Develop Reference

Install FOS UserBundle

I'm following a tutorial to install this FOSUserBundle to my project.
I got my information from this french tutorial: http://www.tutodidacte.com/symfony2-installer-fosuserbundle
So I did those commands:
php ./composer.phar require friendsofsymfony/user-bundle "~2.0#dev"
php composer.phar update
Then I created a new Bundle,
php bin/console generate:bundle
Bundle Namespace : Kingdom/UserBundle
But after doing that, in the AppKernel i can see the new UserBundle, mais the FOSUserBundle isn't here.
I try to add it by myself writting it in the file; but after when i try to create an entity we can see something is clearly wrong.
Sorry for the presentation of this below...I haven't succeed to print it correctly.
php bin/console generate:doctrine:entity
Fatal error: Uncaught exception 'Symfony\Component\Config\Definition\Exception\I
nvalidConfigurationException' with message 'The child node "db_driver" at path "
fos_user" must be configured.' in C:\wamp\www\Kingdom\vendor\symfony\symfony\src
\Symfony\Component\Config\Definition\ArrayNode.php:240
Stack trace:
0 C:\wamp\www\Kingdom\vendor\symfony\symfony\src\Symfony\Component\Config\Defin
ition\BaseNode.php(303): Symfony\Component\Config\Definition\ArrayNode->finalize
Value(Array)
1 C:\wamp\www\Kingdom\vendor\symfony\symfony\src\Symfony\Component\Config\Defin
ition\Processor.php(37): Symfony\Component\Config\Definition\BaseNode->finalize(
Array)
2 C:\wamp\www\Kingdom\vendor\symfony\symfony\src\Symfony\Component\Config\Defin
ition\Processor.php(50): Symfony\Component\Config\Definition\Processor->process(
Object(Symfony\Component\Config\Definition\ArrayNode), Array)
3 C:\wamp\www\Kingdom\vendor\friendsofsymfony\user-bundle\DependencyInjection\F
OSUserExtension.php(51): Symfony\Component\Config\Definition\Processor->processC
onfigur in C:\wamp\www\Kingdom\vendor\symfony\symfony\src\Symfony\Component\Conf
ig\Definition\ArrayNode.php on line 240

It seems you haven't properly configured the bundle. Follow the steps here:
http://symfony.com/doc/current/bundles/FOSUserBundle/index.html
In your case, it seems you are missing at least this:
http://symfony.com/doc/current/bundles/FOSUserBundle/index.html#step-5-configure-the-fosuserbundle
EDIT: After reading your question again, it seems you're not loading the bundle properly, as described here:
http://symfony.com/doc/master/bundles/FOSUserBundle/index.html#step-2-enable-the-bundle

After Installation A bundle needs to be enabled in AppKernel.php file. FOSUserBundle needs a bit of configuration to make it work properly I have written a simple and easy guide on it:
https://www.cloudways.com/blog/implement-fosuserbundle-in-symfony-3-1/
Installation:
composer require friendsofsymfony/user-bundle "~2.0#dev"
Enabling Bundle in AppKernel.php
After installing FOSUserBundle you must enable it in the project. Go to app/config/AppKernel.php and add the highlighted line in the bundles array.
$bundles = [
...
new FOS\UserBundle\FOSUserBundle(),
]
Create User Entity
Create the User entity as you are creating above :)
Configuring Security.yml file
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
# if you are using Symfony < 2.8, use the following config instead:
# csrf_provider: form.csrf_provider
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
Configure FOSUserBundle in a Config
Add this config in config.yml
fos_user:
db_driver: orm
firewall_name: main
user_class: AppBundle\Entity\User
Importing Route files of FOSUserBundle
Add this to import routes in Routing.yml
fos_user:
resource: "#FOSUserBundle/Resources/config/routing/all.xml"
Updating Database Schema
The last step is to update the database schema to create table in the database.
php bin/console doctrine:schema:update --force
Now move to the app URL add /login in it you will see the login page.

Symfony 3.2 Multi tenant application with multiple Guard entry points

I am implementing a multi tenant application where the customer requires me to follow a specific data model. The customer required two seperate login systems that I am implementing using the guard system.
The first one is used to login customers. The difficulty here is that it is required to store the users passwords in the customer's database. To accomplish this I have implementation the guard system to first looks up the username in the 'login' database. From that same database the (encrypted) connection parameters for the users application database are retrieved. Using these parameters the users application database connection is created dynamically ('app') and the user is logged in using the information in this application database. On subsequent page requests the users application database is dynamically connected using a service on triggers on each pageload. So far so good.
The second Guard system is used to login to the back-end for management tasks. This login system is actually much simpler and uses a single database 'admin_login' to verify the users credentials. (So username, password and all other user properties are in one single database). The problem occurs after successfully logging in on the 2nd Guard implementation. The forward to the back-end home page triggers an error and I am unable to find to cause of this.
The error message is:
The class 'AppBundle\Entity\Login\Admin\AdminUser' was not found in the chain configured namespaces AppBundle\Entity\App
The error triggers before any code from the corresponding controller is hit. When I set the 'intercept_redirects' configuration item to true I can see that the administrative user is fully authorized before the redirect is taking place.
My doctrine configuration in config.yml
# Doctrine Configuration
doctrine:
dbal:
default_connection: app # specify the connexion used by default
connections:
login:
driver: pdo_mysql
host: '%database_login_host%'
port: '%database_login_port%'
dbname: '%database_login_name%'
user: '%database_login_user%'
password: '%database_login_password%'
charset: utf8mb4
admin_login:
driver: pdo_mysql
host: '%database_admin_host%'
port: '%database_admin_port%'
dbname: '%database_admin_name%'
user: '%database_admin_user%'
password: '%database_admin_password%'
charset: utf8mb4
app:
driver: pdo_mysql
host: '%database_app_host%'
port: '%database_app_port%'
dbname: '%database_app_name%'
user: '%database_app_user%'
password: '%database_app_password%'
charset: utf8mb4
orm:
auto_generate_proxy_classes: "%kernel.debug%"
default_entity_manager: app # specify the EM used by default (when using console commands f.e)
entity_managers:
login:
connection: login
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: false
mappings:
AppBundle :
type: annotation
dir: Entity/Login/Customer
prefix: AppBundle\Entity\Login\Customer
alias: Login
app:
connection: app
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: false
mappings:
AppBundle :
type: annotation
dir: Entity/App
prefix: AppBundle\Entity\App
alias: App
filters:
customer_flt:
class: AppBundle\Security\CustomerFilter
admin:
connection: admin_login
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: false
mappings:
AppBundle :
type: annotation
dir: Entity/Login/Admin
prefix: AppBundle\Entity\Login\Admin
alias: Admin
My security.yml
security:
encoders:
AppBundle\Entity\App\User:
algorithm: bcrypt
cost: 12
AppBundle\Entity\Login\Admin\AdminUser:
algorithm: bcrypt
cost: 12
role_hierarchy:
ROLE_SUPER_ADMIN: ROLE_ADMIN
ROLE_ADMIN: ROLE_USER
# http://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
providers:
app:
entity:
class: AppBundle\Entity\App\User
property: username
admin:
entity:
class: AppBundle\Entity\Login\Admin\AdminUser
property: login
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/app
anonymous: ~
guard:
authenticators:
- app.security.login_form_authenticator
logout:
path: /app/logout
target: /
provider: app
admin:
pattern: ^/admin
anonymous: ~
guard:
authenticators:
- backend.security.login_form_authenticator
logout:
path: /admin/logout
target: /
provider: admin
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_SUPER_ADMIN }
- { path: ^/app/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/app, roles: ROLE_USER }
What am I missing here?

Issue solved! Just an update so that everyone can find the answer when googling for it.
The issue was caused by a missing manager_name property in the providers section of the security.yml file. This property provides a mapping from a provider to a specific entity_manager. Without these Symfony takes the first (or default) entity manager and that fails (obviously) in my scenario.
providers:
app:
entity:
class: AppBundle\Entity\App\User
property: username
manager_name: app
admin:
entity:
class: AppBundle\Entity\Login\Admin\AdminUser
property: login
manager_name: admin
Sparse documentation of this can be found here: http://symfony.com/doc/current/security/entity_provider.html

Referencing non-parameter entries in config.yml

I have quite extensive config .yml files and I'd like to refer to various settings there:
security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_USER: ROLE_ADMIN
easy_admin:
entities:
Group:
form:
fields:
-
property: 'roles'
type: choice
type_options:
expanded: true
multiple: true
choices: "%security.role_hierarchy%"
Of course the last line doesn't work because %security.role_hierarchy% refers to parameters.security.role_hierarchy. Is there any valid way to reference security.role_hierarchy in easy_admin section?

The only valid way to do that in YAML is using the standard feature anchors and aliases. Anchors (that what is going to be referenced) are indicated by &<name> and alias (one or more points where the anchor is referenced) are indicated by '*`:
security:
role_hierarchy: &hr1
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_USER: ROLE_ADMIN
easy_admin:
entities:
Group:
form:
fields:
-
property: 'roles'
type: choice
type_options:
expanded: true
multiple: true
choices: *hr1
The value for the mapping entry choices, when retrieved will be the mapping:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_USER: ROLE_ADMIN
(translated to the hash or dictionary like object of the programming language the YAML parser is written in), and is the same entity as the value for the key role_hierarchy.

Symfony user Role inheritance

I am currently working on a system using symfony (with FOSUserBundle), and i have multiple roles within the role_hierarchy, which i would like to utilize inheritance.
I have the role_hierarchy of:
role_hierarchy:
ROLE_MEMBER: ROLE_USER
ROLE_MONITOR: ROLE_MEMBER
ROLE_SUPERVISOR: ROLE_MONITOR
ROLE_MANAGER: ROLE_SUPERVISOR
ROLE_ADMIN: ROLE_MEMBER
ROLE_SUPER_ADMIN: [ROLE_MANAGER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
If the user i am logged in as has ROLE_SUPERVISOR and i call:
$this->get('security.context')->isGranted('ROLE_MONITOR')
I would expect this to return true, but it currently returns false.
Without adding every role to each user, is it possible to inherit roles so that if i called isGranted, it would check all other "related roles" within the hierarchy? and if so, how?

You need to put [] around your roles. This works as expected for me:
role_hierarchy:
ROLE_USER: []
ROLE_STAFF: [ROLE_USER]
ROLE_SCORE_ENTRY: [ROLE_USER, ROLE_STAFF]
ROLE_SCORE_ADMIN: [ROLE_USER, ROLE_STAFF, ROLE_SCORE_ENTRY]
ROLE_ASSIGNOR: [ROLE_STAFF]
ROLE_ASSIGNOR_KAC: [ROLE_ASSIGNOR]
ROLE_ASSIGNOR_CORE: [ROLE_ASSIGNOR]
ROLE_ASSIGNOR_EXTRA: [ROLE_ASSIGNOR]
ROLE_ASSIGNOR_ADMIN:
- ROLE_ASSIGNOR
- ROLE_ASSIGNOR_KAC
- ROLE_ASSIGNOR_CORE
- ROLE_ASSIGNOR_EXTRA
ROLE_DEVELOPER: [ROLE_USER]
ROLE_ADMIN:
- ROLE_STAFF
- ROLE_ASSIGNOR_ADMIN
- ROLE_SCORE_ADMIN
- ROLE_ALLOWED_TO_SWITCH
ROLE_SUPER_ADMIN:
- ROLE_ADMIN
- ROLE_DEVELOPER
- ROLE_ALLOWED_TO_SWITCH

How can delete default block of SonataUserBundle or SonataMediaBundle in SonataAdminbundle list?

I do not know how can delete the default block of UserBundle, MediaBundle (just one of them...).
This is my config.yml:
dashboard:
blocks:
# display a dashboard block
- { position: left, type: sonata.admin.block.admin_list }
# groups:
# sonata_page:
# label: Taules
# items:
# - sonata.admin.collection
# - sonata.admin.gender
# - sonata.admin.family
# - sonata.admin.color
# - sonata.admin.size
# - sonata.admin.article
And my security.yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_SONATA_READER:
- ROLE_SONATA_ADMIN_LIST
- ROLE_SONATA_ADMIN_VIEW
ROLE_SONATA_EDITOR:
- ROLE_SONATA_ADMIN_CREATE
- ROLE_SONATA_ADMIN_EDIT
ROLE_SONATA_ADMIN:
- ROLE_SONATA_ADMIN_DELETE
- ROLE_SONATA_ADMIN_EXPORT
ROLE_STAFF: [ROLE_USER, ROLE_SONATA_READER]
ROLE_ADMIN: [ROLE_STAFF ,ROLE_SONATA_EDITOR, ROLE_SONATA_ADMIN]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

You can use the Sonata AdminBundle security option to use the Role Handler, to let only one group the access to these administrations.
sonata_admin:
security:
handler: sonata.admin.security.handler.role