OroPlatform Forums

Covering OroPlatform topics, including community updates and company announcements.

Forums Forums OroPlatform OroPlatform – Security new role with new entities

This topic contains 5 replies, has 2 voices, and was last updated by  dimitri.seguin17 8 years, 4 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

  • Creator
    Topic
  • #35520

    dimitri.seguin17
    Participant

    Hello,

    I created many entities and I want create new role “attached” to these new entities.

    I take a code in LoadRolesData in DemoDataBundle.

    I create a roles.yml

    ROLE_DMO:
    label: Touristic office
    permissions:
    ...
    entity|Rc\ApiMyAccountBundle\Entity\WebContact: [VIEW_DEEP]

    but after a command php app/console oro:migration:data:load, I have my new role but the line corresponding with my entities is empty. There is no view deep.

    I don’t understand.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Author
    Replies
  • #35521

    dimitri.seguin17
    Participant

    Nobody can help me?

    #35522

    Yurii Muratov
    Participant

    Hi, @dimitri-seguin17.

    Please delete record about your migration from oro_migrations_data and load migrations again. I think, your data can be scipped because you run migrations load during development.

    Another hint – please clear cache after you migration will loads.

    In this does not help, please let me see your migration script and roles yml file.

    #35523

    dimitri.seguin17
    Participant

    I delete my migration and role in SQL. I use oro:migration:data:load command but it’s a same problem.

    This is my roles.yml

    ROLE_TOURISTIC_PROVIDER:
    label: Touristic provider
    permissions:
    entity|OroCRM\Bundle\AccountBundle\Entity\Account: []
    entity|Oro\Bundle\OrganizationBundle\Entity\BusinessUnit: [VIEW_LOCAL, EDIT_LOCAL]
    entity|Oro\Bundle\CalendarBundle\Entity\Calendar: []
    entity|Oro\Bundle\CalendarBundle\Entity\CalendarEvent: []
    entity|Oro\Bundle\IntegrationBundle\Entity\Channel: []
    entity|OroCRM\Bundle\ContactBundle\Entity\Contact: []
    entity|OroCRM\Bundle\ContactBundle\Entity\Group: []
    entity|Oro\Bundle\EmailBundle\Entity\Email: [CREATE_SYSTEM, VIEW_SYSTEM]
    entity|Oro\Bundle\EmbeddedFormBundle\Entity\EmbeddedForm: []
    entity|Oro\Bundle\UserBundle\Entity\Group: []
    entity|Oro\Bundle\NotificationBundle\Entity\EmailNotification: []
    entity|Oro\Bundle\OrganizationBundle\Entity\Organization: []
    entity|Oro\Bundle\ReportBundle\Entity\Report: []
    entity|Oro\Bundle\UserBundle\Entity\Role: []
    entity|Oro\Bundle\SegmentBundle\Entity\Segment: []
    entity|Oro\Bundle\TagBundle\Entity\Tag: []
    entity|Oro\Bundle\EmailBundle\Entity\EmailTemplate: [VIEW_LOCAL, CREATE_LOCAL, EDIT_LOCAL, DELETE_LOCAL]
    entity|Oro\Bundle\UserBundle\Entity\User: []
    entity|Oro\Bundle\WorkflowBundle\Entity\WorkflowDefinition: [VIEW_SYSTEM]
    entity|Oro\Bundle\DashboardBundle\Entity\Dashboard: [VIEW_LOCAL, CREATE_LOCAL, EDIT_LOCAL, DELETE_LOCAL, ASSIGN_LOCAL]
    entity|Oro\Bundle\TrackingBundle\Entity\TrackingWebsite: []
    entity|OroCRM\Bundle\MarketingListBundle\Entity\MarketingList: [VIEW_LOCAL, CREATE_LOCAL, EDIT_LOCAL, DELETE_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\AsksFor: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Booked: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Bookmark: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\LoginStatus: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Message: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\OptIn: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\PhysicalWelcome: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Planning: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Review: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\SocialNetworkSharing: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Ticket: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Tourist: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\View: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\Voucher: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\WebContact: [VIEW_LOCAL]
    entity|Rc\ApiMyAccountBundle\Entity\WebsiteVisited: [VIEW_LOCAL]
    action|oro_dataaudit_history: []
    action|oro_importexport_export: [EXECUTE]
    action|oro_importexport: [EXECUTE]
    action|oro_importexport_import: [EXECUTE]
    action|oro_jobs: []
    action|oro_entityconfig_manage: []
    action|oro_entity_merge: []
    action|oro_address_dictionaries_read: []
    action|oro_search: []
    action|oro_config_system: []
    action|oro_platform_system_info: []
    action|oro_tag_assign_unassign: []
    action|oro_tag_unassign_global: []
    action|oro_tag_view_tag_cloud: []
    action|oro_workflow: [EXECUTE]

    ROLE_DMO:
    label: Touristic office
    permissions:
    entity|OroCRM\Bundle\AccountBundle\Entity\Account: []
    entity|Oro\Bundle\OrganizationBundle\Entity\BusinessUnit: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP]
    entity|Oro\Bundle\CalendarBundle\Entity\Calendar: []
    entity|Oro\Bundle\CalendarBundle\Entity\CalendarEvent: []
    entity|Oro\Bundle\IntegrationBundle\Entity\Channel: []
    entity|OroCRM\Bundle\ContactBundle\Entity\Contact: []
    entity|OroCRM\Bundle\ContactBundle\Entity\Group: []
    entity|Oro\Bundle\EmailBundle\Entity\Email: [CREATE_SYSTEM, VIEW_SYSTEM]
    entity|Oro\Bundle\EmbeddedFormBundle\Entity\EmbeddedForm: []
    entity|Oro\Bundle\UserBundle\Entity\Group: []
    entity|Oro\Bundle\NotificationBundle\Entity\EmailNotification: []
    entity|Oro\Bundle\OrganizationBundle\Entity\Organization: []
    entity|Oro\Bundle\ReportBundle\Entity\Report: []
    entity|Oro\Bundle\UserBundle\Entity\Role: []
    entity|Oro\Bundle\SegmentBundle\Entity\Segment: []
    entity|Oro\Bundle\TagBundle\Entity\Tag: []
    entity|Oro\Bundle\EmailBundle\Entity\EmailTemplate: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP, DELETE_DEEP]
    entity|Oro\Bundle\UserBundle\Entity\User: []
    entity|Oro\Bundle\WorkflowBundle\Entity\WorkflowDefinition: [VIEW_SYSTEM]
    entity|Oro\Bundle\DashboardBundle\Entity\Dashboard: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP, DELETE_DEEP]
    entity|Oro\Bundle\TrackingBundle\Entity\TrackingWebsite: []
    entity|OroCRM\Bundle\MarketingListBundle\Entity\MarketingList: [VIEW_DEEP, CREATE_DEEP, EDIT_DEEP, DELETE_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\AsksFor: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Booked: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Bookmark: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\LoginStatus: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Message: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\OptIn: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\PhysicalWelcome: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Planning: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Review: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\SocialNetworkSharing: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Ticket: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Tourist: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\View: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\Voucher: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\WebContact: [VIEW_DEEP]
    entity|Rc\ApiMyAccountBundle\Entity\WebsiteVisited: [VIEW_DEEP]
    action|oro_dataaudit_history: []
    action|oro_importexport_export: [EXECUTE]
    action|oro_importexport: [EXECUTE]
    action|oro_importexport_import: [EXECUTE]
    action|oro_jobs: []
    action|oro_entityconfig_manage: []
    action|oro_entity_merge: []
    action|oro_address_dictionaries_read: []
    action|oro_search: []
    action|oro_config_system: []
    action|oro_platform_system_info: []
    action|oro_tag_assign_unassign: []
    action|oro_tag_unassign_global: []
    action|oro_tag_view_tag_cloud: []
    action|oro_workflow: [EXECUTE]

    and a migration script

    class LoadNewRolesData extends AbstractFixture implements DependentFixtureInterface, ContainerAwareInterface
    {
    /**
    * @var ContainerInterface
    */
    protected $container;

    /**
    * {@inheritdoc}
    */
    public function getDependencies()
    {
    return [
    'Oro\Bundle\OrganizationBundle\Migrations\Data\ORM\LoadOrganizationAndBusinessUnitData',
    'Oro\Bundle\UserBundle\Migrations\Data\ORM\LoadRolesData'
    ];
    }

    /**
    * {@inheritdoc}
    */
    public function setContainer(ContainerInterface $container = null)
    {
    $this->container = $container;
    }

    /**
    * Load roles
    *
    * @param \Doctrine\Common\Persistence\ObjectManager $manager
    */
    public function load(ObjectManager $manager)
    {
    /** @var AclManager $manager */
    $aclManager = $this->container->get('oro_security.acl.manager');

    $fileName = $this->container
    ->get('kernel')
    ->locateResource('@RcApiMyAccountBundle/Migrations/Data/ORM/CrmRoles/roles.yml');

    $fileName = str_replace('/', DIRECTORY_SEPARATOR, $fileName);
    $rolesData = Yaml::parse($fileName);

    foreach ($rolesData as $roleName => $roleConfigData) {
    if (isset($roleConfigData['bap_role'])) {
    $role = $manager->getRepository('OroUserBundle:Role')
    ->findOneBy(['role' => $roleConfigData['bap_role']]);
    } else {
    $role = new Role($roleName);
    }

    $role->setLabel($roleConfigData['label']);
    $manager->persist($role);

    if ($aclManager->isAclEnabled()) {
    $sid = $aclManager->getSid($role);
    foreach ($roleConfigData['permissions'] as $permission => $acls) {
    $oid = $aclManager->getOid(str_replace('|', ':', $permission));
    $builder = $aclManager->getMaskBuilder($oid);
    $mask = $builder->reset()->get();
    if (!empty($acls)) {
    foreach ($acls as $acl) {
    $mask = $builder->add($acl)->get();
    }
    }

    $aclManager->setPermission($sid, $oid, $mask);
    }
    }
    }

    $aclManager->flush();
    $manager->flush();
    }
    }

    #35524

    dimitri.seguin17
    Participant

    In the table “acl_entries”, I see my role with entities and with a mask.

    #35525

    dimitri.seguin17
    Participant

    anyone ?

Viewing 5 replies - 1 through 5 (of 5 total)

The forum ‘OroPlatform – Security’ is closed to new topics and replies.

Back to top