I would like to have it so i can define the actions per role in symfony2
this is what i currently have
role_hierarchy:
ROLE_MEMBER: ROLE_GUEST
ROLE_STAFF: ROLE_MEMBER
ROLE_ADMIN: [ROLE_STAFF, ROLE_SONATA_OWNER, ADMIN, OWNER]
and
sonata_admin:
#title_logo: bundles/acmedemo/img/fancy_acme_logo.png
security:
handler: sonata.admin.security.handler.acl
# acl security information
information:
GUEST: []
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER]
OWNER: [OWNER]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
i am looking for something that makes me able to grant ROLE_ADMIN the SONATA ROLE OWNER for example, i really have no idea on how to do this and the sonata documentation is more adapted to the FOSUserBundle which i am not using.
any help appreciated
If you're just looking to grant ROLE_ADMIN to all users who already have ROLE_SONATA_OWNER, you can do this by modifying your role hierarchy (cf. the Symfony2 docs' "Hierarchical Roles" section) to this:
role_hierarchy:
ROLE_MEMBER: ROLE_GUEST
ROLE_STAFF: ROLE_MEMBER
ROLE_ADMIN: [ROLE_STAFF, ADMIN, OWNER]
ROLE_SONATA_OWNER: ROLE_ADMIN