Forums › Forums › OroPlatform › OroPlatform – Security › new role with new entities
This topic contains 5 replies, has 2 voices, and was last updated by dimitri.seguin17 8 years, 4 months ago.
Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.
- CreatorTopic
- October 27, 2015 at 4:20 am #35520
Hello,
I created many entities and I want create new role “attached” to these new entities.
I take a code in LoadRolesData in DemoDataBundle.
I create a roles.yml
ROLE_DMO:
label: Touristic office
permissions:
...
entity|Rc\ApiMyAccountBundle\Entity\WebContact: [VIEW_DEEP]
but after a command php app/console oro:migration:data:load, I have my new role but the line corresponding with my entities is empty. There is no view deep.
I don’t understand.
- CreatorTopic
- AuthorReplies
- October 29, 2015 at 3:46 am #35521
Nobody can help me?
October 29, 2015 at 5:01 am #35522Hi, @dimitri-seguin17.
Please delete record about your migration from oro_migrations_data and load migrations again. I think, your data can be scipped because you run migrations load during development.
Another hint – please clear cache after you migration will loads.
In this does not help, please let me see your migration script and roles yml file.
October 29, 2015 at 6:57 am #35523I delete my migration and role in SQL. I use oro:migration:data:load command but it’s a same problem.
This is my roles.yml
ROLE_TOURISTIC_PROVIDER:
label: Touristic provider
permissions:
entity|OroCRM\Bundle\AccountBundle\Entity\Account: []
entity|Oro\Bundle\OrganizationBundle\Entity\BusinessUnit: [VIEW_LOCAL, EDIT_LOCAL]
entity|Oro\Bundle\CalendarBundle\Entity\Calendar: []
entity|Oro\Bundle\CalendarBundle\Entity\CalendarEvent: []
entity|Oro\Bundle\IntegrationBundle\Entity\Channel: []
entity|OroCRM\Bundle\ContactBundle\Entity\Contact: []
entity|OroCRM\Bundle\ContactBundle\Entity\Group: []
entity|Oro\Bundle\EmailBundle\Entity\Email: [CREATE_SYSTEM, VIEW_SYSTEM]
entity|Oro\Bundle\EmbeddedFormBundle\Entity\EmbeddedForm: []
entity|Oro\Bundle\UserBundle\Entity\Group: []
entity|Oro\Bundle\NotificationBundle\Entity\EmailNotification: []
entity|Oro\Bundle\OrganizationBundle\Entity\Organization: []
entity|Oro\Bundle\ReportBundle\Entity\Report: []
entity|Oro\Bundle\UserBundle\Entity\Role: []
entity|Oro\Bundle\SegmentBundle\Entity\Segment: []
entity|Oro\Bundle\TagBundle\Entity\Tag: []
entity|Oro\Bundle\EmailBundle\Entity\EmailTemplate: [VIEW_LOCAL, CREATE_LOCAL, EDIT_LOCAL, DELETE_LOCAL]
entity|Oro\Bundle\UserBundle\Entity\User: []
entity|Oro\Bundle\WorkflowBundle\Entity\WorkflowDefinition: [VIEW_SYSTEM]
entity|Oro\Bundle\DashboardBundle\Entity\Dashboard: [VIEW_LOCAL, CREATE_LOCAL, EDIT_LOCAL, DELETE_LOCAL, ASSIGN_LOCAL]
entity|Oro\Bundle\TrackingBundle\Entity\TrackingWebsite: []
entity|OroCRM\Bundle\MarketingListBundle\Entity\MarketingList: [VIEW_LOCAL, CREATE_LOCAL, EDIT_LOCAL, DELETE_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\AsksFor: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Booked: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Bookmark: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\LoginStatus: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Message: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\OptIn: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\PhysicalWelcome: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Planning: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Review: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\SocialNetworkSharing: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Ticket: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Tourist: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\View: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\Voucher: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\WebContact: [VIEW_LOCAL]
entity|Rc\ApiMyAccountBundle\Entity\WebsiteVisited: [VIEW_LOCAL]
action|oro_dataaudit_history: []
action|oro_importexport_export: [EXECUTE]
action|oro_importexport: [EXECUTE]
action|oro_importexport_import: [EXECUTE]
action|oro_jobs: []
action|oro_entityconfig_manage: []
action|oro_entity_merge: []
action|oro_address_dictionaries_read: []
action|oro_search: []
action|oro_config_system: []
action|oro_platform_system_info: []
action|oro_tag_assign_unassign: []
action|oro_tag_unassign_global: []
action|oro_tag_view_tag_cloud: []
action|oro_workflow: [EXECUTE]ROLE_DMO:
label: Touristic office
permissions:
entity|OroCRM\Bundle\AccountBundle\Entity\Account: []
entity|Oro\Bundle\OrganizationBundle\Entity\BusinessUnit: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP]
entity|Oro\Bundle\CalendarBundle\Entity\Calendar: []
entity|Oro\Bundle\CalendarBundle\Entity\CalendarEvent: []
entity|Oro\Bundle\IntegrationBundle\Entity\Channel: []
entity|OroCRM\Bundle\ContactBundle\Entity\Contact: []
entity|OroCRM\Bundle\ContactBundle\Entity\Group: []
entity|Oro\Bundle\EmailBundle\Entity\Email: [CREATE_SYSTEM, VIEW_SYSTEM]
entity|Oro\Bundle\EmbeddedFormBundle\Entity\EmbeddedForm: []
entity|Oro\Bundle\UserBundle\Entity\Group: []
entity|Oro\Bundle\NotificationBundle\Entity\EmailNotification: []
entity|Oro\Bundle\OrganizationBundle\Entity\Organization: []
entity|Oro\Bundle\ReportBundle\Entity\Report: []
entity|Oro\Bundle\UserBundle\Entity\Role: []
entity|Oro\Bundle\SegmentBundle\Entity\Segment: []
entity|Oro\Bundle\TagBundle\Entity\Tag: []
entity|Oro\Bundle\EmailBundle\Entity\EmailTemplate: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP, DELETE_DEEP]
entity|Oro\Bundle\UserBundle\Entity\User: []
entity|Oro\Bundle\WorkflowBundle\Entity\WorkflowDefinition: [VIEW_SYSTEM]
entity|Oro\Bundle\DashboardBundle\Entity\Dashboard: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP, DELETE_DEEP]
entity|Oro\Bundle\TrackingBundle\Entity\TrackingWebsite: []
entity|OroCRM\Bundle\MarketingListBundle\Entity\MarketingList: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP, DELETE_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\AsksFor: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Booked: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Bookmark: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\LoginStatus: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Message: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\OptIn: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\PhysicalWelcome: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Planning: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Review: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\SocialNetworkSharing: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Ticket: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Tourist: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\View: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\Voucher: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\WebContact: [VIEW_DEEP]
entity|Rc\ApiMyAccountBundle\Entity\WebsiteVisited: [VIEW_DEEP]
action|oro_dataaudit_history: []
action|oro_importexport_export: [EXECUTE]
action|oro_importexport: [EXECUTE]
action|oro_importexport_import: [EXECUTE]
action|oro_jobs: []
action|oro_entityconfig_manage: []
action|oro_entity_merge: []
action|oro_address_dictionaries_read: []
action|oro_search: []
action|oro_config_system: []
action|oro_platform_system_info: []
action|oro_tag_assign_unassign: []
action|oro_tag_unassign_global: []
action|oro_tag_view_tag_cloud: []
action|oro_workflow: [EXECUTE]
and a migration script
class LoadNewRolesData extends AbstractFixture implements DependentFixtureInterface, ContainerAwareInterface
{
/**
* @var ContainerInterface
*/
protected $container;/**
* {@inheritdoc}
*/
public function getDependencies()
{
return [
'Oro\Bundle\OrganizationBundle\Migrations\Data\ORM\LoadOrganizationAndBusinessUnitData',
'Oro\Bundle\UserBundle\Migrations\Data\ORM\LoadRolesData'
];
}/**
* {@inheritdoc}
*/
public function setContainer(ContainerInterface $container = null)
{
$this->container = $container;
}/**
* Load roles
*
* @param \Doctrine\Common\Persistence\ObjectManager $manager
*/
public function load(ObjectManager $manager)
{
/** @var AclManager $manager */
$aclManager = $this->container->get('oro_security.acl.manager');$fileName = $this->container
->get('kernel')
->locateResource('@RcApiMyAccountBundle/Migrations/Data/ORM/CrmRoles/roles.yml');$fileName = str_replace('/', DIRECTORY_SEPARATOR, $fileName);
$rolesData = Yaml::parse($fileName);foreach ($rolesData as $roleName => $roleConfigData) {
if (isset($roleConfigData['bap_role'])) {
$role = $manager->getRepository('OroUserBundle:Role')
->findOneBy(['role' => $roleConfigData['bap_role']]);
} else {
$role = new Role($roleName);
}$role->setLabel($roleConfigData['label']);
$manager->persist($role);if ($aclManager->isAclEnabled()) {
$sid = $aclManager->getSid($role);
foreach ($roleConfigData['permissions'] as $permission => $acls) {
$oid = $aclManager->getOid(str_replace('|', ':', $permission));
$builder = $aclManager->getMaskBuilder($oid);
$mask = $builder->reset()->get();
if (!empty($acls)) {
foreach ($acls as $acl) {
$mask = $builder->add($acl)->get();
}
}$aclManager->setPermission($sid, $oid, $mask);
}
}
}$aclManager->flush();
$manager->flush();
}
}
October 30, 2015 at 3:51 am #35524In the table “acl_entries”, I see my role with entities and with a mask.
November 6, 2015 at 4:28 am #35525anyone ?
- AuthorReplies
The forum ‘OroPlatform – Security’ is closed to new topics and replies.