This plugin provides basic roles and permissions management functionality for Sylius.
License: MIT License
This plugin provides basic roles and permissions management functionality for Sylius application.
Support Sylius version 1.9+.
Adding Write access to a permission automatically means adding Read access.
Write permission access means also updating and deleting.
This plugin is maintained by Odiseo. Want us to help you with this plugin or any Sylius project? Contact us on [email protected].
Will allow using a custom fixture without having to run the commands in sylius-rbac:install-plugin separately, which means it no longer benefits from using the root_administrator_email and sylius_rbac.configuration parameters.
I can provide the implementation if you're interested.
The E-Mail address concerning security issues in the README is still the address of Sylius itself. I assume, since this plugin is now maintained by Odiseo, there is a different contact address.
after an composer require odiseoteam/sylius-rbac-plugin ( sylius 1.10 )
I have the following error on cache cleaning
Executing script cache:clear [KO]
[KO]
Script cache:clear returned with error code 1
The service "sylius_rbac.custom_factory.administration_role" has a dependency on a non-existent service "sylius_rbac.factory.administration_role".
vendor/odiseoteam/sylius-rbac-plugin/src/DependencyInjection/OdiseoSyliusRbacExtension.php on line 24
Example implementation:
<?php
declare(strict_types=1);
namespace App\Access\Checker;
use Odiseo\SyliusRbacPlugin\Access\Checker\RouteNameCheckerInterface;
use Sylius\Bundle\AdminBundle\SectionResolver\AdminSection;
use Sylius\Bundle\CoreBundle\SectionResolver\SectionProviderInterface;
final class RouteNameChecker implements RouteNameCheckerInterface
{
private SectionProviderInterface $sectionProvider;
public function __construct(SectionProviderInterface $sectionProvider)
{
$this->sectionProvider = $sectionProvider;
}
public function isAdminRoute(string $routeName): bool
{
return $this->sectionProvider->getSection() instanceof AdminSection;
}
}
I can submit a PR if you're interested in the feature, otherwise just close it.
We're using this plugin in combination with the API plugin and marketplace plugin, and, naturally, we want to restrict which products vendor users may access via the API.
I've decorated the AdministratorAccessChecker to also check permissions when accessing API endpoints, but now an attempt by a vendor user to access another vendor's product via the API causes a 302 redirect to the dashboard (and subsequently to the login page) instead of properly failing like API requests should.
I think a best fix for this would be to adjust AccessCheckListener to fail differently for non-HTML requests. At least that's the path I think I'm going to pursue for now.
I've installed the plugin as the getting started guide tells us.
I've been surprised that the administrator doesn't have all the permissions, even after executing the following command bim/console sylius-rbac:grant-access-to-given-administrator [email protected] administrator catalogManagement configuration customerManagement marketingManagement salesManagement.
I took a look into the database. I've been surprised to stumble upon these permissions data:
{"catalogManagement":"{\"type\":\"catalogManagement\",\"operation_types\":[\"read\",\"write\"]}","configuration":"{\"type\":\"configuration\",\"operation_types\":[\"read\",\"write\"]}","customerManagement":"{\"type\":\"customerManagement\",\"operation_types\":[\"read\",\"write\"]}","marketingManagement":"{\"type\":\"marketingManagement\",\"operation_types\":[\"read\",\"write\"]}","salesManagement":"{\"type\":\"salesManagement\",\"operation_types\":[\"read\",\"write\"]}"}
As you can see, the types are all camel-cased. The types in the \Odiseo\SyliusRbacPlugin\Model\Permission class are all snake-cased. If I change the case to be
{"catalog_management":"{\"type\":\"catalog_management\",\"operation_types\":[\"read\",\"write\"]}","configuration":"{\"type\":\"configuration\",\"operation_types\":[\"read\",\"write\"]}","customer_management":"{\"type\":\"customer_management\",\"operation_types\":[\"read\",\"write\"]}","marketing_management":"{\"type\":\"marketing_management\",\"operation_types\":[\"read\",\"write\"]}","sales_management":"{\"type\":\"sales_management\",\"operation_types\":[\"read\",\"write\"]}"}
all works, folks.
Should we update the documentation or something ?
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.