OroPlatform Forums

Covering OroPlatform topics, including community updates and company announcements.

Forums Forums OroPlatform OroPlatform – Programming Questions Ownership in OneToMany relations

This topic contains 6 replies, has 3 voices, and was last updated by  hugeval 5 years, 4 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

  • Creator
  • #33837

    Dima Makaruk

    Hi i have the following problem.

    When loading the EntityA the OneToMany collection is loaded not filtered with the ownership. I’m getting always in OneToMany collections all the entities owned by different organizations. Is it possible to use ownership for OneToMany relations when loading on the inverse side ? Maybe i’m doing something wrong ?!

Viewing 6 replies - 1 through 6 (of 6 total)
  • Author
  • #33838


    I am also interested in that topic.



    Hi @dimonixx, @andesk. Let me clarify oro security protection. Data grids and param converters are automatically protected with security protection. Please check


    But if you load objects manually, you should protect them with oro_security.acl_helper or oro_security.security_facade. Please check


    To be able use protection you should make several steps:
    1 Add ownership annotation to entity, as you made:

    2 Make migration to create new acl_classes entry

    3 Add annotation to controller if you want to use param converters protection

    4 run app/console oro:platform:update console command


    Dima Makaruk

    @hugeval thank you for your answer. That’s exactly the way i’m using it.
    I have the following problem:
    – When loading the EntityA the OneToMany collection is not filtered with the ownership



    @dimonixx, there are several ways to load entities. Could you please show an example how do you load entities?


    Dima Makaruk

    i’m loading it with repository method for example findOneBy. And then $entityA->getEntityBs() returns the collection that is not filtered with owner .



    In this case you should protect entities manually, as mentioned at page https://github.com/laboro/platform/blob/master/src/Oro/Bundle/SecurityBundle/Resources/doc/access-levels.md#manual-protection-of-select-queries.

    For example, with QueryBuilder:

    Or with objects:

Viewing 6 replies - 1 through 6 (of 6 total)

The forum ‘OroPlatform – Programming Questions’ is closed to new topics and replies.

You will be redirected to [title]. Would you like to continue?

Yes No