You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: backend/dashboards/index.rst
+7-23
Original file line number
Diff line number
Diff line change
@@ -11,26 +11,20 @@ Dashboards
11
11
Create a Dashboard Widget
12
12
-------------------------
13
13
14
-
To display a list of tasks on the dashboard with most recent tasks first you basically have to
15
-
perform three steps:
14
+
To display a list of tasks on the dashboard with the most recent tasks:
16
15
17
-
#. :ref:`Create a data grid <cookbook-entities-dashboard-grid>` that collects and displays the data
18
-
of the tasks while making sure that most recent tasks are displayed on top.
16
+
#. :ref:`Create a data grid <cookbook-entities-dashboard-grid>` that collects and displays the tasks' data while ensuring that the most recent tasks are displayed on top.
19
17
20
18
#. :ref:`Create a Twig template <cookbook-entities-dashboard-template>` that renders the grid.
21
19
22
-
#. Finally, to write everything together, :ref:`configure <cookbook-entities-dashboard-config>` the
23
-
dashboard widget by telling it which template to render.
20
+
#. :ref:`Сonfigure <cookbook-entities-dashboard-config>` the dashboard widget by telling it which template to render.
24
21
25
22
.. _cookbook-entities-dashboard-grid:
26
23
27
24
Configuring the Grid
28
25
~~~~~~~~~~~~~~~~~~~~
29
26
30
-
The data grid that will be displayed on the dashboard can be based upon the already existing
31
-
``app-tasks-grid`` that you used to show a grid of all the tasks being present. You just need to
32
-
sort the result (the id can be used as a sorting criteria as more recent tasks will have higher
33
-
ids):
27
+
The data grid that will be displayed on the dashboard can be based on the already existing ``app-tasks-grid`` that you used to show a grid of all the tasks being present. Sort the result (the id can be used as a sorting criterion as more recent tasks will have higher ids):
To actually render the data grid on the dashboard you need to create a Twig template that is based
52
-
on the ``@OroDashboard/Dashboard/widget.html.twig`` template. To do so create a template named
53
-
``recent_tasks_widget.html.twig`` located in the ``Resources/views/Dashboard`` directory of your
54
-
bundle (see :ref:`cookbook-entities-dashboard-config` for an explanation of the schema you should
55
-
follow for the template name and location) with the following content:
45
+
To render the data grid on the dashboard, create a Twig template based on the ``@OroDashboard/Dashboard/widget.html.twig`` template. You will need to create a template called ``recent_tasks_widget.html.twig`` located in the ``Resources/views/Dashboard`` directory of you bundle (see :ref:`cookbook-entities-dashboard-config` for an explanation of the schema to follow for the template name and location) with the following content:
description: This widget displays the most recent tasks
94
84
95
-
The configured ``oro_dashboard_widget`` route refers to a controller action that comes as part of
96
-
the ``Oro\Bundle\DashboardBundle\Controller\DashboardController`` and simply renders a
97
-
template whose name is inferred from route parameters (the name of the template that the controller
98
-
is looking for follows the ``{{bundle}}:Dashboard:{{name}}`` pattern where ``{{bundle}}`` and
99
-
``{{name}}`` refer to the route parameters of the dashboard config).
85
+
The configured ``oro_dashboard_widget`` route refers to a controller action that comes as part of the ``Oro\Bundle\DashboardBundle\Controller\DashboardController`` and renders a template whose name is inferred from route parameters (the name of the template that the controller is looking for follows the ``{{bundle}}:Dashboard:{{name}}`` pattern where ``{{bundle}}`` and ``{{name}}`` refer to the route parameters of the dashboard config).
100
86
101
87
.. tip::
102
88
103
-
If your widget contains some more logic (e.g. calling some service and doing something with its
104
-
result, you can create your own controller, configure a route for it, and then refer to this
105
-
route with the ``route`` key in your widget configuration.
89
+
If your widget contains some more logic (e.g., calling some service and doing something with its result), you can create your own controller, configure a route for it, and then refer to this route with the ``route`` key in your widget configuration.
Copy file name to clipboardExpand all lines: backend/entities/acls.rst
+29-58
Original file line number
Diff line number
Diff line change
@@ -7,16 +7,14 @@ Using ACLs you can granularly grant access to your entities. Doing so requires t
7
7
8
8
#. :ref:`Create access control lists for all available actions <coobook-entities-acl-create>`.
9
9
10
-
#. :ref:`Add access checks<coobook-entities-acl-check>` to where your entities are displayed or
11
-
manipulated.
10
+
#. :ref:`Add access checks<coobook-entities-acl-check>` to where your entities are displayed or manipulated.
12
11
13
12
.. _coobook-entities-acl-enable:
14
13
15
14
Activating ACL Checks on your Entities
16
15
--------------------------------------
17
16
18
-
In order to have your entity available in the admin UI to be able to assign permissions to your
19
-
users you have to enable ACLs for these entities using the ``@Config`` annotation:
17
+
To have your entity available in the admin UI to be able to assign permissions to your users, you have to enable ACLs for these entities using the ``@Config`` annotation:
@@ -41,13 +39,11 @@ users you have to enable ACLs for these entities using the ``@Config`` annotatio
41
39
{
42
40
}
43
41
44
-
After you have done this and have cleared the cache you can toggle all kinds of permission checks
45
-
(``CREATE``, ``EDIT``, ``DELETE``, ``VIEW``, and ``ASSIGN``) in the user role management interface.
42
+
After you have done this and have cleared the cache, you can toggle all kinds of permission checks (``CREATE``, ``EDIT``, ``DELETE``, ``VIEW``, and ``ASSIGN``) in the user role management interface.
46
43
47
44
.. tip::
48
45
49
-
You can use the optional ``group_name`` attribute to group entities by application. The value
50
-
of this attribute is used to split the configured access control list into application scopes.
46
+
You can use the optional ``group_name`` attribute to group entities by application. The value of this attribute is used to split the configured access control list into application scopes.
51
47
52
48
.. _coobook-entities-acl-create:
53
49
@@ -112,14 +108,9 @@ You have two options to define your custom access control lists:
112
108
}
113
109
}
114
110
115
-
Using the ``@Acl`` annotation does not only create new access control lists to which you can
116
-
refer in other parts of your code it will also trigger the access decision manager when your
117
-
actions are accessed by users and thus protect them from being accessed without the needed
118
-
permissions.
111
+
Using the ``@Acl`` annotation does not only create new access control lists to which you can refer in other parts of your code, it also triggers the access decision manager when your actions are accessed by users and thus protect them from being accessed without the needed permissions.
119
112
120
-
#. If you do not want to protect any controller methods or if you prefer to keep the definition of
121
-
your ACLs separated from the application code, you can define them using some YAML config in a
122
-
file named ``acls.yml``:
113
+
#. If you do not want to protect any controller methods or if you prefer to keep the definition of your ACLs separated from the application code, you can define them using some YAML config in a file named ``acls.yml``:
@@ -147,9 +138,7 @@ You have two options to define your custom access control lists:
147
138
148
139
.. sidebar:: Security Actions that Are not Related to an Entity
149
140
150
-
You can also create access control lists that are only used to protect certain actions that are
151
-
not related to an entity. To do that just set the type of the ACL to ``action`` instead of
152
-
``entity``:
141
+
You can also create access control lists that are only used to protect specific actions unrelated to an entity. To do that, set the type of the ACL to ``action`` instead of ``entity``:
@@ -197,13 +185,10 @@ You have two options to define your custom access control lists:
197
185
Performing Access Checks
198
186
------------------------
199
187
200
-
Once you have configured the ACLs you can protect all parts of your application. Anywhere in your
201
-
PHP code you can use the ``isGranted()`` method of the ``security.authorization_checker`` service
202
-
(which is an instance of the |Symfony AuthorizationCheckerInterface|):
188
+
Once you have configured the ACLs, you can protect all application parts. You can use the ``isGranted()`` method of the ``security.authorization_checker`` service (which is an instance of the |Symfony AuthorizationCheckerInterface|) anywhere in your PHP code:
@@ -237,15 +219,14 @@ permission name you want to check:
237
219
// do something when the user is granted EDIT permission for the $taskEntity
238
220
}
239
221
240
-
This example will work the same as before. It will check an EDIT permission for the Task instance object.
222
+
This example will work the same as before. It will check EDIT permission for the Task instance object.
241
223
242
-
However, there are ways to make this checks in different parts of your application:
224
+
However, there are ways to perform these checks in different parts of your application:
243
225
244
226
Hiding Menu Items
245
227
~~~~~~~~~~~~~~~~~
246
228
247
-
Use the ``acl_resource_id`` option to hide navigation items from users who are not granted to access
248
-
the action being linked. The value of this option is the name of the ACL to check for:
229
+
Use the ``acl_resource_id`` option to hide navigation items from users who are not granted access to the linked action. The value of this option is the name of the ACL to check for:
@@ -257,12 +238,10 @@ the action being linked. The value of this option is the name of the ACL to chec
257
238
route: acme_task_index
258
239
acl_resource_id: acme_task_view
259
240
260
-
Protecting Controllers Refering to Existing ACLs
261
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
241
+
Protecting Controllers Referring to Existing ACLs
242
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
262
243
263
-
As :ref:`shown above <cookbook-entity-acl-controller>` you can define new ACLs and protect your
264
-
controllers with them in a single step using the ``@Acl`` annotation. However, you can also refer
265
-
to an existing access control list using the ``@AclAncestor`` annotation:
244
+
You can define new ACLs as :ref:`shown above <cookbook-entity-acl-controller>` and protect your controllers with them in a single step using the ``@Acl`` annotation. However, you can also refer to an existing access control list using the ``@AclAncestor`` annotation:
@@ -287,8 +266,7 @@ to an existing access control list using the ``@AclAncestor`` annotation:
287
266
Show Parts of Templates Based on Permissions
288
267
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
289
268
290
-
Inside your templates you can use the ``is_granted()`` Twig function to check for certain
291
-
permissions to hide parts of your views for users who do not have the required permissions:
269
+
Inside your templates, you can use the ``is_granted()`` Twig function to check for certain permissions to hide parts of your views for users who do not have the required permissions:
@@ -299,42 +277,38 @@ permissions to hide parts of your views for users who do not have the required p
299
277
{% endif %}
300
278
{% endblock %}
301
279
302
-
In this example we check access by ACL annotation info without Object to test. So, ``is_granted`` will return
303
-
true as result if user have any access level to EDIT permission to Task entity.
280
+
In this example, we check access by ACL annotation info without an Object to test. So, ``is_granted`` will return true if the user has any access level to EDIT permission to the Task entity.
304
281
305
-
In case if you want to check access more deeply, you can set the entity instance as the second parameter of
306
-
``is_granted()`` function:
282
+
If you want to perform a deeper access check, you can set the entity instance as the second parameter of the ``is_granted()`` function:
{# an `entity` variable contains an Test entity instance #}
302
+
{# an `entity` variable contains a Test entity instance #}
327
303
{% if is_granted('EDIT', entity) %}
328
304
Some info if access is granted
329
305
{% endif %}
330
306
{% endblock %}
331
307
332
-
333
308
Restrict Access to Data Grid Results
334
309
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
335
310
336
-
In a data grid you can protect the entire result set (to not show results if the user is not
337
-
granted access and the action embedding the grid accidentally was not protected):
311
+
In a data grid, you can protect the entire result set (not to show results if the user is not granted access and the action embedding the grid was not protected by accident):
You can protect your Doctrine ORM query with ``apply`` method of ``oro_security.acl_helper`` service.
352
+
You can protect your Doctrine ORM query with the ``apply`` method of the ``oro_security.acl_helper`` service.
380
353
381
354
.. code-block:: php
382
355
@@ -407,11 +380,9 @@ You can protect your Doctrine ORM query with ``apply`` method of ``oro_security.
407
380
}
408
381
}
409
382
410
-
As result, the query will be modified and the result data set will contain only the records user can see.
411
-
412
-
By default, VIEW permission used as the second parameter. If you want to check another permission, you can
413
-
set it as the second parameter of ``apply`` method.
383
+
As a result, the query will be modified, and the result data set will contain only the records the user can see.
414
384
385
+
By default, VIEW permission is used as the second parameter. If you want to check another permission, you can set it as the second parameter of the ``apply`` method.
Copy file name to clipboardExpand all lines: backend/entities/attachments.rst
+2-3
Original file line number
Diff line number
Diff line change
@@ -7,14 +7,13 @@ Configurable entities can use attachments for adding additional files to their r
7
7
8
8
To enable attachments for an entity, an administrator should enable them in the current entity configuration.
9
9
10
-
Additionally, admin can set array with allowed mine types and maximum sizes of the attached files.
10
+
Additionally, the admin can set an array with allowed mine types and maximum sizes of the attached files.
11
11
12
12
If no mime types were set, the mime types from ``Upload settings`` (system configuration) are used for validation.
13
13
14
14
Once the schema is updated, the **Add attachment** button becomes available for the current entity.
15
15
16
16
For the detailed information on the attachments that configurable entities can use, refer to the :ref:`OroAttachmentBundle <bundle-docs-platform-attachment-bundle>` topic.
0 commit comments