This topic contains 1 reply, has 1 voice, and was last updated by Michal Matusiak 6 years, 7 months ago.
- Topic
Hi,
I have a trouble rendering a datagrid and select options even though IMO I’ve set up everything just fine.
I wrote a Survey Bundle that allows users to create surveys and fill them in on custom Customer view. The entity and all survey-related actions are ACL-protected and everything works fine except two cases:
1) datagrids protected by ‘vendor_survey_view’ show no results even though there are records in DB and user has proper access rights. Here is some code:
Entity:
123456789101112131415161718192021222324/*** @ORM\Entity(repositoryClass="Vendor\Bundle\SurveyBundle\Entity\Repository\SurveyRepository")* @ORM\Table("vendor_survey")* @ORM\HasLifecycleCallbacks()* @Config(* defaultValues={* "ownership"={* "owner_type"="USER",* "owner_field_name"="owner",* "owner_column_name"="user_owner_id"* },* "security"={* "type"="ACL",* "group_name"=""* },* "dataaudit"={* "auditable"=true* }* }* )*/class Survey extends ExtendSurvey {//properties etc.}Controller:
12345678910111213141516171819202122/*** @Route("/survey")*/class SurveyController extends Controller{/*** @Route("/", name="vendor_survey_index")* @Acl(* id="vendor_survey_view",* type="entity",* permission="VIEW",* class="VendorSurveyBundle:Survey"* )* @Template*/public function indexAction(){return ['entity_class' => $this->container->getParameter('vendor_survey.survey.entity.class')];}}Template:
123456789101112131415{% extends 'OroUIBundle:actions:index.html.twig' %}{% import 'OroUIBundle::macros.html.twig' as UI %}{% set gridName = 'vendor-survey-grid' %}{% set pageTitle = 'vendor.survey.entity_plural_label'|trans %}{% block navButtons %}{% if resource_granted('vendor_survey_create') %}<div class="btn-group">{{ UI.addButton({'path' : path('vendor_survey_create'),'entity_label': 'vendor.survey.entity_label'|trans}) }}</div>{% endif %}{% endblock %}Datagrid:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687datagrids:vendor-survey-grid:extended_entity_name: %vendor_survey.survey.entity.class%acl_resource: vendor_survey_viewsource:type: ormquery:select:- s.id- s.title- s.description- CONCAT_WS(' ', o.firstName, o.lastName) as ownerName- s.createdAt- s.updatedAtfrom:- { table: %vendor_survey.survey.entity.class%, alias: s }join:left:- { join: s.owner, alias: o }inline_editing:enable: truecolumns:title:label: vendor.survey.title.labeldescription:label: vendor.survey.description.labelownerName:label: vendor.survey.owner.labelcreatedAt:label: oro.ui.created_atfrontend_type: datetimeupdatedAt:label: oro.ui.updated_atfrontend_type: datetimesorters:columns:title: { data_name: s.title }description: { data_name: s.description }ownerName: { data_name: ownerName }createdAt: { data_name: s.createdAt }updatedAt: { data_name: s.updatedAt }filters:columns:title:type: stringdata_name: s.titledescription:type: stringdata_name: s.descriptionownerName:type: choice-treedata_name: s.ownerlabel: vendor.survey.owner.labelautocomplete_alias: usersrenderedPropertyName: 'fullName'className: 'Oro\Bundle\UserBundle\Entity\User'createdAt:type: datetimedata_name: s.createdAtupdatedAt:type: datetimedata_name: s.updatedAtproperties:id: ~update_link:type: urlroute: vendor_survey_updateparams: [ id ]delete_link:type: urlroute: vendor_api_delete_surveyparams: [ id ]actions:update:type: navigateacl_resource: vendor_survey_updatelabel: oro.grid.action.updateicon: editlink: update_linkdelete:type: deleteacl_resource: vendor_survey_deleteicon: trashlink: delete_linkoptions:entityHint: surveysentity_pagination: trueThis all together allows me to go the the view, create a survey but after that nothing shows in the datagrid. If I delete the ACL annotation of entity and update the configuration, datagrid renders properly but then it’s not ACL-protected and it’s not the result I want. I checked the query in profiler and it looks like that:
123456789101112131415161718SELECTe0_.id AS id_0,e0_.title AS title_1,e0_.description AS description_2,CONCAT_WS(' ', o1_.first_name, o1_.last_name) AS sclr_3,e0_.created_at AS created_at_4,e0_.updated_at AS updated_at_5FROMvendor_survey e0_LEFT JOIN oro_user o1_ ON e0_.user_owner_id = o1_.idWHERE1 = 0ORDER BYe0_.id ASCLIMIT25I see why there are no results returned but where did ‘WHERE 1=0’ come from?
2) in another action of the same controller, called on Customer view, I create a popup with select filled with Surveys; without ACL it renders properly but after enabling it in entity’s annotation it’s empty. Code:
Controller:
123456789101112131415161718192021222324252627282930313233343536373839404142434445/*** @Route(* "/select/{customerId}",* name="vendor_survey_select",* requirements={"customerId"="\d+"}* )* @ParamConverter("customer", options={"mapping": {"customerId":"id"}})* @Template()* @AclAncestor("vendor_survey_response_create")*/public function selectAction(Request $request, Customer $customer){$responseData['redirect'] = false;if ($request->getMethod() == 'POST') {$responseData['redirect'] = true;$responseData['url'] = $this->generateUrl('vendor_survey_response_create',['surveyId' => $request->request->get('form')['survey'],'customerId' => $customer->getId()]);}$form = $this->createFormBuilder()->add('survey',EntityType::class,['class' => 'Vendor\Bundle\SurveyBundle\Entity\Survey','required' => true,'label' => 'vendor.survey.entity_plural_label','choice_label' => 'title','query_builder' => function (EntityRepository $entityRepository) {return $entityRepository->createQueryBuilder('s')->orderBy('s.title', 'ASC');}])->setAction($this->generateUrl('vendor_survey_select', ['customerId' => $customer->getId()]))->getForm();$responseData['form'] = $form->createView();return $responseData;}Template:
12345678910111213141516171819202122232425262728293031<div class="widget-content">{% if redirect %}<script type="text/javascript">require(['oroui/js/widget-manager','oroui/js/mediator'], function (widgetManager, mediator) {widgetManager.getWidgetInstance({{ app.request.get('_wid')|json_encode|raw }}, function(widget) {widget.remove();mediator.execute('redirectTo', {url: '{{ url }}' });});});</script>{% else %}<div class="form-container"><form id="{{ form.vars.id }}" name="survey-select" action="{{ form.vars.action }}" method="post" class="survey-select-form"><fieldset class="form-horizontal"><div class="pull-left">{{ form_row(form.survey) }}</div></fieldset><fieldset class="form-horizontal"><div class="widget-actions form-actions" style="display: none;"><button class="btn" type="reset">{{ 'Cancel'|trans }}</button><button class="btn btn-primary" type="submit">{{ 'Proceed'|trans }}</button></div></fieldset></form></div>{% endif %}</div>This is even more surprising as I don’t check the access rights to Survey in this action.
Any ideas? Is my code wrong or did I miss something in the configuration?
The forum ‘OroCRM – Programming Questions’ is closed to new topics and replies.