php - 奏鸣曲管理员 : Prevent Admin From Deleting His Own Account

Question

我在 symfony 2 项目中使用 sonatadmin。有时管理员用户可能会不小心删除自己的帐户。如何防止管理员用户删除自己的帐户？谢谢!

Answer 1

要防止管理员删除自己的帐户，您需要按照 ADVANCED CONFIGURATION 为奏鸣曲用户定义自己的 CRUDController

admin:                  # Admin Classes
    user:
        class:          Sonata\UserBundle\Admin\Entity\UserAdmin
        controller:     YourUserBundle:CRUD
        translation:    SonataUserBundle

然后在您的 Controller 中覆盖 batchActionDelete() 和 deleteAction() 函数，在这些函数中检查请求是否包含管理对象/id，然后在此处进行限制。

 public function deleteAction($id)
   {
       $id     = $this->get('request')->get($this->admin->getIdParameter());
       $object = $this->admin->getObject($id);

       if (!$object) {
           throw new NotFoundHttpException(sprintf('unable to find the object with id : %s', $id));
       }
       $userid  = $this->getUser()->getId() // get id of logged in user
       if($userid == $id){
               $this->addFlash(
                   'sonata_flash_error',
                   'Error you cannot delete your own account'
               );
             return $this->redirectTo($object);
       }
  // other code from base class

   }

batchActionDelete() 函数的逻辑相同