Permalink
Browse files

Added Firewall and Registration Steps

Added additional controllers for User and Security (for authentication),
configured a firewall, updated our controllers for assigning the current
user. Updated entities to have a 'user', updated our fixtures to
generate. Updated the views to show the user, included a 'user bar' to
the top using twig action.
  • Loading branch information...
1 parent 9e3f35b commit 8c36c1c4266062ce727a71b0fbcc1cbf31372d5a @cammanderson cammanderson committed Aug 2, 2011
@@ -7,6 +7,7 @@
<link rel="shortcut icon" href="{{ asset('favicon.ico') }}" />
</head>
<body>
+ {% block userBar %}{% render "MelbSymfony2ForumExampleBundle:Security:userBar" %}{% endblock %}
{% block body %}{% endblock %}
{% block javascripts %}{% endblock %}
</body>
@@ -1,38 +1,45 @@
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
+ MelbSymfony2\ForumExampleBundle\Entity\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
- in_memory:
- users:
- user: { password: userpass, roles: [ 'ROLE_USER' ] }
- admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+ #in_memory:
+ # users:
+ # user: { password: userpass, roles: [ 'ROLE_USER' ] }
+ # admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+ default:
+ entity: { class: MelbSymfony2\ForumExampleBundle\Entity\User, property: name }
firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
+ profiler:
+ pattern: ^/_profiler
+ security: false
+
+ wdt:
+ pattern: ^/_wdt
security: false
login:
- pattern: ^/demo/secured/login$
+ pattern: ^/session/login$
security: false
secured_area:
- pattern: ^/demo/secured/
+ pattern: ^/
form_login:
- check_path: /demo/secured/login_check
- login_path: /demo/secured/login
+ check_path: /session/login/check
+ login_path: /session/login
logout:
- path: /demo/secured/logout
- target: /demo/
- #anonymous: ~
+ path: /session/logout
+ target: /
+ anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- #- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
+ - { path: /user/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: /, roles: ROLE_USER }
@@ -43,6 +43,15 @@ public function threadViewAction(Entity\Thread $thread)
}
/**
+ * @Route("/thread/{threadId}/post/{postId}")
+ */
+ public function postViewAction($threadId, $postId)
+ {
+ return array();
+ }
+
+
+ /**
* @Route("/thread-create", name="thread_create")
* @Template("MelbSymfony2ForumExampleBundle:Forum:thread-edit.html.twig")
*/
@@ -61,7 +70,14 @@ public function threadEditAction(Entity\Thread $thread = null)
private function threadEdit(Entity\Thread $thread = null)
{
- if(empty($thread)) $thread = new Entity\Thread();
+ if(empty($thread))
+ {
+ $thread = new Entity\Thread();
+ } elseif (!$thread->getUser()->equals($this->get('security.context')->getToken()->getUser()))
+ {
+ throw new BadCredentialsException('Not Autorised to edit');
+ }
+
$form = $this->createFormBuilder($thread)
->add('title', 'text')
->add('body', 'textarea')
@@ -75,6 +91,12 @@ private function threadEdit(Entity\Thread $thread = null)
// perform some action, such as save the object to the database
$entityManager = $this->getEntityManager();
+ $user = $thread->getUser();
+ if(empty($user)) {
+ $user = $this->get('security.context')->getToken()->getUser();
+ }
+
+ $thread->setUser($user);
$entityManager->persist($thread);
$entityManager->flush();
@@ -0,0 +1,65 @@
+<?php
+/*
+ *
+ * User: camm
+ */
+
+namespace MelbSymfony2\ForumExampleBundle\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
+use Symfony\Component\Security\Core\SecurityContext;
+
+/**
+ *
+ * @author camm
+ */
+class SecurityController extends Controller
+{
+ /**
+ * @Route("/", name="user_bar")
+ * @Template("MelbSymfony2ForumExampleBundle:Security:user-bar.html.twig")
+ */
+ public function userBarAction() {
+
+ return array('user' => $this->get('security.context')->getToken()->getUser());
+ }
+
+ /**
+ * @Route("/session/login", name="login")
+ * @Template("MelbSymfony2ForumExampleBundle:Security:session-login.html.twig")
+ *
+ */
+ public function loginAction()
+ {
+ // get the login error if there is one
+ if ($this->get('request')->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
+ $error = $this->get('request')->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+ } else {
+ $error = $this->get('request')->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
+ }
+
+ return array(
+ // last username entered by the user
+ 'last_username' => $this->get('request')->getSession()->get(SecurityContext::LAST_USERNAME),
+ 'error' => $error,
+ );
+ }
+
+ /**
+ * @Route("/session/logout", name="logout")
+ */
+ public function logoutAction()
+ {
+
+ }
+
+ /**
+ * @Route("/session/login/check", name="login_check")
+ */
+ public function loginCheckAction()
+ {
+
+ }
+}
@@ -0,0 +1,79 @@
+<?php
+
+namespace MelbSymfony2\ForumExampleBundle\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+use MelbSymfony2\ForumExampleBundle\Entity;
+
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
+use Symfony\Component\Validator\Constraints as Assert;
+use Symfony\Component\Form\FormError;
+use Symfony\Component\Security\Core\Authentication;
+
+class UserController extends Controller
+{
+ /**
+ * Returns with the service container Doctrine ORM
+ * @return Doctrine\ORM\EntityManager
+ */
+ protected function getEntityManager()
+ {
+ return $this->get('doctrine.orm.default_entity_manager');
+ }
+ /**
+ * @Route("/user/register")
+ * @Template
+ */
+ public function registerAction()
+ {
+ if(empty($user))
+ {
+ $user = new Entity\User();
+ }
+
+ $form = $this->createFormBuilder($user)
+ ->add('name', 'text')
+ ->add('emailAddress', 'text')
+ ->add('passwordNew', 'password')
+ ->add('passwordConfirm', 'password')
+ ->getForm();
+
+ $request = $this->get('request');
+ if ($request->getMethod() == 'POST') {
+ $form->bindRequest($request);
+
+ $entityManager = $this->getEntityManager();
+ $userValidate = $entityManager->getRepository('MelbSymfony2ForumExampleBundle:User')->findOneByEmailAddress($user->getEmailAddress());
+ if(!empty($userValidate)) {
+ $form->addError(new FormError('Username/email {emailAddress} dataEmailAddress not unique', array('{emailAddress}' => $user->getEmailAddress())));
+ }
+
+ if ($form->isValid()) {
+ // perform some action, such as save the object to the database
+
+ $factory = $this->get('security.encoder_factory');
+
+ $encoder = $factory->getEncoder($user);
+ $password = $encoder->encodePassword($user->getPasswordNew(), $user->getSalt());
+ $user->setPassword($password);
+
+ if(empty($user)) {
+ $user = $entityManager->getRepository('MelbSymfony2ForumExampleBundle:User')->findOneByName('user: 0');
+ }
+
+ $entityManager->persist($user);
+ $entityManager->flush();
+
+ // create the authentication token
+ $token = new Authentication\Token\UsernamePasswordToken($user, null, 'default', $user->getRoles());
+ // give it to the security context
+ $this->container->get('security.context')->setToken($token);
+
+ return $this->redirect($this->generateUrl('forum_default'));
+ }
+ }
+
+ return array('form' => $form->createView());
+ }
+}
@@ -18,11 +18,17 @@ public function load($manager)
// TODO: Implement load() method.
for($userIndex = 0; $userIndex < 5; ++$userIndex)
{
+ $user = new Entity\User();
+ $user->setName('user: ' . $userIndex);
+ $user->setPassword('jarrodhardcoded-salt');
+ $user->setEmailAddress('jarrod@flintinteractive.com.au');
+
for($index = 0; $index < 20; ++$index)
{
$thread = new Entity\Thread();
$thread->setTitle('thread: ' . $userIndex . ' - ' . $index);
$thread->setBody('body: ' . $userIndex . ' - ' . $index);
+ $thread->setUser($user);
for($postIndex = 0; $postIndex < 50; ++$postIndex)
{
@@ -31,11 +37,12 @@ public function load($manager)
$post->setTitle('title: ' . $userIndex . ' - ' . $index . ' - ' . $postIndex);
$post->setBody('body: ' . $userIndex . ' - ' . $index . ' - ' . $postIndex);
$manager->persist($post);
+ $post->setUser($user);
}
$manager->persist($thread);
-
}
+ $manager->persist($user);
}
$manager->flush();
}
@@ -39,6 +39,11 @@ class Post
private $body;
/**
+ * @ORM\ManyToOne(targetEntity="User", inversedBy="posts")
+ */
+ private $user;
+
+ /**
* @ORM\ManyToOne(targetEntity="Thread", inversedBy="posts")
*/
private $thread;
@@ -78,6 +83,16 @@ public function getTitle()
return $this->title;
}
+ public function setUser($user)
+ {
+ $this->user = $user;
+ }
+
+ public function getUser()
+ {
+ return $this->user;
+ }
+
public function setThread($thread)
{
$this->thread = $thread;
@@ -87,4 +102,6 @@ public function getThread()
{
return $this->thread;
}
+
+
}
@@ -20,7 +20,7 @@ class ThreadRepository extends EntityRepository
{
public function findAll() {
$em = $this->getEntityManager();
- $query = $em->createQuery('SELECT thread, COUNT(posts.id) AS postCount FROM MelbSymfony2\ForumExampleBundle\Entity\Thread AS thread LEFT JOIN thread.posts AS posts GROUP BY thread.id');
+ $query = $em->createQuery('SELECT thread, user, COUNT(posts.id) AS postCount FROM MelbSymfony2\ForumExampleBundle\Entity\Thread AS thread JOIN thread.user AS user LEFT JOIN thread.posts AS posts GROUP BY thread.id');
$results = $query->getResult();
$threads = array();
@@ -43,6 +43,11 @@ class Thread
private $body;
/**
+ * @ORM\ManyToOne(targetEntity="User", inversedBy="threads")
+ */
+ private $user;
+
+ /**
* @ORM\OneToMany(targetEntity="Post", mappedBy="thread")
*/
public $posts;
@@ -100,6 +105,16 @@ public function getTitle()
return $this->title;
}
+ public function setUser($user)
+ {
+ $this->user = $user;
+ }
+
+ public function getUser()
+ {
+ return $this->user;
+ }
+
public function setPostCount($postCount)
{
$this->postCount = $postCount;
Oops, something went wrong.

0 comments on commit 8c36c1c

Please sign in to comment.