This library aims to provide an easy way to protect fields from being edited in sonata admin, while still being displayed in the form.
Using the library, some entities fields may be fixed, e.g. coming from the ERP or some other system, while other fields may still be edited by the user. Furthermore, items created in the GUI might still be editable, including all fields, which are not editable for other instances.
In addition, the same checks can be used to protect entities from being deleted in the Sonata admin GUI on a per-item basis.
The system relies on the Fastbolt\SonataAdminProtectedFields\Protection\Checker\Checker interface which has access to all entity properties.
For custom implementation, please head to the Implementing custom checkers section.
Due to the PHP Attribute usage, we need at least PHP 8.0 or higher.
For now, the bundle is tested using PHP 8.0, 8.1 and 8.2 and the sonata admin bundle version 4.9
The library can be installed via composer:
composer require fastbolt/sonata-admin-protected-fields
If not configured automatically, the bundle needs to be enabled in your project's bundles.php file:
<?php
return [
Fastbolt\SonataAdminProtectedFields\SonataAdminProtectedFieldsBundle::class => ['all' => true],
];To enable dynamic field protection when editing entities in sonata admin, just add the corresponding attribute to your entity's field:
<?php
#[ORM\Column(type: 'string', length: 255)]
#[SonataAdminProtectedFields\WriteProtected]
private string $name = '';The default property protection is performed using the Fastbolt\SonataAdminProtectedFields\Protection\Checker\PropertyProtectionChecker service, which is automatically registered through the bundle configuration.
It expects your entity to implement a method isProtected() that returns a boolean value:
public function isProtected(): bool
{
return $this->isProtected;
}To enable dynamic delete protection, just add the corresponding attribute to your entity's class header:
<?php
#[ORM\Entity(repositoryClass: MaterialRepository::class)]
#[SonataAdminProtectedFields\DeleteProtected]
class MaterialThe protection checks use the same mechanism as outlined in the Field protection section.
Custom checkers need to implement the simple Fastbolt\SonataAdminProtectedFields\Protection\Checker\Checker interface:
<?php
use Fastbolt\SonataAdminProtectedFields\Protection\Checker\Checker;
class MyChecker implements Checker
{
public function getName(): string
{
return 'my_checker';
}
public function shouldBeProtected(object $item): bool
{
return true;
}
}All checkers need to have the DIC tag sonata_admin_protected_fields_checker. For further information on DIC tags
please refer to the symfony documentation.
services:
App\MyChecker:
tags:
- 'sonata_admin_protected_fields.protection_checkers'To enable the custom checker, the value returned from the getName method needs to be set in both Attributes:
<?php
use Fastbolt\SonataAdminProtectedFields\Mapping\Attributes as SonataAdminProtectedFields;
#[ORM\Entity(repositoryClass: App\Repository\MyEntityRepository::class)]
#[SonataAdminProtectedFields\DeleteProtected(checker: 'my_checker')]
class MyEntity
{
#[ORM\Column(type: 'string', length: 18)]
#[SonataAdminProtectedFields\WriteProtected(checker: 'my_checker')]
private string $myField = '';
}