ACL ROLE_ADMIN不起作用

Question

也許這裏有人可以幫助我。 我正在添加博客評論並在其上添加權限。

• 爲博客創建權限的用戶的權利是確定的。
• 未登錄用戶的權限可以查看評論，因此確定。
• 管理員無法編輯/刪除評論......但最新錯誤？控制器代碼的

部分：

// Creating the ACL 
$aclProvider = $this->get('security.acl.provider'); 
$objectIdentity = ObjectIdentity::fromDomainObject($blogComment); 
$acl = $aclProvider->createAcl($objectIdentity); 

// Creating full access for the admin 
$roleSecurityIdentity = new RoleSecurityIdentity('ROLE_ADMIN'); 
$acl->insertObjectAce($roleSecurityIdentity, MaskBuilder::MASK_MASTER); 

// Creating view rights for the not-logged in users 
$roleSecurityIdentity = new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'); 
$acl->insertObjectAce($roleSecurityIdentity, MaskBuilder::MASK_VIEW); 

// retrieving the security identity of the currently logged-in user 
$securityContext = $this->get('security.context'); 
$user = $securityContext->getToken()->getUser(); 
$securityIdentity = UserSecurityIdentity::fromAccount($user); 

// grant owner access 
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER); 
$aclProvider->updateAcl($acl); 

Symfony的探查安全

Username Mitchel 
Authenticated? yes 
Roles [ROLE_ADMIN] 

數據庫轉儲：

-- phpMyAdmin SQL Dump 
-- version 3.5.2.2 
-- http://www.phpmyadmin.net 
-- 
-- Machine: localhost 
-- Genereertijd: 17 sep 2012 om 14:19 
-- Serverversie: 5.1.65 
-- PHP-versie: 5.3.16 

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; 
SET time_zone = "+00:00"; 


-- -------------------------------------------------------- 

-- 
-- Tabelstructuur voor tabel `acl_classes` 
-- 

CREATE TABLE IF NOT EXISTS `acl_classes` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT, 
    `class_type` varchar(200) NOT NULL, 
    PRIMARY KEY (`id`), 
    UNIQUE KEY `UNIQ_69DD750638A36066` (`class_type`) 
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; 

-- 
-- Gegevens worden uitgevoerd voor tabel `acl_classes` 
-- 

INSERT INTO `acl_classes` (`id`, `class_type`) VALUES 
(1, 'MV\\BetaalbaarkozijnBundle\\Entity\\BlogComment'); 

-- -------------------------------------------------------- 

-- 
-- Tabelstructuur voor tabel `acl_entries` 
-- 

CREATE TABLE IF NOT EXISTS `acl_entries` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT, 
    `class_id` int(10) unsigned NOT NULL, 
    `object_identity_id` int(10) unsigned DEFAULT NULL, 
    `security_identity_id` int(10) unsigned NOT NULL, 
    `field_name` varchar(50) DEFAULT NULL, 
    `ace_order` smallint(5) unsigned NOT NULL, 
    `mask` int(11) NOT NULL, 
    `granting` tinyint(1) NOT NULL, 
    `granting_strategy` varchar(30) NOT NULL, 
    `audit_success` tinyint(1) NOT NULL, 
    `audit_failure` tinyint(1) NOT NULL, 
    PRIMARY KEY (`id`), 
    UNIQUE KEY `UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4` (`class_id`,`object_identity_id`,`field_name`,`ace_order`), 
    KEY `IDX_46C8B806EA000B103D9AB4A6DF9183C9` (`class_id`,`object_identity_id`,`security_identity_id`), 
    KEY `IDX_46C8B806EA000B10` (`class_id`), 
    KEY `IDX_46C8B8063D9AB4A6` (`object_identity_id`), 
    KEY `IDX_46C8B806DF9183C9` (`security_identity_id`) 
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ; 

-- 
-- Gegevens worden uitgevoerd voor tabel `acl_entries` 
-- 

INSERT INTO `acl_entries` (`id`, `class_id`, `object_identity_id`, `security_identity_id`, `field_name`, `ace_order`, `mask`, `granting`, `granting_strategy`, `audit_success`, `audit_failure`) VALUES 
(1, 1, 1, 1, NULL, 0, 128, 1, 'all', 0, 0), 
(2, 1, 1, 2, NULL, 1, 1, 1, 'all', 0, 0), 
(3, 1, 1, 3, NULL, 2, 64, 1, 'all', 0, 0); 

-- -------------------------------------------------------- 

-- 
-- Tabelstructuur voor tabel `acl_object_identities` 
-- 

CREATE TABLE IF NOT EXISTS `acl_object_identities` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT, 
    `parent_object_identity_id` int(10) unsigned DEFAULT NULL, 
    `class_id` int(10) unsigned NOT NULL, 
    `object_identifier` varchar(100) NOT NULL, 
    `entries_inheriting` tinyint(1) NOT NULL, 
    PRIMARY KEY (`id`), 
    UNIQUE KEY `UNIQ_9407E5494B12AD6EA000B10` (`object_identifier`,`class_id`), 
    KEY `IDX_9407E54977FA751A` (`parent_object_identity_id`) 
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; 

-- 
-- Gegevens worden uitgevoerd voor tabel `acl_object_identities` 
-- 

INSERT INTO `acl_object_identities` (`id`, `parent_object_identity_id`, `class_id`, `object_identifier`, `entries_inheriting`) VALUES 
(1, NULL, 1, '1', 1); 

-- -------------------------------------------------------- 

-- 
-- Tabelstructuur voor tabel `acl_object_identity_ancestors` 
-- 

CREATE TABLE IF NOT EXISTS `acl_object_identity_ancestors` (
    `object_identity_id` int(10) unsigned NOT NULL, 
    `ancestor_id` int(10) unsigned NOT NULL, 
    PRIMARY KEY (`object_identity_id`,`ancestor_id`), 
    KEY `IDX_825DE2993D9AB4A6` (`object_identity_id`), 
    KEY `IDX_825DE299C671CEA1` (`ancestor_id`) 
) ENGINE=InnoDB DEFAULT CHARSET=utf8; 

-- 
-- Gegevens worden uitgevoerd voor tabel `acl_object_identity_ancestors` 
-- 

INSERT INTO `acl_object_identity_ancestors` (`object_identity_id`, `ancestor_id`) VALUES 
(1, 1); 

-- -------------------------------------------------------- 

-- 
-- Tabelstructuur voor tabel `acl_security_identities` 
-- 

CREATE TABLE IF NOT EXISTS `acl_security_identities` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT, 
    `identifier` varchar(200) NOT NULL, 
    `username` tinyint(1) NOT NULL, 
    PRIMARY KEY (`id`), 
    UNIQUE KEY `UNIQ_8835EE78772E836AF85E0677` (`identifier`,`username`) 
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ; 

-- 
-- Gegevens worden uitgevoerd voor tabel `acl_security_identities` 
-- 

INSERT INTO `acl_security_identities` (`id`, `identifier`, `username`) VALUES 
(2, 'IS_AUTHENTICATED_ANONYMOUSLY', 0), 
(1, 'MV\\BetaalbaarkozijnBundle\\Entity\\User-User', 1), 
(3, 'ROLE_ADMIN', 0); 

-- 
-- Beperkingen voor gedumpte tabellen 
-- 

-- 
-- Beperkingen voor tabel `acl_entries` 
-- 
ALTER TABLE `acl_entries` 
    ADD CONSTRAINT `FK_46C8B8063D9AB4A6` FOREIGN KEY (`object_identity_id`) REFERENCES `acl_object_identities` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, 
    ADD CONSTRAINT `FK_46C8B806DF9183C9` FOREIGN KEY (`security_identity_id`) REFERENCES `acl_security_identities` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, 
    ADD CONSTRAINT `FK_46C8B806EA000B10` FOREIGN KEY (`class_id`) REFERENCES `acl_classes` (`id`) ON DELETE CASCADE ON UPDATE CASCADE; 

-- 
-- Beperkingen voor tabel `acl_object_identities` 
-- 
ALTER TABLE `acl_object_identities` 
    ADD CONSTRAINT `FK_9407E54977FA751A` FOREIGN KEY (`parent_object_identity_id`) REFERENCES `acl_object_identities` (`id`); 

-- 
-- Beperkingen voor tabel `acl_object_identity_ancestors` 
-- 
ALTER TABLE `acl_object_identity_ancestors` 
    ADD CONSTRAINT `FK_825DE2993D9AB4A6` FOREIGN KEY (`object_identity_id`) REFERENCES `acl_object_identities` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, 
    ADD CONSTRAINT `FK_825DE299C671CEA1` FOREIGN KEY (`ancestor_id`) REFERENCES `acl_object_identities` (`id`) ON DELETE CASCADE ON UPDATE CASCADE; 

我還創建了一個話題上symfony論壇，但它似乎他們並不像stackoverflo那麼活躍瓦;）

Symfony的版本：2.1.2

日Thnx， 問候米切爾

Answer 1

你試過用戶

# Object 
$idObjeto = ObjectIdentity::fromDomainObject($blogComment); 

# User 
$idUsuario = UserSecurityIdentity::fromAccount($usuario); 

try { 
    $acl = $this->get('security.acl.provider')->findAcl($idObjeto); 
} catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) { 
    $acl = $this->get('security.acl.provider')->createAcl($idObjeto); 
} 

$acl->insertObjectAce($idUsuario, MaskBuilder::MASK_OPERATOR); 
$this->get('security.acl.provider')->updateAcl($acl);