I have two applications. I want to disable one according a field stored in a database.
Is possible to disable an application (((if it's not posible) a module) by code maybe using a filter) ? I've found a piece of code that executes the project:disable but i think it's not nice enough.
The alternative I think is to check the value stored in the database inside a custom filter and then redirect to an action that inform 'The site is disabled'.
You can create a filter that checks if the current user may access the requested module/action:
if($this->getRequest()->getParameter('module')=='yourmodule' && !$this->getUser()->mayAccess('yourmodule'()){
//redirect to somewhere else
}
In user class:
function mayAccess($module){
$key = $module.'_enabled';
if(!$this->hasAttribute($key)){
$enabled = ... //Fetch permission from database
$this->setAttribute($key,$enabled);
}
return $this->getAttribute($key);
}
Something like that. Maybe you can use the modules security.yml file and override the function that checks the users credentials and permissions, like the hasCredential() method? That actually seems a more clean way to do it.
See: http://www.symfony-project.org/api/1_4/sfBasicSecurityUser
You could dynamically load only the application you want in your index.php file.
Related
I need to redirect user after login to a different place according to its role.
The logic is simple. I tried to put it in redirectPath() function in Nova LoginController.php, but I have a very weird behavior - sometimes after login I reach the right place, sometimes Nova redirects me to panel.
Any idea?
After a couple of hours of investigation, I figured out that the solution is quite simple.
All I had to do is to add the following function to nova LoginController:
protected function sendLoginResponse(Request $request)
{
$request->session()->regenerate();
$this->clearLoginAttempts($request);
$redirectPath = $this->redirectPath();
redirect()->setIntendedUrl($redirectPath);
return redirect()->intended($redirectPath);
}
Explanation:
This function is implemented in trait AuthenticatesUsers.
intended function (member of Redirector class) create a redirect response, based on previously intended location, and if not exists - on given url.
If no url.intended is set in session, user will be redirected to url generated by LoginController::redirectPath. However, if there an entry of url.intended does exist in session, we need to delete it in order to force redirecting user to the url we are interested in.
The only problem which I see is that we loose the feature of redirecting user to the same page he was before he was logged out. So it is a simple matter of choice as a developer...
I am writing a web application that has a front facing website and then an admin console. I would like to be able to have a setting that when set to true means that a holding or maintenance page is displayed on the front end website.
My routes configuration is currently in a yaml file and is read on on each request. But now I want it to be clever enough to know whether it is in maintenance mode or not and if it is to direct all routes to one specific page. Or it could change the routes so that there is only one.
I have thought that this could be done with different files being loaded based on the setting but then means that all routes are static and cannot be retrieved from a database for example. Additionally I have had problems reading from the database during the setup phase of the request. I configured the system to read from the DB as service but this does not appear to be usable at the setup phase, have i got this wrong?
Any pointers gratefully recieved.
Russell
I often use maintenance page with Silex:
At the same place I define $app['debug'] = true; I also define an other variable $app['maintenance'] = true; that I use for various check.
Among them I define a maintenance page as following:
$app->before(function (Request $request, Application $app) {
if($app['maintenance']){
$subRequest = Request::create('/maintenance', 'GET');
return $app->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
}
});
$app->get('/maintenance', function () use ($app) {
// Here you can return your maintenance page
return $app->render('maintenance.twig');
});
Then when I turn on the maintenance variable, every request is redirected to the maintenance route.
As you can see I don't use any yaml configuration file in my app, but the idea is the same with them.
EDIT: The solution turned out to be along these lines:
public function executeIndex(sfWebRequest $request)
{
if ($request->getParameter('first_name')) {
$this->setFilters(array('first_name' => $request->getParameter('first_name')));
}
parent::executeIndex($request);
}
Hi,
So, I've just started using symfony admin generator and it's great. But, I want to know, how I can I filter the lists using a GET request? e.g. /users?name=Simon
If I try: /users/filter/action/users[name]/Simon
It complains there is no CSRF token, because usually you filter by using the filter form it generates for you.
All I want to do is create links from one list to the other. e.g. clicking "See this User's Posts" in each user list record will send you to the Posts screen but with it filtered by this user.
I wouldn't be surprised if this could actually be done by the generator.yml but I don't know how, yet.
Thanks in advance for any assistance you can provide.
My answer here explains what you need: symfony - admin module filters accessible as links
I have tried embedding the filter form of the "target" table in the main table from which you would like to be redirected hidding everything but the filter button. As you have mentioned it does not always work without the token.
i have a uri such as someController/someAction?param1=aa¶m2=bb
is there some method of grails can extract controller name and action name from this uri.
or shiro has any method to detect this uri is permitted?
i have a domain Menu(name,url), and now want to get the menu list which is permitted for current user.
url such as /auth/login(may be mapping as user:login), /user/login
so 2 days ago i ask this question.
now i change the menu to (name,controller,action,param),and filter the menulist like this:
def subject = SecurityUtils.subject;
menuList.each{
if(it.permission){
def perm = shiroPermissionResolver.resolvePermission("${it.permission.controller}:${it.permission.action}")
def isPermitted = subject.isPermitted(perm)
println "$isPermitted -> ${it.permission.controller}:${it.permission.action}"
}
}
sorry for my poor english,and thanks for reply.
btw,here is another question of how to cache shiro:
how to use cache permissions in grails shiro
To proflux:
so what do u think is the better way to store menulist?
cause:
it need to show different menu to user due to their permissions.
sometime we update a webapp, but want to show menu to user later.
so we only need to change such as a menu.visible. (better than change hard code cfg or source).
we areusing extjs to show the menu(so nav plugin cant use).
Shiro uses the convention of $controller:$action for permissions. You have two options:
Use the Shiro Tags
Use the Shiro API directly
In the first case, in your GSP you can add something like:
<shiro:hasPermission permission="someController:someAction">
<g:link...>
</shiro:hasPermission>
<shiro:lacksPermission permission="someController:someAction">
No link
</shiro:lacksPermission>
Alternatively, you can use the <g:if...> tag and use the
SecurityUtils.subject.isPermitted("someController:someAction")
method to directly check if the user has the necessary permission.
For more info, check out the Grails Shiro Tag Library Source and the Shiro API docs.
I'm using Symfony 1.4/Doctrine's admin generator.
There's a list of questions and I'd like to be able perform a custom object_action on each of them.
What I'm looking for is to mimic the _delete object action but doing some calculation before that.
So I created a new action :
public function executeListDeleteAndRecalculate(sfWebrequest $request)
{
// Do the calculation
// Then delete the question
}
And I'm adding it to my generator.yml:
object_actions:
delete_and_recalculate: ~
the new action shows in the admin generator but the delete part doesn't work.
I tried a bunch of thing to make it work:
Once all the calculation was done, I first tried to redirect to the questionActions/delete action.
I also tried to copy the executeDelete code to my new action.
But everytime I get the infamous
500 | Internal Server Error |
sfValidatorErrorSchema
_csrf_token [Required.]
So I'm guessing Symfony is doing some magic before actually deleting an object.
Do you know what I'm missing and what's the best way to implement a deleteAndRecalculate kind of action?
Edit:
Of course if I remove the $request->checkCSRFProtection(); everything works just fine. But I assume it's pretty important so I'd like to find a prettier solution.
This is because the delete link from the admin generator uses a token to prevent CSRF attacks.
Basically, it sets a token into your session and into an hidden field of a form then checks them one against another on the request. This is possible because the delete link in the admin generator is actually a (javascript generated) form (this is done to add a sf_method hidden field to simulate REST behavior).
For more information on how CSRF works and can be prevented, you can read further on Wikipedia: http://en.wikipedia.org/wiki/Cross-site_request_forgery
What you can do is use the same kind of link, you just have to pass a method parameter to link_to for it to generate a form, have a look at lib/generator/sfModelGeneratorHelper.class.php line 32 to see how it's done in the admin-gen.
You would then execute $request->checkCSRFProtection() in your executeDeleteAndRecalculate method, and proceed with whatever you want to do, including deleting the object by hand.
To properly generate the link, you would add a linkToDeleteAndRecalculate method in the Helper class of your module (that should lie in the lib/${YourModule}GeneratorHelper.class.php file of your module directory) and add the following code (directly taken and adapted from sfModelGeneratorHelper):
public function linkToDeleteAndRecalculate($object, $params)
{
if ($object->isNew())
{
return '';
}
return '<li class="sf_admin_action_delete">'.link_to(__($params['label'], array(), 'sf_admin'), 'delete_and_recalculate', $object, array('method' => 'delete', 'confirm' => !empty($params['confirm']) ? __($params['confirm'], array(), 'sf_admin') : $params['confirm'])).'</li>';
}
Please note that you have to change the route (I've put delete_and_recalculate by default but you might want to prefix it with your module's name) from the link_to call.
You can then use your delete_and_recalculate nearly like a builtin method from the admin generator (and pass it a label from the generator.yml for example)
Now that was the hard-way.
The easy way would be to subscribe to the admin.delete_object event, from your module's pre-execute for example, and to your job there :-)