What I want to do if when a user loging check if he/she has all fields (user fields) complete in the database.
I can check when they loging those fields and then redirect to the profile view, but once they are in the profile view they still can see the menu, so they can easily go to others options and since they are already loging I cannot check it anymore in this way.
So I though that maybe using the controller Event listener I can check that, so I check is the controller is different to the accountController(which have the view to edit profile) and if is different I can check the fields.
The problem with that approach is in the accountController and in other controller they are twig {%render....%} that fires again the controller event and that give me infinity calls.
What approach would better? Thanks
Your idea of using the controller event (kernel.controller) to check for the fields is correct. In your event handler, you just need to check whether the request is the master request...
use Symfony\Component\HttpKernel\HttpKernel;
class FieldUpdater
{
/**
* Updates user's fields
*
* #param \Symfony\Component\HttpKernel\Event\FilterControllerEvent $event
*
* #return void
*/
public function onCoreController(FilterControllerEvent $event)
{
//if this isn't the main http request, then we aren't interested...
if (HttpKernel::MASTER_REQUEST !== $event->getRequestType()) {
return;
}
// update fields
}
}
This way you won't end up with this being fired on every call to {% render ... %}
Related
Goal:
I have a DataObject called "Event". This is in a managed_model for "EventsAdmin" (extending ModelAdmin). When editing an Event, I want a tab on the record called "Moderation" that has a few fields and two buttons: "Approve" and "Reject". These two buttons call an action each that performs relevant actions.
Event extends DataObject
public function getCMSFields() {
$fields = parent::getCMSFields();
$eventStatus = $fields->dataFieldByName("EventStatus")
->setTitle('Current Status')
->setDisabled(true);
$approveButton = FormAction::create('doApproveEvent', _t('SiteBlockAdmin.Approve', 'Approve'))
->setUseButtonTag(true)
->addExtraClass('btn-outline-success font-icon-check-mark-circle');
$rejectButton = FormAction::create('doRejectEvent', _t('SiteBlockAdmin.Reject', 'Reject'))
->setUseButtonTag(true)
->addExtraClass('btn-outline-danger font-icon-cancel-circled');
$fields->addFieldsToTab('Root.Moderation', [
$eventStatus,
$approveButton,
$rejectButton
]);
return $fields;
}
This displays the buttons just fine. But they don't do anything. So I am trying to work out how they can plug into action methods doApproveEvent and doRejectEvent (And where they should go)
I did find docs that led me to adding the buttons to the action bar at the bottom of the CMS page via updateFormActions(). But this isn't what I want as the other fields I am adding above the buttons are part of the Approve/Reject process. Here is the code for this method. This works fine barring the buttons are not in a logical place for the process I'm trying to create.
class CMSActionButtonExtension extends DataExtension
{
public function updateFormActions(FieldList $actions)
{
$record = $this->owner->getRecord();
if (!$record instanceof Event || !$record->exists()) {
return;
}
$approveButton = FormAction::create('doApproveEvent', _t('SiteBlockAdmin.Approve', 'Approve'))
->setUseButtonTag(true)
->addExtraClass('btn-outline-success font-icon-check-mark-circle');
$rejectButton = FormAction::create('doRejectEvent', _t('SiteBlockAdmin.Reject', 'Reject'))
->setUseButtonTag(true)
->addExtraClass('btn-outline-danger font-icon-cancel-circled');
$actions->push($approveButton);
$actions->push($rejectButton);
}
public function doApproveEvent($data, $form) {
$record = $this->owner->getRecord();
// Approve logic
}
public function doRejectEvent($data, $form) {
$record = $this->owner->getRecord();
// Reject logic
}
}
The above Extension is attached to GridFieldDetailForm_ItemRequest
extension.yml
SilverStripe\Forms\GridField\GridFieldDetailForm_ItemRequest:
extensions:
- My\Namespace\CMSActionButtonExtension
Interestingly, if I have both sets of buttons on the page at the same time, the updateFormActions option works while my desired option still doesn't. Despite the buttons being of identical markup and sitting inside the exact same form tag. I assume that has something to do with how Silverstripe loads the main content panel and the DOM.
Any thoughts on achieving this? Anyone seen a button added to the main CMS panel in a module that I could take a look at? I found this post from 5 years ago, but it's for SS3 and the answer doesn't work for me.
Short answer:
you have to add custom FormActions through an Extension on the Controller that controls the form (or on the form itself
Long Answer:
A bit of background on how SilverStripe does forms:
Generally speaking, forms are always served through Controllers/RequestHandlers (they need to be accessible on some route, usually that's an Action on a Controller that is often named Form, EditForm, ItemEditoForm, ...).
Fields
Inside the CMS you rarely ever have to create your own form, that's done by the CMSs built in Controllers/RequestHandlers for the admin area (GridFieldDetailForm_ItemRequest in this case).
Basically (pseudo code here), what those controllers do is:
public function EditForm() {
$fields = $myCurrentlyEditingDataObject->getCMSFields();
$actions = ...;
$validator = ...;
$this->updateFormActions(&$actions);
$form = new Form('ItemRequestForm', $fields, $actions, $validator);
$this->updateItemEditForm(&$form); // or $this->updateEditForm()
return $form;
}
So, getCMSFields() and in some cases getCMSActions()/getCMSValidator() (not sure if those 2 are still used in SilverStripe 4.x), you can add things to the form, without ever seeing the form object.
Also, the getCMSFields() will always be put into the ``` section of the Form, that's why your button is somewhere in the middle with all the fields and not with the other actions.
Submission
When a form is submitted (eg to /admin/pages/edit/EditForm/265/field/NameOfMyGridField/item/542/ItemEditForm), it will call the action GridFieldDetailForm_ItemRequest->ItemEditForm() which returns the Form object where subsequently FormRequestHandler->httpSubmission() is called. This will then look at the submitted data to figure out what action was clicked (eg $_REQUEST['action_doApproveEvent']) and try to find that action.
The way it tries to find that, is checking if it itself has a method called doApproveEvent, if that fails, it will try Form->getController()->doApproveEvent() or something like that. In the case of a GridField, that controller is GridFieldDetailForm_ItemRequest which means it will try to call GridFieldDetailForm_ItemRequest->doApproveEvent()
So, that means DataObject->getCMSFields() lets you easily add FormFields (and FormActions) into your form body.
But it does not provide a means of adding a method to handle the submission.
That's why, for custom actions you need to modify the Controller (GridFieldDetailForm_ItemRequest in this case).
You are doing this by creating a Extension which you attached to GridFieldDetailForm_ItemRequest.
Any method in your Extension is added to the thing it's attached to, so if you add a method called updateFormActions, it will kind of become GridFieldDetailForm_ItemRequest->updateFormActions().
And if you recall from earlier, the controller will call $this->updateFormActions() during the creation of the form.
Additionally, as I explained earlier, when a FormAction is named doApproveEvent it will look for a GridFieldDetailForm_ItemRequest->doApproveEvent(), which now exists because you added it through that Extension.
So, in summary: you have to add custom FormActions through an Extension on the Controller that controls the form (or on the form itself
PS: the old post from
bummzack you linked to worked in 3.x, because the Controller in his example that created the form was an instance of LeftAndMain.
In Symfony 2, if a field is hidden or disabled and someone tampers the HTML to edit the value of those fields, will Symfony invalidate the form?
If a field is hidden then yes, the value will persist. If you are worried about people changing those values then you should either validate the contents on submit or not use them at all and handle those values in the backend.
If the field is disabled in the actual form type rather (than client side) then it will be ignored when handling the request as you can see in the code.
/**
* {#inheritdoc}
*/
public function submit($submittedData, $clearMissing = true)
{
...
// Obviously, a disabled form should not change its data upon submission.
if ($this->isDisabled()) {
$this->submitted = true;
return $this;
}
...
}
I open a modal with an iFrame, which serve restriced pages of a special controller. So, when I'm not logged in, the iFrame redirects to the general login-route, which actually extends the standard-layout file.
Now, what I want to achieve is, that if the the user isn't logged in and opens up the modal, the login/registration page should extend a different layout (without navigation bar etc.).
So, how can I set a different layout for the authentication views, only if the user is redirected to it through the modal? Any advice?
Thanks!
I would pass along a request parameter from the IFrame, to let the controller know that the request came from the modal, e.g. path/to/your/page?ref=modal-iframe:
Then in the controller I would check if the request parameter is present and correct or the user is logged in. In that case you go on outputing your template, otherwise redirect to the general login route.
use Symfony\Component\HttpFoundation\Request;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
class MyController extends Controller
{
/*
* #Template("YourBundle:User:login_registration.html.twig")
*/
public function myAction(Request $request)
{
$securityContext = $this->container->get('security.context');
if (($request->get('ref') && $request->get('ref') == 'modal-iframe') ||
$securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
return array();
}
else {
return new RedirectResponse($this->generateUrl('login'));
}
}
}
The template would then take care of loading the correct layout, depending on whether the user is logged in or not:
{% extends (app.user ? "layout1.html" : "layout2.html") %}
When a form doesn't validate, I need to access the submitted data inside a Form Class in order I can set some options in a custom field.
I have tried with
$data = $builder->getForm()->getData();
$data = $builder->getData();
but $data has the empty object. So... what is the correct form to access the submitted data by the user after validation error in the form class?
Thanks
The problem is you're trying to access submitted data when it has not be handled yet. Basically, when you are in a builder (buildForm for the abstract types), you are building your form structure. It has nothing to do with form submission/binding. This is why you get the initial data when you call $builder->getData() because it only know the initial data at this state.
Knowing that the form component allows you to access the submitted data via events. You can attach a listener to your builder and rely on one of the *_submit event. The FormEvent class will given you the submitted data with $event->getData().
See this doc for more information: http://symfony.com/doc/current/cookbook/form/dynamic_form_modification.html
Look into $options variable (var_dump it)
As I remeber you are looking for
$options['data']
Using Form Events.
For those who wonder how Form Events are used.
Here is an example where you can modify the form after the user has tapped the submit button.
use Symfony\Component\Form\FormEvents;
use Symfony\Component\Form\FormEvent;
// ...
/* Listener to order to set a price if it does not exist yet */
$builder->get('price')->addEventListener(FormEvents::PRE_SUBMIT, function (FormEvent $event) {
$data = $event->getData();
// modify it as you wish
$event->setData($data);
});
The FormEvents::PRE_SUBMIT event is dispatched at the beginning of the
Form::submit() method.
If needed, here is an example where you can modify the form price before you display it.
use Symfony\Component\Form\FormEvents;
use Symfony\Component\Form\FormEvent;
// ...
/* Listener to order to set a price if it does not exist yet */
$builder->get('price')->addEventListener(FormEvents::PRE_SET_DATA, function (FormEvent $event) {
$data = $event->getData();
if (null === $data) { $data = '0.00'; }
$event->setData($data);
});
The FormEvents::PRE_SET_DATA event is dispatched at the beginning of
the Form::setData() method.
I create User with FOSUserBundle, and when user created I create also a profile
User And Profile
I'd like that whenever the user changes the page, actually check that the user is navigating is authenticated and has also the profile
for now in my Controller i do
$user = $this->getUser();
if (!is_object($user)) { //i have to add || null !== $user->getProfile()
throw new AccessDeniedException('This user does not have access to this section.');
}
But I would not repeat this code in all controllers, and I would also check if the user has a profile, otherwise redirect to the home page
you can use JMSSecurityExtraBundle to add annotation for each action:
/**
* #Secure(roles="ROLE_USER, ROLE_FOO, ROLE_ADMIN")
*/
or without using of the bundle:
if (false === $this->get('security.context')->isGranted('ROLE_ADMIN')) {
throw new AccessDeniedException();
}
its more simple. Maybe theres another solution to make it for all your controller but i don't know it.
You can use the request listener :
http://symfony.com/doc/current/cookbook/service_container/event_listener.html#request-events-checking-types
Just add your magic and redirect through the event to the homepage