I want to set up a user login process on top of sfGuardDoctrine, which sets the password to a random one. This is happening when the user is created or when his password is reset.
I figure I should centralise this routine in the sfGuardUser model class? What I can't figure out is how to get the Swiftmailer instance from there. All documentation seems to call it from within an action.
You need to get the context to get access to the mailer object. This is a compose and send example that should work in your model class.
$sent = sfContext::getInstance()->getMailer()->composeAndSend(
"sender_email",
"recipient_email",
"subject",
"body"
);
Related
I need to get the user with some username but the function call seemingly does nothing. I'm using the exact same call in a different controller and it's working just fine.
This is the line:
var user = await _userManager.FindByNameAsync(username);
When I put a break point on this line and the line below it, the debugger stops on this line, and when I try to go to the next line it just pauses for a bit and skips the rest of the function. As a result the controller function also doesn't return anything. Both controllers where I use call this function have the exact same declarations for _userManager and use it in the same way. Only difference is that the one that works gets its parameter from a passed objects property, whereas the other one just uses a string.
Please help I'm starting to lose my hair.
Ensure that you initially create the user using the CreateAsync method of a Microsoft.AspNetCore.Identity.UserManager instance. If you create the user by adding it directly using Entity Framework, you won't be able to find it using FindByNameAsync.
Note: Anybody facing this issue because they couldn't create users using "CreateAsync" or they have an already existing set of users, apply this solution.
Make sure the users in your database who where not created using the "CreateAsync" method of the user manager pass through the following.
//Get the corresponding user by id
var usr2 = _userManager.FindByIdAsync("youruserid").Result;
//Apply the following updates to the user model in the database
var res = await _userManager.UpdateSecurityStampAsync(usr2);
await _userManager.UpdateNormalizedEmailAsync(usr2);
await _userManager.UpdateNormalizedUserNameAsync(usr2);
await _userManager.SetLockoutEnabledAsync(usr2, true);
Apply the above code to every user in your database that was not created using "CreateAsync".
After these steps, you'll now be able to Find your user by username and email.
Note: If your users weren't assigned claims, don't forget to assign claims in the Database.
In a controller, I have an action meant to display a user. The argument is the user to be displayed and is automatically fetched through a parameter converter.
Now I want to secure this action (displaying a user profile) so that only users with the USER_VIEW permission (currently implemented as a custom Voter) have access.
Using an #Security annotation it would look like:
/**
* #Security("is_granted('USER_VIEW', user)")
*/
public function showAction(User $user) {...}
This doesn't work because the user variable in the expression refers to the authenticated user rather than the action argument.
The documentation mentions that, but this is rather unfortunate.
How can I fix this issue and get my $user argument passed to the security expression? I could rename it, but perhaps there's something better to do.
I was also wondering if this should be considered a bug in Symfony, since 'user' is a rather common word, perhaps it should be renamed to something more specific such as 'authenticated_user' or 'security_user' or something. The same goes for the other 3 variables that are passed to the expression by Symfony: 'token', 'request', 'roles'.
Thanks.
After creating a model and adding it to a repository I want to have the new ID for different purposes (creating a mail, updating other fields outside the Extbase world)
$page = t3lib_div::makeInstance('Tx_MyExt_Domain_Model_Page');
$page->setTitle('Hello World');
$this->pageRepository->add($page);
At this point $page hasn't got an ID yet, uid is null.
$page->getUid(); // returns null
When does it get it? And how can I retrieve in on runtime?
In ExtBase, objects are "managed". This means every persistence transaction (add/remove/update) is simply noted in the underlying logic, but not yet executed until the appropriate time (like the end of processing a request). So, just because you add an object to a repository doesn't mean that it's actually added yet. That actually happens once $persistenceManager->persistAll() is called, which isn't something you need to do manually, ever. The point is, your $page object won't have a UID until it's saved and that's why $page->getUid() returns null. Look here for a great explanation.
I suspect that you are trying to do something outside of the ExtBase object/MVC lifecycle. At least, last time I got null when I tried to get the UID of an object, it was because I wasn't operating within the framework appropriately.
However, if you post some more code and give us a bigger picture of what you're trying to achieve, maybe we can help you get to a point where that object actually has a UID. For instance, if you're in a Controller object, tell us which Action method you're in, or if you're in a Repository object, tell us what you're trying to get from the repository and where/how you plan on using the query results.
EDIT
Just guessing here, but I'm assuming you're executing this code in some action of a controller. Since after the controller is executed a view is rendered, you can just pass the page object to the view:
$this->view->assign('page', $page);
And then in your view you can use the page object in a link:
<f:link.action action="show" arguments="{page:page}">
See this page object
</f:link.action>
And then in the show action of your controller you can show the page:
public function showAction(Tx_MyExt_Domain_Model_Page $page) {
// Do whatever you need to show the page in the `Show.html` template
}
I really am just guessing here. If you can give us a larger picture of what you're trying to do, what your action methods are supposed to do and things like that, we can answer your question a little more confidently.
(I'm also assuming that your page object isn't a replacement for the regular TYPO3 pages and that they are something totally different. It's much easier to deal with those TYPO3 pages through the backend interface than at the php level.)
You can call persistence manager explicitly in Your controller like this
#TYPO3 4.x
$persistenceManager = $this->objectManager->create('Tx_Extbase_Persistence_Manager');
$persistenceManager->persistAll();
#TYPO3 6.x
$persistenceManager = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\CMS\Extbase\Persistence\Generic\PersistenceManager');
$persistenceManager->persistAll();
I have a class "User" that is inherited by two other classes(LocalUser and Donor). I have created a custom membership provider for ASP.net forms authentication and overridden the ValidateUser() method. In the ValidateUser() method of my custom membership provider, I need to pass in a parameter to know whether the "User" to validate is "LocalUser" or "Donor" and accordingly validate the user against the database. The problem is that ValidateUser() takes only two parameters (username and password). So there is no scope for me to push in another one. One thing that came to my mind was to set a session variable but then I was looking for a cleaner approach. Any suggestions?
Just create an overridden version of your Validate method, taking 3 parameters and call it directly like:
((MyCustomMembershipProvider)Membership.Provider).Validate( username, pass, anything );
The only drawback of such approach is that you can no longer rely on the automatic invocation of the two-parameter version of the Validate method, if and only if it is automatically called from somewhere (for example from the asp:Login control)
You could send both username and usertype in username field and then parse it in ValidateUser method? Like this: username|userType. Of course, you should forbid entering delimiter in username field.
The documentation reads:
Helper function for authentication
modules. Either login in or registers
the current user, based on username.
Either way, the global $user object is
populated based on $name.
It seems to me that this function does not actually perform a login (it does not trigger the user_hook with op=login. It does not call user_external_login or even user_authenticate_finalize.
Am I interpreting it wrong?
I looked through the code, and it doesn't invoke hook_user() op = 'login'. You can do that in your own module though.
Look at user_module_invoke() to do this.
It does log the user in.
Last lines in code,
// Log user in.
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
, seems to say that, in spite of submitting a wrong password.
System seems to create a user (named like that name provided in the login form) and save locally whichever wrong password provided (which will be, then, the "right" password).
If you do not take further action, then, it will not even care about an external authentication source and the real onwer of that name will not be able to log in later...
Scary, uh?