Digital Base – Blog » Add new tag

RSS
Jan
22
12 comments

How to unsecure admin generated modules in Symfony

Posted by Bart Vanderstukken in All, Programming

You gotta love the admin generator… There’s only one problem: it’s secured by default (according to the symfony site).
But I want to use these modules in a non-secured environment.
Adding credentials: [] in the admin generator does not work… Why?
Look at your automoduleactions. You’ll find a preExecute function:

  public function preExecute()
  {
    $this->configuration = new eventGeneratorConfiguration();
 
    if (!$this->getUser()->hasCredential($this->configuration->getCredentials($this->getActionName())))
    {
      $this->forward(sfConfig::get('sf_secure_module'), sfConfig::get('sf_secure_action'));
    }
 
    $this->dispatcher->notify(new sfEvent($this, 'admin.pre_execute', array('configuration' => $this->configuration)));
 
    $this->helper = new eventGeneratorHelper();
  }

This code is always executed before any action.

if (!$this->getUser()->hasCredential($this->configuration->getCredentials($this->getActionName())))

the getCredentials function:

  public function getCredentials($action)
  {
    if (0 === strpos($action, '_'))
    {
      $action = substr($action, 1);
    }
 
    return isset($this->configuration['credentials'][$action]) ? $this->configuration['credentials'][$action] : array();
  }
}

The problem is that hasCredential(array()) returns false.
My solution:
Override the hasCredential function in myUser

  public function hasCredential($credential, $useAnd = true)
  {
    //for usage in generator => + as credential will return hasCredential=true (even if user has no credentials at all)
    if($credential === true) return true;
    //btw => you could have checked for an empty array of credentials which is what the generator is returning
    return parent::hasCredential($credential, $useAnd);
  }

Now to make it work, put in generator.yml

  config:
     actions:
        _delete:        { credentials: admin }
        _list:            { credentials: + }
        index:           { credentials: + }
#        _new:         { credentials: + }
#        _edit:         { credentials: + }

Ps: You could also use false & -

EDIT: This problem appears to be fixed. View this ticket http://trac.symfony-project.org/ticket/5582 (thanks to Jukea for pointing that out)

, ,
Jan
21
1 comment

Simplifying Queries: Using sum, count, etc in Propel 1.3

Posted by Bart Vanderstukken in All, Programming

My old post handled Propel 1.2.

This is the way to do it in Propel 1.3

1
2
3
4
5
6
7

    $c = new Criteria();
    $c->add(FavoriteDatePeer::EVENTDATAPROPOSAL_ID, $this->getId());
    $c->addSelectColumn("SUM(".FavoriteDatePeer::SCORE.") as rank");
 
    $stmt = FavoriteDatePeer::doSelectStmt($c);
    $row = $stmt->fetch();
    return $row['rank'];
, , ,