILE_ADMIN: [ROLE_SONATA_RADIUS_PROFILE_EDITOR, ROLE_SONATA_ADMIN_RADIUS_PROFILE_DELETE, ROLE_SONATA_ADMIN_RADIUS_PROFILE_EXPORT]
+
+        # ACCESS
+        ROLE_SONATA_ACCESS_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_ACCESS_LIST, ROLE_SONATA_ADMIN_ACCESS_VIEW]
+        ROLE_SONATA_ACCESS_EDITOR: [ROLE_SONATA_ACCESS_READER, ROLE_SONATA_ADMIN_ACCESS_CREATE, ROLE_SONATA_ADMIN_ACCESS_EDIT]
+        ROLE_SONATA_ACCESS_ADMIN: [ROLE_SONATA_ACCESS_EDITOR, ROLE_SONATA_ADMIN_ACCESS_DELETE, ROLE_SONATA_ADMIN_ACCESS_EXPORT]
+
+        # NAS_MODEL
+        ROLE_SONATA_NAS_MODEL_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_NAS_MODEL_LIST, ROLE_SONATA_ADMIN_NAS_MODEL_VIEW]
+        ROLE_SONATA_NAS_MODEL_EDITOR: [ROLE_SONATA_NAS_MODEL_READER, ROLE_SONATA_ADMIN_NAS_MODEL_CREATE, ROLE_SONATA_ADMIN_NAS_MODEL_EDIT]
+        ROLE_SONATA_NAS_MODEL_ADMIN: [ROLE_SONATA_NAS_MODEL_EDITOR, ROLE_SONATA_ADMIN_NAS_MODEL_DELETE, ROLE_SONATA_ADMIN_NAS_MODEL_EXPORT]
+
+        # NAS
+        ROLE_SONATA_NAS_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_NAS_LIST, ROLE_SONATA_ADMIN_NAS_VIEW]
+        ROLE_SONATA_NAS_EDITOR: [ROLE_SONATA_NAS_READER, ROLE_SONATA_ADMIN_NAS_CREATE, ROLE_SONATA_ADMIN_NAS_EDIT]
+        ROLE_SONATA_NAS_ADMIN: [ROLE_SONATA_NAS_EDITOR, ROLE_SONATA_ADMIN_NAS_DELETE, ROLE_SONATA_ADMIN_NAS_EXPORT]
+
+        # WORKFLOW
+        ROLE_SONATA_WORKFLOW_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_WORKFLOW_LIST, ROLE_SONATA_ADMIN_WORKFLOW_VIEW]
+        ROLE_SONATA_WORKFLOW_EDITOR: [ROLE_SONATA_WORKFLOW_READER, ROLE_SONATA_ADMIN_WORKFLOW_CREATE, ROLE_SONATA_ADMIN_WORKFLOW_EDIT]
+        ROLE_SONATA_WORKFLOW_ADMIN: [ROLE_SONATA_WORKFLOW_EDITOR, ROLE_SONATA_ADMIN_WORKFLOW_DELETE, ROLE_SONATA_ADMIN_WORKFLOW_EXPORT]
+
+        # ACTION
+        ROLE_SONATA_ACTION_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_ACTION_LIST, ROLE_SONATA_ADMIN_ACTION_VIEW]
+        ROLE_SONATA_ACTION_EDITOR: [ROLE_SONATA_ACTION_READER, ROLE_SONATA_ADMIN_ACTION_CREATE, ROLE_SONATA_ADMIN_ACTION_EDIT]
+        ROLE_SONATA_ACTION_ADMIN: [ROLE_SONATA_ACTION_EDITOR, ROLE_SONATA_ADMIN_ACTION_DELETE, ROLE_SONATA_ADMIN_ACTION_EXPORT]
+
+        # TEMPLATE
+        ROLE_SONATA_TEMPLATE_READER: [ROLE_ADMIN, ROLE_SONATA_ADMIN_TEMPLATE_LIST, ROLE_SONATA_ADMIN_TEMPLATE_VIEW]
+        ROLE_SONATA_TEMPLATE_EDITOR: [ROLE_SONATA_TEMPLATE_READER, ROLE_SONATA_ADMIN_TEMPLATE_CREATE, ROLE_SONATA_ADMIN_TEMPLATE_EDIT]
+        ROLE_SONATA_TEMPLATE_ADMIN: [ROLE_SONATA_TEMPLATE_EDITOR, ROLE_SONATA_ADMIN_TEMPLATE_DELETE, ROLE_SONATA_ADMIN_TEMPLATE_EXPORT]
+
+        ROLE_ADMIN_TENANCIES: ROLE_ADMIN_TENANCIES
+        ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
+        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_USER_CREATE, ROLE_ADMIN_TENANCIES, ROLE_ALLOWED_TO_SWITCH]

app/config/security.yml

@@ -1,18 +1,17 @@
+imports:
+    - { resource: roles.yml }
+
 security:
     providers:
         oauth:
             id: base_oauth_bundle.oauth_user_provider
-    
-    role_hierarchy:
-        ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
-        ROLE_SUPER_ADMIN: ROLE_ADMIN
-            
-    firewalls:       
-                                
+
+    firewalls:
+
         dev:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
-            
+
         api:
           pattern: ^/api
           stateless: true
@@ -34,7 +33,7 @@ security:
                     login: /login_check
                 oauth_user_provider:
                     service: base_oauth_bundle.oauth_user_provider
-          
+
     access_control:
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/admin/, role: ROLE_ADMIN }

composer.json

@@ -133,7 +133,7 @@
         "hwi/oauth-bundle": "^0.5.3",
         "ik/audit-bundle": "v0.2.4",
         "ik/auth-bundle": "v0.2.4",
-        "ik/base-admin-bundle": "v0.2.4",
+        "ik/base-admin-bundle": "dev-master",
         "ik/device-bundle": "v0.2.4",
         "ik/extra-data-bundle": "v0.2.4",
         "ik/leaflet-bundle": "v0.2.4",
@@ -236,4 +236,4 @@
             }
         ]
     }
-}
+}

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "content-hash": "d079fd0a7f3e9d2df7d1ed6fd8602fe3",
+    "content-hash": "2b10131265f27d24bead4304bfb1bee6",
     "packages": [
         {
             "name": "behat/transliterator",
@@ -1461,11 +1461,11 @@
         },
         {
             "name": "ik/base-admin-bundle",
-            "version": "v0.2.4",
+            "version": "dev-master",
             "source": {
                 "type": "git",
                 "url": "ssh://git@200.50.168.30:222/VendorSoftwareFlowdat3/BaseAdmin.git",
-                "reference": "807fa103f9a0e7d0e22f490de61e1d96645822bc"
+                "reference": "0456c67f0aca5150d7e3d0cdf6979044efd90781"
             },
             "type": "library",
             "autoload": {
@@ -1480,7 +1480,7 @@
                 "bootstrap",
                 "sonata"
             ],
-            "time": "2018-02-26T17:55:49+00:00"
+            "time": "2018-04-10T11:47:25+00:00"
         },
         {
             "name": "ik/device-bundle",
@@ -6318,6 +6318,7 @@
     "minimum-stability": "stable",
     "stability-flags": {
         "dwoo/dwoo": 20,
+        "ik/base-admin-bundle": 20,
         "sonata-project/admin-bundle": 20,
         "voryx/restgeneratorbundle": 20
     },

src/RadiusBundle/Resources/config/services.yml

@@ -1,13 +1,13 @@
 services:
-    radius.admin.profile:
+    sonata.admin.radius_profile:
         class: RadiusBundle\Admin\ProfileAdmin
         arguments: [~, RadiusBundle\Entity\Profile, BaseAdminBundle:CRUD]
         tags:
             - { name: sonata.admin, manager_type: orm, group: Radius, label: Profile, label_catalogue: RadiusBundle, label_translator_strategy: sonata.admin.label.strategy.underscore }
-        calls:    
+        calls:
             - [setTranslationDomain, [RadiusBundle]]
 
-    radius.admin.access:
+    sonata.admin.access:
         class: RadiusBundle\Admin\AccessAdmin
         arguments: [~, RadiusBundle\Entity\Access, BaseAdminBundle:CRUD]
         tags:
@@ -15,7 +15,7 @@ services:
         calls:
             - [setTranslationDomain, [RadiusBundle]]
 
-    radius.admin.nas.model:
+    sonata.admin.nas_model:
         class: RadiusBundle\Admin\NASModelAdmin
         arguments: [~, RadiusBundle\Entity\NASModel, BaseAdminBundle:CRUD]
         tags:
@@ -23,7 +23,7 @@ services:
         calls:
             - [setTranslationDomain, [RadiusBundle]]
 
-    radius.admin.nas:
+    sonata.admin.nas:
         class: RadiusBundle\Admin\NASAdmin
         arguments: [~, RadiusBundle\Entity\NAS, BaseAdminBundle:CRUD]
         tags: