How Rollerworks/strength-validator setup - symfony

Hi I'm really new with symfony and the idea of this is kinda new to me specially how the framework behaves. I'm using Symfony 2.8 (due to project demand). Now I need to implement a password strength validator using RollerWorks/strength-password-validator now the instruction here is not clear and I don't know where to start. I even don't know what the anotation mean. There are some sample that make use of this validation but is using an yml file just like THIS
It's just not clear on how do I start with this. I added
new Rollerworks\Bundle\PasswordStrengthBundle\RollerworksPasswordStrengthBundle(),
in the AppKernel under the registerBundles function. Then on the UserBundle/Entity under User.php file I added this
use Rollerworks\Component\PasswordStrength\Validator\Constraints as RollerworksPassword;
/**
* #RollerworksPassword\PasswordStrength(minLength=7, minStrength=3)
*/
protected $password;
But upon registration nothing happens. It still accept even if I use less than 7 password strength even the simplest password does not work. Any idea on this would be very helpful.
Thanks

Related

Issue with combining #ORM\ManyToOne annotation with #ORM\JoinColumn anntation on same variable

Okay to describe the question I've been attempting to make a join column using doctrine annotations in order to save the username of a user instead of the user_id. I thought to achieve that by using #ORM\JoinColumn and #ORM\ManyToOne annotation but sadly it didn't work and I can't find a suitable way of doing it.
/**
* #Gedmo\Blameable(on="create")
* #ORM\ManyToOne(targetEntity=User::class)
* #ORM\JoinColumn(name="username", referencedColumnName="Username", nullable=false)
*/
private $created_by;
As you can see I combine this logic together with the #Gedmo\Blameable annotation in order to automate user action tracking to see who created the record in the table.
So my question is does somebody have experience with this usecase and what did you do to resolve this problem. I think I'm on the right track but can't find anything that resolves this issue.
I'm also thinking that I found an error in the Symfony Doctrine code because it passes the persistent check. As you can see in the image EnttiyManager->flush is passed. Sorry in advance don't have the right to embed the image.
Errror Screen Symfony
Meaning that this code piece succcesfully goes through the persist and reaches the flush. Changed the url to google because of privacy concerns once again.
$betaallink = new Betaallink();
$betaallink->setDepartment($department);
$betaallink->setOwnreference($data["referentie"]);
$betaallink->setActive(true);
$betaallink->setReturnUrl("https://google.nl");
$entityManager->persist($betaallink);
$entityManager->flush();
And this is the database table for "Betaallink" which means in english "Paymentlink" in order to show that this column indeed exists. Once again no right to embed.
DB Columns
I normally would if this was a personal project include the User table but because of specific column names I can't share it because of privacy concerns.
Sorry in advance for grammar and other langauge faults, I normally don't type or speak fluent English

Symfony isGranted not working on Inherited Roles?

I have a user that has an inherited role of PERM_USER_READ.
when i tried to call $this->isGranted('PERM_USER_READ'); it always returns false. Is it the default behavior of the isGranted() ? If so, what can i do to evaluate inherited roles on my Twig and Controllers?
Thanks!
Try to rename your role to ROLE_PERM_USER_READ
Symfony 4 answer:
I find the ROLE with inherited ROLEs very confusing, so we've adopted a "a ROLE gives you ALLOWS"-system:
ROLE_PRODUCT_MANAGEMENT:
- ALLOW_PRODUCT_EDIT
- ALLOW_ASSORTMENT_READ
We ONLY check on ALLOW_* 'roles', which made everthing 100% less confusing.
We've ran into the same problem as you have. I've fixed that by creating a service which does the following:
// /vendor/symfony/security-core/Role/RoleHierarchyInterface.php
$reachableRoles = $this->roleHierarchy->getReachableRoleNames($user->getRoles());
// Check wether you have the required role, can you see this ENTITY in general?
if (!in_array('ALLOW_PRODUCT_EDIT', $reachableRoles, true)) {
return false;
}
Symfony 5 answer:
Unfortunally: none so far. From the source of RoleHierachyInterface:
* The getReachableRoles(Role[] $roles) method that returns an array of all reachable Role
* objects is deprecated since Symfony 4.3.
We're currently in the process of upgrading to Sym5, we havent arived at this point yet. If anyone has a neat solution for this, that would be great.
The role must start with ROLE_
As said in documentation
Every role must start with ROLE_ (otherwise, things won’t work as expected)
Other than the above rule, a role is just a string and you can invent what you need (e.g. ROLE_PRODUCT_ADMIN).

Where can Symfony services be useful?

There is the example of creating and using a service in the official documentation. At start we create some class, then register it in config/services.yml an then we can use it in our code like this:
$result = $this->get('app.myservice')->myMethod($arg);
//(In the [example][1] it is little bit other code:)
//$slug = $this->get('app.slugger')->slugify($post->getTitle());
But WHAT FOR? while I can just do the SAME like this:
use MyServiceNamespace/MyService
//...
$result = (new MyService())->myMethod($arg);
Where is profit of using Services? Is this just syntax sugar?
Nope. Far from syntax sugar.
You need to have a working understanding of what dependency injection means. Perhaps start by skimming through here: http://symfony.com/doc/current/book/service_container.html
Let's suppose your service needs a doctrine repository to do it's job. Which is better?
class MyController
{...
$userManager = $this->get('user.manager');
OR
$userRepository = $this->getDoctrine()->getManager()->getRepository('MyBundle::User');
$userManager = new UserManager($userRepository);
Your choice but once you have worked through the mechanics of how to add a service then you will never look back.
I should also point out that your sluglfy example requires a use statement and ties you code directly to a specific implementation. If you ever need to adjust your slugification then you need to go back and change all the places where it is used.
// These lines make your code more difficult to maintain
use Something\Slugify;
$slugify = new Slugify();
AS Opposed to
$slugify = $this->get('slugify');
'tIn this case, it's not really relevant. But from a simple design concern, services allow to make a better dependency management.
For instance, if you declare a service relaying on another one, then you won't have to instanciate both of them. Symfony will take care of it.
And since your declaration is centralized, any modification on the way you decide to create your service (= declare it), you won't have to change all the references to the services you changed since symfony will take care of the way it's instanciated when needed.
Another point is the scope of services. This information might be checked, but I think symfony instanciate service once (Singleton) which mean a better memory usage.

Symfony2: How to create event listener thru entity annotations?

I would like to have custom annotations on my entity that will do something on persist event, but defined thru annotations. An example:
/**
* #ORM\Entity
* #Searchable("column"="title")
*/
class Product
{
}
That #Searchable annotation should somehow trigger my code that will read column title, separate words and save into its own table (much simplified example of what I really need).
I am aware I can use doctrine listeners and register them in config.yml but I really need this to be done thru entity annotations so that searchable bundle could be easily reused thru different projects. I read tons of docs, even tried to understand Gedmo behaviours bundle code but I failed. Can somehow show me how to do this, in an idiot-proof way?
I even read http://php-and-symfony.matthiasnoback.nl/2011/12/symfony2-doctrine-common-creating-powerful-annotations/ but that was kinda too complicated.
The link you gave is a perfect example of how you should do it.
How much more complicated do you think it would be with a custom hand crafted solution?
Still, you could try to:
create a doctrine listener that listens on prePersist:
in this listener, use annotation driver/reader to read your annotation
do some crazy stuff with these informations
http://symfony.com/doc/current/cookbook/doctrine/event_listeners_subscribers.html#configuring-the-listener-subscriber
http://docs.doctrine-project.org/projects/doctrine-common/en/latest/reference/annotations.html
go crazy

Access Session from EntityRepository

I'm using Symfony2 with Doctrine2. I want to achieve the following:
$place = $this->getDoctrine()->getRepository('TETestBundle:Place')->find($id);
And on that place will be the info of the place (common data + texts) on the user language (in session). As I am going to do that hundreds of times, I want to pass it behind the scenes, not as a second parameter. So an English user will view the place info in English and a Spanish user in Spanish.
One possibility is to access the locale of the app from an EntityRepository. I know it's done with services and DI but I can't figure it out!
// PlaceRepository
class PlaceRepository extends EntityRepository
{
public function find($id)
{
// get locale somehow
$locale = $this->get('session')->getLocale();
// do a query with the locale in session
return $this->_em->createQuery(...);
}
}
How would you do it? Could you explain with a bit of detail the steps and new classes I have to create & extend? I plan on releasing this Translation Bundle once it's ready :)
Thanks!
I don't believe that Doctrine is a good approach for accessing session data. There's just too much overhead in the ORM to just pull session data.
Check out the Symfony 2 Cookbook for configuration of PDO-backed sessions.
Rather than setting up a service, I'd consider an approach that used a Doctrine event listener. Just before each lookup, the listener would pick out the correct locale from somewhere (session, config, or any other place you like in the future), inject it into the query, and like magic, your model doesn't have to know those details. Keeps your model's scope clean.
You don't want your model or Repository crossing over into the sessions directly. What if you decide in the future that you want a command-line tool with that Repository? With all that session cruft in there, you'll have a mess.
Doctrine event listeners are magically delicious. They take some experimentation, but they wind up being a very configurable, out-of-the-way solution to this kind of query manipulation.
UPDATE: It looks like what you'd benefit from most is the Doctrine Translatable Extension. It has done all the work for you in terms of registering listeners, providing hooks for how to pass in the appropriate locale (from wherever you're keeping it), and so on. I've used the Gedmo extensions myself (though not this particular one), and have found them all to be of high quality.

Resources