symfony configuration parameter storage entity - symfony

In a symfony project, I'm looking the best way to storage some configuration parameter such as the application is online, offline or accesible.
I need to change this value constantly from the web interface with my role ADMIN, so I could put the application offline during maintenance period, but for the ADMIN role the application will be available (not for other users). In each redirect, I ask for this configuration (this is already agreed).
I thougth create an entity with this configuration param, but this table will have no more than one row, so I'm asking me if this is the best way. Is there any other way to storage this param in Symfony?
Thanks a lot.

Having a "settings" table for this sort of things is a common solution. You can manage them easily with SettingsBundle.
Alternatively you could use Symfony Cache to store it: https://stackoverflow.com/a/43785356/1637446

Related

Sharing entity and data across databases / entitymanagers

I'm currently building a huge Symfony2 project, which consists on a central application (let's call it "Main", and different standalone projects, mostly on Symfony2 too (let's call these "Satellites").
The Main project will have its own database, and each Satellite too. However, the Main project will manage some critical data (users, roles, etc...), and this data needs to be available on each Satellite. This means some kind of "replication" from certain entities to a list of databases (managed by other Symfony2 apps, or not)
The part that is actually working is the mapping. I have a Bundle which provides the User and Role model classes. Other bundles just have to extend those classes (FOSUserBundle style), and the mapping will be performed correctly.
I am actually struggling with the "replication" from the Main project to each Satellite's database. Basically the perfect workflow would be:
A User or Role is added / removed / updated on Main
A service loops through a list of database connections
re-executing the query / queries involved in step 1. on each other database connection. This implies not only using other entity managers, but mostly generating plain SQL queries to execute on servers where Satellites are not Symfony2 apps
I can hook on the "onFlush" event of Doctrine, and retrieve a list of entities that are going to be updated / persisted / removed. The part where i'm completely lost is the 3.
Is it even possible ? Any help would be greatly appreciated.
I had same situation in one of my project, we have Main and Satellite application,
all required datas hold in main and all applications talking each other via APIs, also in satellite application we have custom user provider which is authenticate users from main server. You could follow this way. http://symfony.com/doc/current/cookbook/security/custom_provider.html

Symfony 2.7 application audit trail - Best practicies

I have a large multi-tenanted Symfony2 application using doctrine and around 40 to 50 database tables in MySQL.
Has anybody had experience setting up an audit logging process for, at a minimum, tracking all Doctrine actions that create, edit or delete data in a large application?
Ideally it should "just happen" so that other developer don't need to worry about making their new entities or code "loggable".
I don't have specific requirements to meet (HIPAA etc) but it would be nice to be as close to any ISO27000 best practices as I can be.
My inital plan is to look at using some of the Doctrine lifecycle callbacks to grab the information and push it off into a a seperate MySQL database with no DELETE or UPDATE permissions. I'm concerned this method might have a big performance impact.
Has anybody done this before or anything similar that has any tips or words of warning abot my planned approach?
If it matters the whole stack is running on AWS and I can use any of their services in the EU-WEST-1 region. I am already using things like RDS, Elasticache and SQS.
Thanks!
OroPlatform is built in Symfony 2.8 and has a bundle called OroDataAuditBundle that audits all Doctrine entity operations (create, update, delete) at a deep level in just two tables: oro_audit and oro_audit_field.
And it looks like that in the UI:
You will not probably be able to use this bundle in your project - since it is built for OroPlatform - but, you could at least get some inspiration from their architecture.
If you want to check this audit system working, they have an online demo in https://demo.orocrm.com. Just log in as administrator and play around creating entries, and then you will be able to check all audit entries in https://demo.orocrm.com/audit.

Symfony2 application architecture

I want to actually implement two applications.
Application (server 1)
A management application to manage users and buildings. CRUD Controller for users, roles and buildings. To use this application an login is required. Analyse answers / results from questionnaires which will be filled in appplication 2.
Application (server 2)
Login with the user names which will be created in application one
Document Exchange bundle. Users can share documents
Questionnaire bundle, users can create questionnaire
Other users filling of questionnaires
Not every user can use every bundle in application 2. Only users with specified roles can use a bundle, the user roles will be defined in application 1.
I need an idea how I could realize the data exchange in such a case? Because application 2 require the user, roles from database of the first application. In the ideal case, I do not want data redundancy.
The first application i implement in symfony2 and i'm not sure whether to share a good idea the applications or is it better idea to integrate the bundles from application 2 in application one?
Can someone give me tips?
The easier solution could be done with the use of one App. The Security Component of Symfony2 can manage different roles and access to specific action or bundle. Moreover you can use JMSSecurityExtraBundle Annotations to simpler your work.

How to dynamically setup User Permission in JavaEE6

I'm currently working on a JavaEE6 project and I want to setup a dynamically assigned set of permissions to a user or role. In seam2, this can be achieved by org.jboss.seam.security.persistentPermissionResolver, I'm wondering if there's an equivalent approach or technology with JavaEE6. So far in Oracles's JavaEE6's documentation all I can see were setting the directory access in web.xml.
What's the best approach (real world) in JavaEE6 to setup authentication and authorization? Possibly through database or LDAP.
Thanks,
czetsuya
After researching for sometime, one of the best security technology out there that I was able to test was Apache Shiro. I'm happy with its fine-grained permission level control. So I'm using it for my JavaEE6 project. As to how I integrate both here's the link: http://czetsuya-tech.blogspot.com/2012/10/how-to-integrate-apache-shiro-with.html

Where can I store User Permissions for my website?

Hai,
i am trying to store the user permissions for my web site.But I am little bit confused with xml and Database. For each user in site have different permissions. Have u ever faced this issue? for Example , if my site is a shopping site , for a local user , the report menu need not to display. A sales man need not to display the purchase page. and so on ..
I think you understood my problem .I have done this user management using a xml file . For each user a new node will create according to the menu and keep in the xml file . Next time the user login ,checks the permissions and and show only the allowed menus.
My boss tell me to do the same thing using the Database. by using XmlDataSource it is quite simple to bind data to the treeview (for setting permission) and binding to the menustrip also.
He is pointing the security problem . i don't think like so.
Which is better ? DB or XML
http://msdn.microsoft.com/en-us/library/yh26yfzy.aspx
My advice would be to use asp.net membership and roles (written by Microsoft). It is a very good security solution - login security, roles (permissions) and is stored in a SQLServer database (not sure if it can be stored elsewhere).
I use it on my site and you can use membership controls straight out of the box (login forms, change password, etc.) or you can roll your own.
The only tricky bit I found was setting up the membership tables, views and stored procs in my dB (you download a dB script), but really it was fairly straightforward to implement.
Here's a link to asp.net membership and roles
ASP .NET Membership and Roles (part of the Provider Model introduced on ASP .NET 2) is (IMHO) nice only when you need some basic stuff. The issue is that you need to use the whole system using SQL Server, but if you are planning to move to a different DB provider (MySQL, SQLite, etc..) then you'd have to implement your own provider (which is at best painful), and learn how the whole pieces fit each other. Granted, finding a custom implementation it's quite easy, but is not a copy & paste thing.
Another bad thing of the default provider model is that you will get a ton of SQL stored procedures, also called maintainance nightmares. The issue is that if your site scales, then these SP's will make your life a living hell (been there) and if you even dare to change hostings then you're in for a treat, so my advice would be make your own permissions hierarchy and use it the way you wish. Also, look for advices and some pre-existing solutions to the permissions problem which is quite common.
Website security can be split up into to distinct parts.
Authentication: Logging in
Authroization: Roles/Permissions.
The ASP.NET Forms Authentication Provider is a great way to implement authentication. I recently created a custom provider that communicates with our companies X500 directory (LDAP). It was very straight forward.
For Authorization, we implemented the entlib security application block. It allows you to keep Roles/Permissions in a separate location that can be accessed by your UI as well as your service layers (assuming your developing a scale-able solution). You may also want to look at the Windows Itentity Foundation which is slated to supersede entlib security application block, however it is only available for .NET 4.0.

Resources