This forum is in READ-ONLY mode.
You can look around, but if you want to ask a new question, please use the new forum.
Home » legacy support » symfony 1.0 » Credentials - Action Restriction  (1) 1 Vote(s)
Credentials - Action Restriction [message #36509] Sat, 29 September 2007 11:21 Go to next message
pratheesh  is currently offline pratheesh
Messages: 3
Registered: September 2007
Junior Member
Hai,
I am using symfony 1.0.1 . I have set credentials for users at
the login time. Also i set credentials for actions in the security.yml in action class. I am checking the use rcredential
as $sf_user->hasCredential();

Now my question is ...... Is it possibele to retrieve the credential name of an action...........
For eg: My Action class name EmployeeAction extends sfAction

Inside it an action named List.....
In the security.yml, i written

List:
is_secure: on
credentials: administrator

What i want to know is it possible to fetch the credential name 'administrator' of the action List in the Action Class.

Hoppng the best and fastest replies.
With Regard's
Pratheesh
Re: Credentials - Action Restriction [message #37522 is a reply to message #36509 ] Tue, 16 October 2007 15:42 Go to previous messageGo to next message
djrenow  is currently offline djrenow
Messages: 7
Registered: November 2006
Location: Paris, France
Junior Member
I'm not sure to fully understand what you mean but if you want to check user credentials in actions you can use :
<?php
$this
->getUser()->hasCredential('credential_name');
?>

which returns a boolean.

so in your case :
<?php
public function executeList(){
    if(
$this->getUser()->hasCredential('administrator'){
        
//do something
    
}
//...
}
?>
Re: Credentials - Action Restriction [message #37560 is a reply to message #37522 ] Wed, 17 October 2007 08:18 Go to previous messageGo to next message
pratheesh  is currently offline pratheesh
Messages: 3
Registered: September 2007
Junior Member
Thanks for ur reply......
My actual question is ,,
the user will have a credential like adminisrator,user.......
then for every action....we will write...which type of credential can access rhat action.....
for eg....an action can access only administrator....
otherwise both administrator and user.....
the point is...... is it possible to find the credentials of an action from a different module or different action.
Re: Credentials - Action Restriction [message #52502 is a reply to message #36509 ] Thu, 22 May 2008 11:34 Go to previous messageGo to next message
cristiano86  is currently offline cristiano86
Messages: 7
Registered: May 2008
Junior Member
If you want to give access to select action eg. 'administrator' it's enough to configure it in security.yml in selected module. In your first post you have written:
List:
is_secure: on
credentials: administrator


If you want to secure an action and add permission only for selected group of users; in these modules you should write security rule for protected actions. You don't have to check credentials in view, symfony do it for you, if you have security.yml file in your module.

Sorry for my English.

[Updated on: Thu, 22 May 2008 13:04]


http://www.fothost.pl/upload/09/07/c5dc0675.jpg
Re: Credentials - Action Restriction [message #53012 is a reply to message #52502 ] Thu, 29 May 2008 11:53 Go to previous messageGo to next message
mauro.casula  is currently offline mauro.casula
Messages: 29
Registered: October 2007
Junior Member
Hi,

i think this function will help you.
Put this in myUser.class.php of your application ( backend or frontend or both )


This function return true if the current user can access that function.
With few changes, you can adapt this for your needs.

<?php 

 public function canAccess($module, $action)
 {
   require(sfConfigCache::getInstance()->checkConfig(sfConfig::get('sf_app_module_dir_name').'/'.$module.'/'.sfConfig::get('sf_app_module_config_dir_name').'/security.yml', true));

   if (isset($this->security[$action]['credentials']))
   {
     $credentials = $this->security[$action]['credentials'];
   }
   else if (isset($this->security['all']['credentials']))
   {
     $credentials = $this->security['all']['credentials'];
   }
   else
   {
     $credentials = null;
   }

   if ($credentials === null)
            return true;

   return $this->hasCredential($credentials);
 }

?>


bye.
Mauro Casula
http://www.symfony-framework.com
Re: Credentials - Action Restriction [message #74498 is a reply to message #53012 ] Tue, 10 March 2009 20:18 Go to previous messageGo to next message
koneser69  is currently offline koneser69
Messages: 17
Registered: November 2008
Location: g
Junior Member
Hi

Quote:


is it possible to find the credentials of an action from a different module or different action.



@Mauro Casula
how can I use your code in symfony 1.2
icon14.gif  Re: Credentials - Action Restriction [message #99151 is a reply to message #74498 ] Sun, 16 May 2010 13:02 Go to previous message
fchris82  is currently offline fchris82
Messages: 4
Registered: May 2010
Location: Budapest
Junior Member
Symfony 1.4.4

<?php
  
public function canAccess($module$action)
  {
    require(
sfContext::getInstance()->getConfigCache()->checkConfig(sfConfig::get('sf_app_module_dir').DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.'config'.DIRECTORY_SEPARATOR.'security.yml'true));

    if (isset(
$this->security[$action]['credentials']))
    {
      
$credentials $this->security[$action]['credentials'];
    }
    else if (isset(
$this->security['all']['credentials']))
    {
      
$credentials $this->security['all']['credentials'];
    }
    else
    {
      
$credentials null;
    }

    if (
$credentials === null)
            return 
true;

    return 
$this->hasCredential($credentials);
  }
?>
Previous Topic:sql queries do not appear in the web debug bar
Next Topic:Clearing specific function cache
Goto Forum:
  

powered by FUDforum - copyright ©2001-2004 FUD Forum Bulletin Board Software