调查后FOSCommentBundle,我找到了解决我的问题的方法:
1. 首先,您必须RoleCommentAcl通过在 MyBundle 中创建一个名为 Acl 的文件夹来覆盖 :。在这个文件夹中,我创建了一个名为RoleCommentAcl的 php 类:
namespace MyProject\MyBundle\Acl;
use FOS\CommentBundle\Acl\RoleCommentAcl as BaseRoleCommentAcl;
use FOS\CommentBundle\Model\CommentInterface;
use FOS\CommentBundle\Model\SignedCommentInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
class RoleCommentAcl extends BaseRoleCommentAcl {
/**
* The current Security Context.
*
* @var SecurityContextInterface
*/
private $securityContext;
/**
* Constructor.
*
* @param SecurityContextInterface $securityContext
* @param string $createRole
* @param string $viewRole
* @param string $editRole
* @param string $deleteRole
* @param string $commentClass
*/
public function __construct(SecurityContextInterface $securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass
) {
parent::__construct(
$securityContext, $createRole, $viewRole, $editRole, $deleteRole, $commentClass);
$this->securityContext = $securityContext;
}
/**
* Checks if the Security token has an appropriate role to edit the supplied Comment.
*
* @param CommentInterface $comment
* @return boolean
*/
public function canEdit(CommentInterface $comment) {
// the comment owner can edit the comment whenever he want.
if ($comment instanceof SignedCommentInterface) {
if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
return true;
}
}
return parent::canEdit($comment);
}
/**
* Checks if the Security token is allowed to delete a specific Comment.
*
* @param CommentInterface $comment
* @return boolean
*/
public function canDelete(CommentInterface $comment) {
// the comment owner can delete the comment
if ($comment instanceof SignedCommentInterface) {
if ($comment->getAuthor() == $this->securityContext->getToken()->getUser()) {
return true;
}
}
return parent::canDelete($comment);
}
/**
* Checks if the Security token is allowed to reply to a parent comment.
*
* @param CommentInterface|null $parent
* @return boolean
*/
public function canReply(CommentInterface $parent = null) {
if ($parent instanceof SignedCommentInterface) {
//only the comment owner or the admin can reply to the comment.
if ($parent->getAuthor() == $this->securityContext->getToken()->getUser() ||
$this->securityContext->isGranted('ROLE_ADMIN')) {
return true;
}
}
if($parent !=null) {
// if the user have no access to reply then return false.
return false;
}
//this ligne allow all users to post new comments.
return parent::canCreate();
}
}
2. 然后你必须在 services.xml 中添加访问权限:
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
<services>
<service id="myproject.name_bundle.acl.comment.roles" class="MyProject\MyBundle\Acl\RoleCommentAcl" public="false">
<argument type="service" id="security.context" />
<argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- Create role -->
<argument>IS_AUTHENTICATED_ANONYMOUSLY</argument> <!-- View role -->
<argument>ROLE_ADMIN</argument> <!-- Edit role -->
<argument>ROLE_ADMIN</argument> <!-- Delete role -->
<argument>%fos_comment.model.comment.class%</argument>
</service>
</services> </container>
PS:如果您使用的是 service.yml,则可以将此 xml 文件转换为 yaml,但如果您想使用,则services.xml必须将配置集更改为捆绑包的DependencyInjection:
$loader = new Loader\XmlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
$loader->load('services.xml');
打开您的页面,您会注意到只有评论所有者和管理员用户才能访问回复。此外,删除和编辑也可以仅为评论所有者和管理员显示。