I'm creating my own blog engine to learn Symfony, and I have a question :
I can add and edit users thanks to the sfGuardUser module, but how can I allow users to edit only their reccord ?
Users should have access to a page allowing them to edit their email, name, password, and Profile.
Any ideas ?
In the action where the profile is updated you retrieve the users object via the getId() method and apply the changes on the returning object.
$user = sfGuardUserPeer::retrieveByPK(
$this->getUser()->getGuardUser()->getId()
);
I found the following code, will try it tonight.
class sfGuardUserActions extends autoSfGuardUserActions {
public function executeEdit(sfWebRequest $request) {
$this->checkPerm($request);
parent::executeEdit($request);
}
public function checkPerm(sfWebRequest $request) {
$id = $request->getParameter('id');
$user = sfContext::getInstance()->getUser();
$user_id = $user->getGuardUser()->getId();
if ($id != $user_id && !($user->hasCredential('admin'))) {
$this->redirect('sfGuardAuth/secure');
}
} }
from http://oldforum.symfony-project.org/index.php/m/96776/
Related
I must insert a link in an email that send to my user. So I have an Entity class that send this mail. But I don't know how i can create this link with "url" method of the view/controller system of ZF2.
My class is:
class UserEntity
{
public function sendMail($user)
{
$link = $unknow->url("route",array("param" => "param")); //how can create this ?
$text = "click here $link";
$this->sendMail($to,$text);
}
}
Can you help me? Thanks
In terms of design, it would be considered bad practice to have your domain model responsible for the creation of the URL (or anything else that that does not describe the entity in its simplest terms).
I would create a UserService that would encapsulate the a SendMail function where a UserEntity could be passed as an argument and it's email property used to send the email.
class UserService {
protected $mailService;
public function __construct(MailService $mailService) {
$this->mailService = $mailService;
}
public function sendUserEmail(UserEntity $user, $message) {
$this->mailService->send($user->getEmail(), $message);
}
}
The mail service could be another service encapsulating the Zend\Mail\Transport instances.
Your controller would use the UserService to send the mail to the correct user.
The $message which needs to include a URL that is generated using the Zend\Mvc\Controller\Plugin\Url controller plugin
class UserController extends AbstractActionController {
protected $userService;
public function __construct(UserService $userService) {
$this->userService = $userService;
}
public function sendEmailAction() {
// load $user from route params or form post data
$user = $this->userService->findUserByTheirId($this->params('id'));
// Generate the url
$url = $this->url()->fromRoute('user/foo', array('bar' => 'param1'));
$message = sprintf('This is the email text link!', $url);
$this->userService->sendUserEmail($user, $message);
}
}
These are contrived examples but my point is that you should only store information in your entity allowing you to "do stuff" with it, not within it.
I'm using Facebook to preautheticate users, so when they visit a page, an ajax function is called to login the user, and the server will also check to see if the user is already authenticated to the site. These users have entries in the user database on the server.
The server side code is below, which is called by ajax. After that, is a second method I use to get more information on the user that is stored in the database.
When I call User.Identity.IsAuthticaed in the second method, in the same Controller, the User object is still null. The User object contains all the information in FBReg below.
Edit:
After further troubleshooting I found that the ActionResult that calls getUserInfo() has the User object populated. So I'm not sure why getUserInfo() has a null User. I guess I can just pass the object then, but I'm still just curious why this happens.
[HttpPost]
public String FBReg(FBInfo userinfo)
{
..
..
..
if (!User.Identity.IsAuthenticated)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(userinfo.id, "FBPassword"))
{
FormsAuthentication.SetAuthCookie(userinfo.id, true);
var result = (from u in db.users where (u.username == userinfo.id) select u).FirstOrDefault();
result.LastLoginDate = DateTime.Now;
db.SaveChanges();
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
..
..
..
return "";
}
public UserRepository getUserInfo()
{
bool isauth = false;
try
{
if (User.Identity.IsAuthenticated) // User is always null even after FBReg has User as Authnticated with all the correct information
{
isauth = User.Identity.IsAuthenticated;
}
}
catch { }
// get user info from database to display on page
..
..
..
return userInfo;
}
On my website, I use a ReCaptcha widget in the form used to add comments. Once the form has been correctly sent, I write a cookie to the user's computer.
I would like to remove the ReCaptcha widget when the user has that cookie, so that returning visitors don't have to type a captcha. Can I do that in forms/commentForm.class.php, or do I need to create a new form ?
Save your flag in session:
<?php
...
if ($form->isValid()) {
...
// comment added
$this->getUser()->setAttribute('is_bot', false);
...
}
In another action:
<?php
$this->form = new CommentForm();
if ($this->getUser()->getAttribute('is_bot', true)) {
$this->form->setWidget(); // set captcha widget
$this->form->setValdiator(); // set captcha valdiator
}
Hope this helps.
It is often handy to pass a User instance as an option when creating a form in action:
public function executeNew(sfWebRequest $request)
{
$this->form = new ModelForm(null, array('user'=>$this->getUser));
}
Now you can configure you form based on user session attributes:
class ModelForm extends BaseModelForm
{
public function configure()
{
if ($this->getOption('user')->getAttribute('is_bot', false)
{
//set your widgets and validators
}
}
}
I'm trying to save some users in a custom admin form and I'd like to set them in a particular group, in the sfGuardUserGroup.
So If the user I've just created has an id of 25, then I'd expect an entry in the sfGuardUserGroup table with a user_id of 25 and a group_id of 8 (8 is my group id I want o add these users to.)
Could I do this in the form class, or in the processForm action?
I'm using doctrine and SF1.4
Thanks
This should do what you need:
<?php
class AdminUserForm extends sfGuardUserForm
{
public function configure()
{
//customise form...
}
public function save($con = null)
{
//Do the main save to get an ID
$user = parent::save($con);
//Add the user to the relevant group, for permissions and authentication
if (!$user->hasGroup('admin'))
{
$user->addGroupByName('admin');
$user->save();
}
return $user;
}
}
If you require this behaviour for all sfGuardUser's created you should put this logic in the model for sfGuardUser class. [example below]
// sfGuardUser class
public function save(Doctrine_Connection $conn = null) {
if (!$this->hasGroup('group_name'))
$this->addGroupByName('group_name', $conn);
parent::save($conn);
}
If you require this functionality only on this specific form, you should put the logic within the form. Adding logic to the processForm action would be incorrect as you would be placing business logic within the controller.
I'm creating my own blog engine to learn Symfony, and I have a question :
In the generated administration pages for a blog post, I have a drop-down list of authors, to indicate the author_id.
I'd like to hide that drop-down list, and set the author_id to the id of the current logged-in user when the post is created (but not when it is edited)
How can I accomplish that ?
Edit
I've tried those :
$request->setParameter(sprintf("%s[%s]", $this->form->getName(), "author_id"), $this->getUser()->getAttribute("user_id"));
$request->setParameter("content[author_id]", $this->getUser()->getAttribute("user_id"));
$request->setParameter("author_id", $this->getUser()->getAttribute("user_id"));
$request->setParameter("author_id", 2);
$request->setParameter("content[author_id]", 2);
$request->setParameter("author_id", "2");
$request->setParameter("content[author_id]", "2");
In processForm() and executeCreate()
Resolved !
The final code is :
public function executeCreate(sfWebRequest $request)
{
$form = $this->configuration->getForm();
$params = $request->getParameter($form->getName());
$params["author_id"] = $this->getUser()->getGuardUser()->getId();;
$request->setParameter($form->getName(), $params);
parent::executeCreate($request);
}
Override the executeCreate function in the actions file. When binding post data to the form, merge the current user's id into it.
2nd update
I did some experimenting, and this works:
class fooActions extends autoFooActions
{
public function executeCreate(sfWebRequest $request)
{
$form = $this->configuration->getForm();
$params = $request->getParameter($form->getName());
$params["author_id"] = 123;
$request->setParameter($form->getName(), $params);
parent::executeCreate($request);
}
}
change the widget in the form with the sfWidgetFormInputHidden and set the value with sfUser attribute (that defined when a user logged in)
override the executeCreate() and set the author_id widget (thanks to maerlyn :D )
public function executeCreate(sfWebRequest $request){
parent::executeCreate($request);
$this->form->setWidget('author_id', new sfWidgetFormInputHidden(array(),array('value'=>$this->getUser()->getAttribute('author_id'))) );
}
In Objects , the solution is: (new and $this)
class fooActions extends autoFooActions
{
public function executeCreate(sfWebRequest $request)
{
$this->form = new XxxxxForm();
$params = $request->getParameter($this->form->getName());
$params["author_id"] = 123;
$request->setParameter($this->form->getName(), $params);
parent::executeCreate($request);
}
}