I'm using Symfony2 with FOSUserBundle, the problem I have encountered was in editing a user account, when I tried to edit a specific user account, the retrieved user info is correct but when I tried to update the retrieved user info, the currently logged account would be the one being edited not the retrieved user account, how is it possible? What's wrong with my code?
ProfileController :
//edit user
public function editUserAction($id, Request $request)
{
$em = $this->getDoctrine()->getManager();
$user = $em->getRepository('MatrixUserBundle:User')->find($id);
if (!is_object($user)) {
throw new AccessDeniedException('This user does not have access to this section.');
}
/** #var $formFactory \FOS\UserBundle\Form\Factory\FactoryInterface */
$formFactory = $this->get('fos_user.profile.form.factory');
$form = $formFactory->createForm();
$form->setData($user);
$form->handleRequest($request);
if ($form->isValid()) {
/** #var $userManager \FOS\UserBundle\Model\UserManagerInterface */
$userManager = $this->get('fos_user.user_manager');
$userManager->updateUser($user);
$session = $this->getRequest()->getSession();
$session->getFlashBag()->add('message', 'Successfully updated');
$url = $this->generateUrl('matrix_edi_viewUser');
$response = new RedirectResponse($url);
}
return $this->render('FOSUserBundle:Profile:edit.html.twig', array(
'form' => $form->createView()
));
}
After the given user is correctly updated, you are returning a redirection to a custom route.
I guess the route matrix_edi_viewUser is an override of the original FOSUB\ProfileController::showAction.
Also, you have to create a specific showUserAction and pass it the updated user as argument.
The following code should works :
public function showUserAction($id)
{
$user = $em->getDoctrine()
->getManager()
->getRepository('MatrixUserBundle:User')
->find($id);
if (!is_object($user)) {
throw new AccessDeniedException('This user does not have access to this section.');
}
return $this->render('FOSUserBundle:Profile:show.html.twig', array('user' => $user));
}
The route :
matrix_edi_viewUser:
path: /users/{id}/show
defaults: { _controller: MatrixUserBundle:Profile:showUser }
And in your editAction, change your redirection to :
$url = $this->generateUrl('matrix_edi_viewUser', array('id' => $user->getId());
$response = new RedirectResponse($url);
Now, the user informations displayed in show will be the informations of the updated user.
Related
I have the following controller method which creates a new Category entity and persists it to the database:
/**
* #param Request $request
*
* #return array
*
* #Route("/admin/category/new", name="_admin_category_new")
* #Method({"GET", "POST"})
* #Template("Admin/category_new.html.twig")
*/
public function newCategoryAction(Request $request)
{
$category = new Category();
$form = $this->createForm(CategoryType::class, $category);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($category);
if (!$category->getSlug()) {
$category->setSlug();
}
if ($category->getFile() != null) {
$um = $this->get('stof_doctrine_extensions.uploadable.manager');
$um->markEntityToUpload($category, $category->getFile());
}
$em->flush();
$this->addFlash('success', 'Category successfully created');
$this->redirect($this->generateUrl('_admin_category', array('page' => 1)));
}
return array('form' => $form->createView());
}
Upon successful completion, it's supposed to redirect the user to a different URL. Instead, it just re-displays the current page/form. Any ideas? The route _admin_category does exist, and it is working:
$ bin/console debug:router
...
_admin_category GET ANY ANY /admin/category/{page}
...
And my Category entities are being saved to the DB properly.
You should return redirect response try
return $this->redirectToRoute('_admin_category', ['page' => 1]);
Redirect method creates an object of RedirectResponse class, and it needs to be returned as response. Moreover, you don't have to use redirect + generateUrl you can just use redirectToRoute method which is shortcut for that.
Also I'd suggest wrapping flush with try/catch
For more see docs
repository with issue
I have a form for entity User with email field:
->add('email', EmailType::class, [
'constraints' => [
new NotBlank(),
new Email([
'checkMX' => true,
])
],
'required' => true
])
when i'm editing email to something like test#gmail.com1 and submit form it shows me error "This value is not a valid email address." THat's ok, but after that symfony populate wrong email into token and when i'm going to any other page or just reload page, i'm getting this:
WARNING security Username could not be found in the selected user
provider.
i think question is: why symfony populate wrong Email that failed validation into token and how i could prevent it?
controller:
public function meSettingsAction(Request $request)
{
$user = $this->getUser();
$userUnSubscribed = $this->getDoctrine()->getRepository('AppBundle:UserUnsubs')->findOneBy(
[
'email' => $user->getEmail(),
]
);
$form = $this->createForm(UserSettingsType::class, $user);
$form->get('subscribed')->setData(!(bool)$userUnSubscribed);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
/**
* #var $user User
*/
$user = $form->getData();
/** #var UploadedFile $avatar */
$avatar = $request->files->get('user_settings')['photo'];
$em = $this->getDoctrine()->getManager();
if ($avatar) {
$avatar_content = file_get_contents($avatar->getRealPath());
$avatarName = uniqid().'.jpg';
$oldAvatar = $user->getPhoto();
$user
->setState(User::PHOTO_STATE_UNCHECKED)
->setPhoto($avatarName);
$gearmanClient = $this->get('gearman.client');
$gearmanClient->doBackgroundDependsOnEnv(
'avatar_content_upload',
serialize(['content' => $avatar_content, 'avatarName' => $avatarName, 'oldAvatar' => $oldAvatar])
);
}
$subscribed = $form->get('subscribed')->getData();
if ((bool)$userUnSubscribed && $subscribed) {
$em->remove($userUnSubscribed);
} elseif (!(bool)$userUnSubscribed && !$subscribed) {
$userUnSubscribed = new UserUnsubs();
$userUnSubscribed->setEmail($form->get('email')->getData())->setTs(time());
$em->persist($userUnSubscribed);
}
$user->setLastTs(time());
$em = $this->getDoctrine()->getManager();
$em->persist($user);
$em->flush();
$this->get('user.manager')->refresh($user);
return $this->redirectToRoute('me');
}
return $this->render(
':user:settings.html.twig',
[
'form' => $form->createView(),
]
);
}
UPD:
it works fine if i change in OAuthProvider:
/**
* #param \Symfony\Component\Security\Core\User\UserInterface $user
*
* #return \Symfony\Component\Security\Core\User\UserInterface
*/
public function refreshUser(UserInterface $user)
{
return $this->loadUserByUsername($user->getName());
}
to:
/**
* #param \Symfony\Component\Security\Core\User\UserInterface $user
*
* #return \Symfony\Component\Security\Core\User\UserInterface
*/
public function refreshUser(UserInterface $user)
{
return $this->userManager($user->getId());
}
but it seems to be dirty hack.
Thanks.
Your user token seems to be updated by the form, even if the email constraint stop the flush.
Can you check if your form past the isValid function ?
You can maybe try to avoid it with an event listener or a validator.
With an event SUBMIT you should be able to check the email integrity, and then add a FormError to avoid the refreshUser.
This is a tricky one, thanks to the repository it was easier to isolate the problem. You are binding the user object form the authentication token to the createForm() method. After the
$form->handleRequest($request)
call the email off the token user object is updated.
I first thought to solve this by implementing the EquatableInterface.html in the User entity but this did not work, as the compared object already had the wrong email address set.
It may also be useful to implement the EquatableInterface interface, which defines a method to check if the user is equal to the current user. This interface requires an isEqualTo() method.)
Than I thought about forcing a reload of the user from the db and resetting the security token, but in the it came to my mind, that it might be sufficient to just refresh the current user object from the database in case the form fails:
$this->get('doctrine')->getManager()->refresh($this->getUser());`
In your controller, this would solve your issue.
/**
* #Route("/edit_me", name="edit")
* #Security("has_role('ROLE_USER')")
*/
public function editMyselfAction(Request $request) {
$form = $this->createForm(User::class, $this->getUser());
if ($request->isMethod(Request::METHOD_POST)) {
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$user = $form->getData();
$em = $this->getDoctrine()->getManager();
$em->persist($user);
$em->flush();
} else {
$this->get('doctrine')->getManager()->refresh($this->getUser());
}
}
return $this->render(':security:edit.html.twig',['form' => $form->createView()]);
}
Alternative solution
The issue at the Symfony repository resulted in some valuable input about Avoiding Entities in Forms and
Decoupling Your Security User which provides a more complex approach for a solution to your problem.
I can do auto login with fosuserBundle,when he access the page adding clause he is auto login , When he accéd page adding article he redirect automatically to the login page but my objective is to auto login
routing :
ajouterapps:
path: /ajouterapps
defaults: { _controller: MedBundle:Apps:ajouter }
code controller :
public function ajouterAction()
{
$em = $this->getDoctrine();
$repo = $em->getRepository("UserBundle:User"); //Entity Repository
$user = $this->getUser();
if (!$user) {
throw new UsernameNotFoundException("User not found");
} else {
$token = new UsernamePasswordToken($user, null, "your_firewall_name", $user->getRoles());
$this->get("security.context")->setToken($token); //now the user is logged in
//now dispatch the login event
$request = $this->get("request");
$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
}
$msg = 'ajouter Apps';
$em = $this->getDoctrine()->getManager();
$app = new Apps();
$form = $this->createForm(new AppsType, $app);
$request = $this->getRequest();
if ($request->getMethod() == 'POST') {
$form->handleRequest($request);
$app->upload();
$em->persist($app);
$em->flush();
$msg = 'Apps ajouter avec success';
}
return $this->render('MedBundle:Apps:ajouter.html.twig',array(
'form'=>$form->createView(),
'msg'=>$msg
)
);
}
What is the solution and thank you in advance
I need a little help here since my code doesn't work and I can't find where I'm failing. See this is the function I'm using to register users on my application (taked from here and changed a bit to suite my needs):
public function registerAction(Request $request)
{
$em = $this->getDoctrine()->getManager();
/** #var $userManager \FOS\UserBundle\Model\UserManagerInterface */
$userManager = $this->container->get('fos_user.user_manager');
/** #var $dispatcher \Symfony\Component\EventDispatcher\EventDispatcherInterface */
$dispatcher = $this->container->get('event_dispatcher');
$user = $userManager->createUser();
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_INITIALIZE, $event);
if (null !== $event->getResponse()) {
return $event->getResponse();
}
$entity = new SysUsuario();
$form = $this->createForm(new UsuarioType(), $entity);
$form->handleRequest($request);
$user_data = $request->get('user_register');
$profile_data = $request->get('user_register')['perfil'];
if ($form->isValid()) {
$user->setUsername($profile_data['persJuridica'] . $profile_data['rif']);
$user->setEmail($user_data['email']);
$user->setPlainPassword($user_data['password']);
$role = $profile_data['roleType'];
if ($role === "O") {
$user->addRole("ROLE_OPERADOR");
}
elseif ($role === "CH") {
$user->addRole("ROLE_CENTRO_HIPICO");
}
$userManager->updateUser($user);
$profile = new SysPerfil();
$profile->setPersJuridica($profile_data['persJuridica']);
$profile->setRif($profile_data['rif']);
$ci = isset($profile_data['ci']) ? $profile_data['ci'] : null;
if ($ci != NULL) {
$profile->setCi($profile_data['ci']);
}
$profile->setNombre($profile_data['nombre']);
$profile->setApellido($profile_data['apellido']);
$profile->setRoleType($profile_data['roleType']);
$profile->setUser($user);
$em->persist($profile);
$em->flush();
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_SUCCESS, $event);
if (null === $response = $event->getResponse()) {
$url = $this->container->get('router')->generate('fos_user_registration_confirmed');
$response = new RedirectResponse($url);
}
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_COMPLETED, new FilterUserResponseEvent($user, $request, $response));
return $response;
}
else {
$errors = $this->getFormErrors($formProfile);
}
return new JsonResponse(array('status' => true, 'errors' => $errors));
}
The problem here is that my code is never triggering the REGISTRATION_SUCCESS event so I didn't get any email and therefore I can't confirm users, what I'm doing wrong?
After dig and dig deeper in my code I found where the problem was. Thanks to #tttony user who turns on the bulb, I, accidentally, delete the confirmation configuration at config.yml and for that reason the event never was triggered, so the easy solution:
fos_user:
....
registration:
confirmation:
from_email:
address: admin#local.com
sender_name: Myself
Now before found the previous solution I come with another one, which made me study and learn and I leave here too:
/** Disable the user by default - this is done in the event */
$user->setEnabled(false);
/** #var $mailer FOS\UserBundle\Mailer\MailerInterface */
$mailer = $this->container->get('fos_user.mailer');
if (null === $user->getConfirmationToken()) {
$user->setConfirmationToken($str->generateRandomString(32));
}
$mailer->sendConfirmationEmailMessage($user);
$session = new Session();
$session->set('fos_user_send_confirmation_email/email', $user->getEmail());
The only thing I wont be able to do here was use the FOS\UserBundle\Util\TokenGeneratorInterface I don't know how to, so if any knows I'll be grateful if leave the answer to that one, both solutions works since I tested.
I have an issue where I have a form type that persists the associated entity even when the form is not valid.
I have confirmed that the form indeed has errors via $form->getErrorsAsString(). I have also confirmed that the logical if statement that checks if the form is valid or not comes out false. The entity still persists despite the fact that the form is never valid.
I'm not sure what I'm doing wrong here as I have no other spot that I can find that either persists the entity or flushes the entity manager. Here's my controller:
/**
* #Route("/settings/profile", name="settings_profile")
* #Template();
*/
public function profileAction()
{
$user = $this->getUser();
$profile = $user->getUserProfile();
if (null === $profile) {
$profile = new UserProfile();
$profile->setUser($user);
$profileDataModel = $profile;
} else {
$profileDataModel = $this->getDoctrine()->getManager()->find('MyAppBundle:UserProfile',$profile->getId());
}
$form = $this->createForm(new ProfileType(),$profileDataModel);
$request = $this->getRequest();
if ($request->getMethod() === 'POST') {
$form->bind($request);
if ($form->isValid()) {
// This logic never gets executed!
$em = $this->getDoctrine()->getManager();
$profile = $form->getData();
$em->persist($profile);
$em->flush();
$this->get('session')->setFlash('profile_saved', 'Your profile was saved.');
return $this->redirect($this->generateUrl('settings_profile'));
}
}
return array(
'form' => $form->createView(),
);
}
I must have a listener or something somewhere that is persisting the user.
My work around for this temporarily is to do:
$em = $this->getDoctrine()->getManager()
if ($form->isValid()) {
// persist
} else {
$em->clear();
}
Until I can ferret out what listener or other data transformer is causing this.