[hugevalParticipant]

Hello @brunpatoch, this issue has been resolved already

[hugevalParticipant]

Hi @james_allies. Please try to set 'required' => false for phoneNumber, direction attributes at CallType.php and remove direction, phoneNumber nodes at CallBundle/Resources/config/validation.yml

[hugevalParticipant]

In this case you should protect entities manually, as mentioned at page https://github.com/laboro/platform/blob/master/src/Oro/Bundle/SecurityBundle/Resources/doc/access-levels.md#manual-protection-of-select-queries.

For example, with QueryBuilder:

$repository = $this->getDoctrine() ->getRepository('AcmeDemoBundle:EntityB'); $queryBuilder = $repository->createQueryBuilder('e') $queryBuilder ->select('e') ->join('e.entityA'); $query = $this->get('ro_security.acl_helper')->apply($queryBuilder, 'VIEW');

1 2 3 4 5 6 7 8 9

$repository = $this->getDoctrine()    ->getRepository('AcmeDemoBundle:EntityB'); $queryBuilder = $repository->createQueryBuilder('e') $queryBuilder     ->select('e')     ->join('e.entityA'); $query = $this->get('ro_security.acl_helper')->apply($queryBuilder, 'VIEW');

Or with objects:

$entityB = $entityA->getEntityBs()->first(); if (!$this->securityFacade->isGranted('VIEW', $entityB)) { throw new AccessDeniedException('Access denided'); } else { // access is granted }

1 2 3 4 5 6 7 8

$entityB = $entityA->getEntityBs()->first(); if (!$this->securityFacade->isGranted('VIEW', $entityB)) {     throw new AccessDeniedException('Access denided'); } else {     // access is granted }

[hugevalParticipant]

@dimonixx, there are several ways to load entities. Could you please show an example how do you load entities?

[hugevalParticipant]

Hi @dimonixx, @andesk. Let me clarify oro security protection. Data grids and param converters are automatically protected with security protection. Please check

https://github.com/laboro/platform/blob/master/src/Oro/Bundle/SecurityBundle/Resources/doc/access-levels.md#data-grids-protections
https://github.com/laboro/platform/blob/master/src/Oro/Bundle/SecurityBundle/Resources/doc/access-levels.md#protection-with-param-converters.

But if you load objects manually, you should protect them with oro_security.acl_helper or oro_security.security_facade. Please check

https://github.com/laboro/platform/blob/master/src/Oro/Bundle/SecurityBundle/Resources/doc/access-levels.md#manual-protection-of-select-queries
https://github.com/laboro/platform/blob/master/src/Oro/Bundle/SecurityBundle/Resources/doc/access-levels.md#manual-access-check-on-object

To be able use protection you should make several steps:
1 Add ownership annotation to entity, as you made:

... /** * * @ORM\Entity * @ORM\Table(name="tbl_name_1") * @Config( * defaultValues={ * "security"={ * "type"="ACL", * "group_name"="" * }, * "ownership"={ * "owner_type"="ORGANIZATION", * "owner_field_name"="owner", * "owner_column_name"="organization_id" * } * } * ) */ class EntityB { ... }

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

...   /** * * @ORM\Entity * @ORM\Table(name="tbl_name_1") * @Config( *      defaultValues={ *          "security"={ *              "type"="ACL", *              "group_name"="" *          }, *          "ownership"={ *              "owner_type"="ORGANIZATION", *              "owner_field_name"="owner", *              "owner_column_name"="organization_id" *          } *      } * ) */ class EntityB { ... }

2 Make migration to create new acl_classes entry

... class AcmeBundle implements Migration { public function up(Schema $schema, QueryBag $queries) { $queries->addQuery( new UpdateEntityConfigEntityValueQuery( 'Oro\Bundle\AcmeBundle\Entity\EntityB', 'security', 'permissions', 'VIEW;CREATE;EDIT' ) ); } }

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

... class AcmeBundle implements Migration {     public function up(Schema $schema, QueryBag $queries)     {         $queries->addQuery(             new UpdateEntityConfigEntityValueQuery(                 'Oro\Bundle\AcmeBundle\Entity\EntityB',                 'security',                 'permissions',                 'VIEW;CREATE;EDIT'             )         );     } }

3 Add annotation to controller if you want to use param converters protection

... /** * * @Route("/acme/{id}/view", name="acme_entity_view", requirements={"id"="\d+"}) * @Acl( * id="acme_entity_view", * type="entity", * class="OroAcmeBundle:Entity", * permission="VIEW" * ) */ public function viewAction(Entity $entity) { ... } ...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

...      /**      *      * @Route("/acme/{id}/view", name="acme_entity_view", requirements={"id"="\d+"})      * @Acl(      *      id="acme_entity_view",      *      type="entity",      *      class="OroAcmeBundle:Entity",      *      permission="VIEW"      * )      */     public function viewAction(Entity $entity)     { ...     } ...

4 run app/console oro:platform:update console command

[hugevalParticipant]

Hi nurikabe, currently you can install synolia/syno-orocrm-fullcontact with commands:

cd /path/to/project wget http://getcomposer.org/composer.phar php composer.phar require synolia/syno-orocrm-fullcontact

1 2 3

cd /path/to/project wget http://getcomposer.org/composer.phar php composer.phar require synolia/syno-orocrm-fullcontact

[hugevalParticipant]

Hi! To create OneToOne relationship using migration, you can use Doctrine native methods Doctrine\DBAL\Schema\Table::addColumn() and Doctrine\DBAL\Schema\Table::addForeignKeyConstraint()

[Author]

Replies