All geek questions in one place

Symfony sfGuardUser hasCrendential live after update

I use symfony 1.4 and sfGuardDoctrinePlugin, I have it installed and configured normally, but I have the following problem:

If I log in as an administrator and update permissions for a user, this user must log out and then log back in before having the newly added permissions / permissions.

Is there any way around this?

I'm not sure how easy it is to fix it. When a user logs in, I think their credentials are added to their session attributes. Therefore, when an administrator updates their credentials, their session still contains the old credentials. This means that any hasCredential call is not live.

thank

+3
source share
3 answers

This will add additional requests to each request of your application. You can force credentials to be updated $user->getSfGuardUser()->refresh(true)to reload the object and all its relationships (and therefore its permissions).

+2
source

Thanks for your answer, I changed the processForm function of the sfGuardUser module action class.

If I log in and change my own permissions, the session is updated there and then.

, , . , , , . , .

: sess_id, sess_data, sess_time.

sess_data , , .

, symfony , .

, , user_id, . user_id, .

+1

I know this is an old question, but I recently had the same problem and it took me longer to find the answer (which was posted in the Symfony code snippet section). Paste this function into your myUser class and all problems go away:

/**
   * Overridden method that actually reads the permission from DB
   * instead of relying on data present when the user logs in.
   *
   * @param  string  permission name
   *
   * @return boolean true if the user has credential
   */
  public function hasCredential($permission_name)
  {
    if (!$this->isAuthenticated()) {
      return false;
    }
    $gu = $this->getGuardUser();
    $groups = $gu->getGroups();
    $permissions = $gu->getPermissions();

    $permission_names = array();
    foreach($permissions as $permission) {
      $permission_names[] = $permission->getName();
    }
    foreach($groups as $group) {
      $group_permissions = $group->getPermissions();
      foreach($group_permissions as $group_permission) {
        $permission_names = array_merge($permission_names, array($group_permission->getName()));
      }
    }
    $permission_names = array_unique($permission_names);
    return (in_array($permission_name, $permission_names)) ? true : false;
    }
0
source

Source: https://habr.com/ru/post/1765818/

More articles:


All Articles