customizing ZfcUser - zend-framework2

What I would like to do is to add some more properties(fields) for a registering user to fill out for example: we have a display name by provided by default and i would like to have some more like, place of birth, birth date and so on..
I created my own entity class and made ZfcUser working with it (to be more specific: i added some protected variables, getters and setters methods).
My problem is that i dont really know what to do next. I know that i should obviously add some elements to forms and i can do it but how can i "let know" zfcuser that i have some more variables in entity class so it can work with database well.
btw. i cant understand how this module is working for example where exactly it runs scripts which work with database

Check out CdliUserProfile it's an existing extension for ZfcUser with UserProfile support (and therefore custom properties). Check that code or use the module itself ;)

Related

spring security ldap additional attributes

I would like to add a few additional ldap attributes (actually just one) to the userdetail object. It seems like the only way to do that is to override the usercontextmapper classes which then involves extending person class and essence class within it. It seems like a little too much work just to add some additional attributes. Before pursuing that route I wanted to make sure that there isnt another easier way to accomplish this.
Basically I have an attribute called "collections" in ldap which I would like to have available on the Principal object within my application.
Thanks
You don't have to extend the internal classes if you don't want to. The only thing that the UserDetailsContextMapper requires is that the object you return from mapUserFromContext implements UserDetails.
So you should be able to just read the attributes you want (including "collections") from the LDAP context object (the DirContextOperations) and use these to create your instance.

MVC4 Form verification, maybe Action Filters

I need to add two kinds of verification to a comment form I’ve built. Some type on human verification and some type of email verification. Would putting these into Action Filters be a good way to go?
I don’t want to use Google’s recapture, I don’t like using it myself when I’m asked too and I have seen some other clever options around the place but that’s for another thread.
Is this the type of thing I should/could put into Action Filters???
Cheers,
Mike.
I found the answer to this thanks to a great guy at asp.net, so I will quote him, CodeHobo said,
“You implement this by using the concept of a buddy class. Basically you create another class with public properties that match the properties of your EF model. You apply the validation attributes to your "buddy class".
Then create a partial class to match your EF model (EF generates partial classes for all models). You add an attribute to your partial that points to your "buddy class". Basically you are telling mvc to use the validations in the associated class instead of the EF model.
Take a look at this
http://www.asp.net/mvc/tutorials/older-versions/models-(data)/validation-with-the-data-annotation-validators-cs”
This worked for me and was amazingly simple to implement thanks to MVC.

Implementing Select List Lookup ViewModel Attribute

I'm trying to implement a more customisable version of using ViewModel attributes and a Model Enricher to populate viewmodels lists like in this this question and associated blog post.
I would like to be able to specify the method on my select list interface from the Attribute.
Each Select List service I have returns an IEnumerable that I use to make a select list and presently exposes an All interface as the sample does. I can easily use the All method because all interfaces provide that. However I often wish to able to use other methods like the AllTradingCompanies() AllManafacturingCompanies() methods of my select list class to get filtered lists.
It is presently looking like I may have to implement a Custom attribute to map to specific e.g. [AllCompanyList] attributes but that moves me away from the nice generic method that the existing version gives me. I guess I could use it to complement it but then its starting to lose some of the charm. I also am implementing IModelEnrichers which can do custom per view model logic.
Any thoughts on a nice way to implement this?
I implemented the solution using pairs of Attributes to define a requirement for data on a ViewModel and a provider of data a repository or a service within my domain. See my follow up question asking whether this is a good idea.

Creating a 'configuration settings' object, persisted to the db, that you can create properties for

Since Rails is using Ruby (dynamic language), would it be possible to create a very flexible
'configuration' class that has properties that you use throughout the website, AND have the ability to add new class properties (in the db for web modification) and then just use it in the code.
Each property would be of a specific type like a string, integer, bool etc.
You can't do this in a strongly typed language, but it must be possible with Ruby!
So say my class is like:
globalConfig.is_active
globalConfig.admin_email
I guess to make this work, I would loop through all the properties in the db, create properties in the class and assign the value right?
I actually have a settings plugin on GitHub you can use:
http://github.com/bellmyer/settings
It makes this easier for you. Right now it's not rails3-ready, so let me know if you need that. I also need to put in the time to roll it into a gem, instead of a plugin.
If you end up using it, let me know and I'll get it up to date. Otherwise, you can look at the code to see how I did things, and use that to help build your own custom solution.

ACL on field level in Grails

in our new software project, we have the following requirement: A webpage shall show a set of data. This data shall be editable by some users (assigned to roles, i.e. manager), and only viewable by others. The tricky part is described by an example:
A User-page consists of address data and account information. The addess data shall be editable by the user and the manager and viewable by all users, while account information shall only be viewable by the actual user and the manager.
I have read a lot of information about SpringSecurity. It provides a very good framework to gran permissions on urls and methods and even domain classes. But what I need is field level ACLs. At least, that's what I think at the moment.
So, the question is: How to solve this problem using Grails?
Thanks a lot in advance,
Regards Daniel
Spring Security (Acegi Plugin) is definitely the way to go with Grails.
There is a taglib you can use that will allow a page to be different for different roles such as the following:
<g:ifUserHasRole roles="ROLE_ADMIN">
html code for extra fields
</g:ifUserHasRole>
Me, I'd encode it on the domain class, emulating the way GORM has you annotate the domain classes (static access = [field1: "ROLE_USER", field2: "ROLE_ADMIN,ROLE_USER"] as an example). Then build a method your controller could use to redact them for a given user. That method could use the domain class's annotations to decide how to redact it. Then, metaprogram it onto each of the domain classes the way plugins do.
Similarly, write the opposite method to restrict data bindings of params into the domain class, write your own data binding utility method, then metaprogram it onto each domain class as well.
Then you can just use instance.redact(user) or instance.bindData(params, user) to do what you want, and it's practically declarative syntax.
We have a similar situation and use both the ifUserHasRole tag in the gsp to drive the appropriate presentation and the we have a filter that enforces the rules based on the action being called. For example, on user controller we would only allow the management roles to call save action, or if the user.id is the same as the session.user.id. This seemed to be the best option for our situation.
What about creating an ACL class like this:
class ACL(val entry: Entry*) {
def isAccessAllowed(subject: String, permission: String): Boolean = ...
}
class Entry(val subject: String, val permission: String*)
usage:
new ACL(
new Entry("dave", "read", "write"),
new Entry("linda", "read")
)
(This example is in Scala, because I found it more expressive in this case, but it should be easy to transfer it to Groovy.)
You would then connect an ACL object with the object to be protected.

Resources