From 05eb3bab08cd4fd9bd6a3fc9be70431cc0bff566 Mon Sep 17 00:00:00 2001 From: Arthur de Moulins Date: Fri, 15 Nov 2024 12:45:48 +0100 Subject: [PATCH 1/2] PS-727 fix collection delete permission --- databox/api/src/Security/Voter/AssetVoter.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/databox/api/src/Security/Voter/AssetVoter.php b/databox/api/src/Security/Voter/AssetVoter.php index 4df8543a6..7f94db0a4 100644 --- a/databox/api/src/Security/Voter/AssetVoter.php +++ b/databox/api/src/Security/Voter/AssetVoter.php @@ -72,10 +72,7 @@ protected function voteOnAttribute(string $attribute, $subject, TokenInterface $ return $isOwner() || $this->security->isGranted(self::SCOPE_PREFIX.'DELETE') || $this->hasAcl(PermissionInterface::DELETE, $subject, $token) - || ( - null !== $subject->getReferenceCollection() - && $this->hasAcl(PermissionInterface::DELETE, $subject->getReferenceCollection(), $token) - ); + || $this->voteOnContainer($subject, AbstractVoter::DELETE); case self::EDIT_PERMISSIONS: return $isOwner() || $this->security->isGranted(self::SCOPE_PREFIX.'OWNER') From c35f32ee640e60c68b3f47ec1184a050a65a61be Mon Sep 17 00:00:00 2001 From: Arthur de Moulins Date: Fri, 15 Nov 2024 13:21:03 +0100 Subject: [PATCH 2/2] fix easyadmin crud --- .../src/Controller/Admin/AttributeDefinitionCrudController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/databox/api/src/Controller/Admin/AttributeDefinitionCrudController.php b/databox/api/src/Controller/Admin/AttributeDefinitionCrudController.php index 666e79aa6..6243c4988 100644 --- a/databox/api/src/Controller/Admin/AttributeDefinitionCrudController.php +++ b/databox/api/src/Controller/Admin/AttributeDefinitionCrudController.php @@ -98,7 +98,7 @@ public function configureFields(string $pageName): iterable yield Field::new('facetEnabled') ->hideOnIndex(); yield ArrayField::new('fallback') - ->hideOnIndex(); + ->onlyOnDetail(); yield TextField::new('key') ->hideOnIndex(); yield IntegerField::new('position');