I installed FOSUserBundle and i would like to add any additional role, such ROLE_NEW. In sfGuardUser just had to do
$this->getUser()->addCredential('new');
in action, and here?
Besides, how can I (admin) manage all (first of all manage ROLES) users? In sfGuardUser I had generated default admin page, and here?
By default FOSUserBundle manage roles as array, but you can use the concept of "Groups" for this purpose.
Read in docs https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Resources/doc/groups.md
And read some discussions about advantages and disadvantages
FOS bundle - How to select users with a specific role?
Related
I'm new to laravel and don't have much experience in it.
There is a scenario of defining access levels in a laravel project. Our team has decided to use spatie package for implementing different access levels.
I know, how to implement basic roles and permissions but in our case, we're following an application where we have 3 basic roles:
1. Full Admin
2. Employees
3. Managers
In Employee role we further have sub-roles, like UK-Employees, US-Employees, FullTime-Employees, etc.
These different groups/roles have different permissions, which we can change according to our needs.
On the index page of Access Levels, we can create a new role by deciding which type of role we want to create? Employee/Manager/Custom. On selecting one role, we go to another page and on that page, we get some predefined permissions according to the role type (Employee, Manager or Custom). Further, we can change those permissions to define new roles.
Can anyone suggest to me how can I implement this scenario using spatie?
Moreover, if the question is not understandable please suggest edits.
I'm looking for a solutions where I can do the following in my Sonata backend:
In my database I have the following tables:
roles
id
name
role
is_super_admin
weight
permissions
name
permissions
description
role_permission (many to many)
role_id
permission_id
So I would like to save relations in my table role_permission. But I'm a bit stuck on how to do this in Sonata admin. Can I do this in the list view? And if yes, can you help me on my way?
Not sure if OP wants to implement custom roles or use existing features. However I would recommend using a single role system. Sonata already has handlers for security so in my opinion it would be best to use those instead of creating your own.
On the sonata site, there is a section in the admin bundle about security. Which explains how to setup certain types of role management. I would either go for the Role or ACL handler depending on what you need.
When enabling the role handler you can create groups of roles. These groups would serve as your "Role 1". For example I could create a group called "Beta Testers" and give them the ROLES (permissions) ROLE_CHECK_BETA_CONTENT and ROLE_BETA_FEEDBACK_FORM. Now if you want normal users to not have these rights you could create a normal user group and assign every other role (permission).
I have an application with many users.
Each user is associated with one and only one profile.
The profile has many global rights on many entities.
For example,
The role "writer" has access to write, read and edit for my entity "Blog".
Roles are dynamic, I can add role in my back office.
I think I must use Symfony Voter but I don't know how I can control if my user has the right to edit for example, an article.
Do you have an example to make this architecture for my constraint?
Thank you.
In Symfony documentation there is nice article about voters: user is able to edit his own article only.
For deeper understanding, check this presentation - Drop ACE, use voters.
I started using FOSuserBundle and I would like to use their login functionality for all of my users: customers, admins, and affiliates.
Of course, there will be one main table that will contain all of the users data and then another table for each type.
The problem is how do I create different login forms on different pages and, of course, the register functionality is different.
I can't override controllers because I'm only allowed to override a bundle once in a project.
You do not need to use different tables, login or registration forms.
These link will help you:
Using Groups With FOSUserBundle
Symfony 2 - FOS bundle - How to select users with a specific role?
I generated entity and model, then a CRUD for it using Gii. Default access rules say that delete action can do just users with admin role. By default we have 2 users defined in UserIdentity.php: admin/admin and demo/demo. Demo is common user and admin is admin user. Authenticating with demo I have "403 forbiden" on delete page. So question is where is set role for these default users?
In your access rules array, you need to specify users not roles. Until you start using the RBAC module, you will have no roles assigned. The tutorial for RBAC shows how to define your roles and assign them to users. What it doesn't tell you is where to populate the files. read up about data migrations. That is where I populated my files.
This is not default users but default roles. You should read about RBAC
It depends on how deep you plan to go with your site security. If you are just trying grant access to specific users from that default users array, you can just configure them through the accessRules method and use the users configuration.
Otherwise, if you actually want a comprehensive role system, you will want to look into RBAC as #oroshnivskyy suggested.