I'm trying to create/edit users and I'm having a slight problem with the password field.
When creating a user, it is fair to assume that the password field is required, however, I don't want it required when editing a user
Is there an easy way to do this?
I'm using the SonataAdminBundle to manage the User Form (NOT SonataUserBundle)
I think you can do it in two ways:
Use inheritance. Create a base FormType and then inherit it to create CreateUserType and EditUserType that add custom password settings
Use same form and leave password as not required, then in the "create user" controller check if password field has been filled and throw an exception if it is empty
Maybe there are more approaches to your problem. I usually use the second one but choose the one fits best to you.
Related
I've created a User custom class in my Bundle. It inherits from the BaseUser class of FOSUserBundle.
In my class, I've defined several attributes which are entities of my Bundle, like Adress, Avis etc.
I have defined the formType of all my forms with data_class User.
It allows me to retrieve interesting user information like username (!) and displaying it in my forms.
BUT when I validate my forms it asks me to fill the plainPassword field of User class as it is a mandatory attribute.
First I wanted to retrieve the password from database to fill it in the form before displaying it but it seems impossible as a security measure.
So I've tried to stock it in the session (ugly I know) after registration but it seems not possible to force the form data with a value (surely because it is a password type field)...
So question is : what would you do ?
But what is the purpose of retrieving it?
You want to modify any of user's data like username or email?
Remember you can have /profile 'module' in FOSUser Bundle, which is used for modifing for example username and email.
For changing password you have separate 'module' change password (I don't remember path). Maybe that's what you are looking for? Of course that way user can edit only his own data. These modules are ready to use by deafault (you have to provide routing for them).
If you want for example, that admin modifies the other user's data that can be interesting for you:
In case of password, take a look at column in db called 'salt', which is used for encoding password in db. If you try to save password in db without salting it won't work - so I think if you want to change the password in db by some custom action - you have to set plain password and the it will be automatically encoded.
If you want to fill some form's fields by default read something about forms in Symfony, Fields types and something about their additional features and remember that password field require individuall approach.
I would not store the users plain password anywhere, let alone display it in the browser.
Playing with plain text passwords like you are doing is major security threat to your application, and any and all users using it.
The default User class in FOSUserBundle has two fields for the password, password and plainPassword. That plain password is filled in by the form, then, in the controller, the password field is generated by whatever encryption method you have configured for the firewall. The new user is then added to the database and the plain password field is cleared and never used again.
If you are trying to set up a forgot password solution, I would recommend emailing the user with some kind of unique key (as a URL parameter), ask them to confirm then give them the opportunity to update their password.
In order to register, users have to select a their account name created by my moderators. That means that a moderators have to create an account name before the user registers.
To do so, I made a first entity, let's call it "Member", that has a field "account". Then I added to this entity the boolean field "bound" that is set to false by default.
What I want to do is to set this field "bound" to true when someone registers after he selected his account name and fill the FOSUserBundle required fields (username, passwords, email...).
I tried to follow the documentation of "overriding controllers", but I'm getting an error (You have requested a non-existent service "fos_user.registration.form".) and this is where I'm stucked.
Using controller events can maybe help me, but I do not know which is the best solution.
If anyone has a solution to my problem, I'll be really grateful.
You should used the controller event to hook after the registration process, and more specifically the
REGISTRATION_COMPLETED event (if I remember correctly).
I have a Drupal website that uses the Quiz module to administer tests to visitors. These tests need to be available to anonymous users. My problem is that I need to be able to ask the test taker to enter name and e-mail so the results can be sent to them. I just don't know how to go about doing this. I consider myself a beginner in Drupal and PHP.
Any help would be appreciated.
-First of all, create a custom module.
-Secondly, you need to add the email address and name fields. You can do this by either adding the two fields via hook_form_alter in your custom module or by enabling and using the Short Answer module/field that's included in your Quiz module and then customising the style of the field according to your needs (because it'll look like a question). Personally, I would recommend adding them using hook_form_alter. Plus, I suggest you learn about Hooks in Drupal, it will make your life easier.
-You have to validate and retrieve the values for the two fields. You can also use the same form_alter hook for this. Add a validation and a submission function to the validate and the submit stack of your Quiz form ($form['#validate'][] = 'your_validate_function'; and $form['#submit'][] = 'your_submit_function';). You can validate your email by using Drupal's function valid_email_address and, of course, you can validate other fields and calling Drupal's form_set_error to notify users of any input mistakes.
-To send your email after the Quiz is submitted, call Drupal's drupal_mail, in your submit function, which basically takes all the parameters needed to send an email. You'll have to create a hook_mail in your custom module. Check out an example of how to do this here. You can retrieve your form values (name and email address) from the local array $form_state['values'], pass them as $params to your drupal_mail function and add them to the body of your email in your hook_mail function. And that's it :D
-Alternatively, you can send an email by creating an action and assigning an action to be performed after a user has completed this Quiz. The Quiz module has support for that. Here's an example of how to write an action.
You may also use hook_quiz_finished instead of form submit callback.
Quiz module uses it to perform actions like sending results over email at the end of a quiz.
function mymodule_quiz_finished($quiz, $score, $session_data) {
//Sending e-mail.
}
If you ended here and you are using Drupal 7, go to Rules http://www.yourwebsite.com/admin/config/workflow/rules, and set the rule that the Quiz module has made available already to active under the settings, the rule is called "Send quiz results at the end of a quiz". I couldn't find the ability to do this anywhere within the Quiz config itself. Tested and its working. Be sure that the Rules Module UI is enabled to allow you to make the edits.
What's the appropriate way to add a user to a role.. for every new user, do I have to do:
$em->getRepository('MyBundle:Role')->findOneBy(array('name' => 'ROLE_USER'))
every time?
I'm not too much of a fan of how large UserBundle is.... and I don't use XML. I'm using YML/Annotations, so the UserBundle is pretty hard to follow for certain things.
So yes, what's the best / cleanest way to do a user signup and associate him to a default role?
The simplest way I've found is just to define roles as a field of type array on your User object. Then, when you're creating the user (on registration or whatnot), it's as simple as
$roles = array('ROLE_USER');
$user->setRoles($roles);
I've put together a mockup of my user registration process in this gist. It's not fully functional (I can flesh it out later if needed), but it should get you pointed in the right direction.
I wrote a couple of blog posts on roles, a simple solution http://blog.jmoz.co.uk/symfony2-fosuserbundle-roles and http://blog.jmoz.co.uk/symfony2-fosuserbundle-role-entities
I have a content type which has a lot of fields 50+. 30 or so are required fields. I want my user to be able so save the node before all the required fields have been filled in. The node can not be published until all the required fields have been filled in. Is there a way I can do this.
Not directly. Required fields are exactly that. You'll need to make your fields optional and handle the node save event and prevent publishing until each of the fields has been filled in. If you don't feel like all that php, Rules module can handle this kind of thing very nicely - http://drupal.org/project/rules.
Another alternative is that you might be better off with something like a webform - http://drupal.org/project/webform, though I don't know if it has any save and resume functionality out of the box so you might need to check that out first.
This module will do the job:
http://drupal.org/project/multistep
You can split your form to steps and only the fields in the current step have to be filled by the user.