Make sure the following bundles are installed and set up:
ohmediaorg/antispam-bundle
ohmediaorg/email-bundle
ohmediaorg/timezone-bundle
ohmediaorg/utility-bundle
Enable the security bundle in config/bundles.php
:
return [
// ...
OHMedia\SecurityBundle\OHMediaSecurityBundle::class => ['all' => true],
];
Update config/packages/security.yml
:
security:
# ...
providers:
app_user_provider:
entity:
class: OHMedia\SecurityBundle\Entity\User
property: email
firewalls:
# ...
main:
# ...
provider: app_user_provider
form_login:
login_path: user_login
check_path: user_login
enable_csrf: true
username_parameter: form[email]
password_parameter: form[password]
csrf_parameter: form[token]
logout:
path: user_logout
target: user_login
login_throttling: ~
# ...
access_decision_manager:
strategy: unanimous
allow_if_all_abstain: false
Update config/packages/routes.yml
:
oh_media_security:
resource: '@OHMediaSecurityBundle/Controller/'
type: attribute
Override this bundle's templates in the directory templates/bundles/OHMediaSecurityBundle
.
You will need to render some forms by creating the following files in the aforementioned directory:
forgot_password_form.html.twig
login_form.html.twig
password_reset_form.html.twig
The forms can simply be rendered with {{ form(form) }}
.
Email templates can be overridden in the same directory:
password_reset_email.html.twig
verification_email.html.twig
Make the user migrations:
$ php bin/console make:migration
$ php bin/console doctrine:migrations:migrate
To create the first user, run this command:
$ php bin/console ohmedia:security:create-user
Define a new attribute constant and corresponding function in your voter:
<?php
namespace App\Security\Voter;
use App\Entity\Post;
use OHMedia\SecurityBundle\Entity\User;
use OHMedia\SecurityBundle\Security\Voter\AbstractEntityVoter;
class PostVoter extends AbstractEntityVoter
{
// ...
const PUBLISH = 'publish';
// ...
protected function canPublish(Post $post, User $loggedIn): bool
{
return !$post->isPublished();
}
}
The corresponding function is "can" concatenated with the PascalCase of the attribute string. In this case, "publish" and "canPublish".
Utilizing voter constants in a controller:
// App/Controller/PostController.php
use App\Security\Voter\PostVoter;
// ...
#[Route('/post/{id}/publish', name: 'post_publish', methods: ['GET', 'POST'])]
public function publish(Post $post, Request $request)
{
$this->denyAccessUnlessGranted(
PostVoter::PUBLISH,
$post,
'You cannot publish this post.'
);
// ...
}
Utilizing voter constants in a template:
{% set publish_attribute = constant('App\\Security\\Voter\\PostVoter::PUBLISH') %}
{% if is_granted(publish_attribute, post) %}
{# do something #}
{% endif %}
Editing a non-developer user will show a selection of Permissions. To add to this
selection, create a service that implements OHMedia\SecurityBundle\Service\EntityChoiceInterface
.
You may need to manually tag your service as oh_media_security.entity_choice
.