In recess, I have a controller
/**
* !RespondsWith Layouts
* !Prefix user/
*/
class UserController extends Controller
{
......
}
I want to wrap all methods of the UserController using Iwrapper. I know how to wrap method of a normal class using IWrapper. But in the case of the controller, i 'm not being able to do it because the UserController is not instantiated and its methods are called automatically by the recess controller.
You can use annotations to add a wrapper to the controller class. For instance, I have a controller "nas"
/**
* !RespondsWith Json,CSV
* !Prefix nas/
*/
class NasController extends Controller {
/**
* !Route GET
* !VerifyPermission Module: data, Permission: read, UnauthorizedAction: noEntry
*/
function index() {
}
}
The VerifyPermission annotation will add a wrapper in the expand method
Library::import('recess.lang.Annotation');
Library::import('cirrusWorks.wrappers.VerifyPermissionWrapper');
class VerifyPermissionAnnotation extends Annotation {
protected function expand($class, $reflection, $descriptor) {
$module = $this->module;
$permission = $this->permission;
$unauthorizedAction = $this->unauthorizedaction;
$descriptor->addWrapper('serve',new VerifyPermissionWrapper($module,$permission,$unauthorizedAction, $reflection->getName()));
/* ... */
return $descriptor;
}
}
Then you can create the VerifyPermissionWrapper and the standard methods will be wrapped around your class method (before(), after(), combine())
class VerifyPermissionWrapper implements IWrapper {
function __construct($module, $permission, $action, $method) {
$this->module = $module;
$this->permission = $permission;
$this->action = $action;
$this->method = $method;
}
function before($controller, &$args) {
error_log('Before {$this->action} on {$this->method}');
}
}
Related
I'm trying to implement multiple controllers which listens to one route /account.
There are two controllers and only one should be executed on that URL where the choice lies within user's role.
namespace AppBundle\Controller;
use AppBundle\Entity\Role;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Routing\Annotation\Route;
/**
* #Route("/account")
*/
abstract class DashboardController extends Controller
{
protected $userRoles;
public function __construct()
{
$this->userRoles = $this->getUser()->getRoles();
}
/**
* Get all user roles
*/
public function getRoles()
{
return $this->userRoles;
}
/**
* Get user account type
*
* #return Role
*/
public function getAccountType(): Role
{
$accountType = new Role();
foreach ($this->userRoles as $role) {
if(Role::ROLE_STUDENT == $role->getName()) {
$accountType = $role;
} else if(Role::ROLE_SCHOOL_REPRESENTATIVE == $role->getName()) {
$accountType = $role;
} else if(Role::ROLE_EMPLOYER == $role->getName()) {
$accountType = $role;
} else if(Role::ROLE_ADMIN == $role->getName()) {
$accountType = $role;
}
}
return $accountType;
}
}
namespace AppBundle\Controller;
class CompanyDashboardController extends DashboardController
{
public function __construct()
{
parent::__construct();
}
/**
* #Route("/", name="dashboard_company_home", methods={"GET"})
* #return Response
*/
public function index()
{
return $this->render('dashboard/company/index.html.twig');
}
}
namespace AppBundle\Controller;
class AdminDashboardController extends DashboardController
{
public function __construct()
{
parent::__construct();
}
/**
* #Route("/", name="dashboard_admin_home", methods={"GET"})
* #return Response
*/
public function index()
{
return $this->render('dashboard/admin/index.html.twig');
}
}
That's what I've got so far.
You can't do this with "route" declarations, since the route listener is executed with higher priority than the security listener. Both happen during the KernelEvents::REQUEST event, but routing comes before firewall.
When the route to controller mapping is being resolved, you do not have yet user information (which is why you can't simply attach another a listener and inject the user information on the Request object, so it's available to use in the route declaration for expression matching, for example).
Basically, one route, one controller. If you want to have diverging logic for these users, you'll have to apply it after you get into the controller.
In php mvc structure I have this base controller class and add the constructor like this :
namespace App\Core;
/**
* Controller class
*/
class Controller
{
/** #var View View The view object */
public $View;
public $templates;
public $app;
/**
* Construct the (base) controller. This happens when a real controller is constructed, like in
* the constructor of IndexController when it says: parent::__construct();
*/
public function __construct()
{
$this->app = \App\Core\System\App::instance();
$this->Language = new Language('en-gb');
$this->templates = new \League\Plates\Engine(Config::get('PATH_VIEW'));
$this->Url = new \App\Core\Url(Config::get('URL'),Config::get('URL'));
}
public function loadModel($name) {
$path = '\App\Catalog\Model\\'.$name;
$this->model = new $path;
return $this->model;
}
public function loadController($name) {
$path = '\App\Catalog\Controller\\'.$name;
$this->controller = new $path;
return $this->controller;
}
}
Now in action (ie edit account) controller i have :
namespace App\Catalog\Controller\Account;
use App\Core\Config;
use App\Core\Csrf;
use App\Core\Response;
use App\Core\Session;
class EditAccount extends \App\Core\Controller
{
public function __construct()
{
parent::__construct();
//Auth::checkAuthentication();
}
public function index()
{
}
public function action()
{
}
}
Now, I work in PhpStorm and see this override error:
How do can in Fix this error?
Note: If I remove extends \App\Core\Controller from EditAccount class, error fixed But I need to extends \App\Core\Controller.
When I receive an API request it routes trough the Application.php to the UserController.
The UserController does his thing with the information and I need to call the EmailController, because that is the controller that manages all the emails.
In the EmailController I have a function (its simplified):
class EmailController {
public function getEmail() {
return 1337 ;
}
}
In the UserController I have a function:
class UserController {
public function getUserMail(Request $request, Application $app) {
$number = ???;
return $number;
}
}
What do I have to call within the UserController to get the getEmail function of the EmailController?
If this is not a correct way of doing it, I would love to hear what term I am acutally searching for :)
Edit1:
As #lawrence-cherone pointed out, it should have been in a model.
It was stuck in my head that I had to use the controller for this task.
You could use the dependency injection to share the class that return number.
So your controllers will look like:
class EmailController
{
/**
* #var NumberCalculatorInterface
*/
private $numberCalculator;
/**
* #param NumberCalculatorInterface $numberCalculator
*/
public function __construct(NumberCalculatorInterface $numberCalculator)
{
$this->numberCalculator = $numberCalculator;
}
public function getEmail()
{
return $this->numberCalculator->getNumber();
}
}
and
class UserController
{
/**
* #var NumberCalculatorInterface
*/
private $numberCalculator;
/**
* #param NumberCalculatorInterface $numberCalculator
*/
public function __construct(NumberCalculatorInterface $numberCalculator)
{
$this->numberCalculator = $numberCalculator;
}
public function getUserMail(Request $request, Application $app)
{
$number = $this->numberCalculator->getNumber();
return $number;
}
}
Your class that calculate number or other more complex logic will be
interface NumberCalculatorInterface
{
public function getNumber();
}
class DefaultNumberCalculator implements NumberCalculatorInterface
{
public function getNumber()
{
return 1337;
}
}
Since the number calculation is not a logic proper to your EmailController cause you use the logic in several classes, it make sense to be an external class. You will be able to unit test it properly and to inject in all the classes that need this calculation to be done.
You will be able to declare it as service:
class NumberCalculatorProvider implements ServiceProviderInterface {
public function register(Container $pimple)
{
$pimple['number_calculator'] = function () {
return new DefaultNumberCalculator();
};
}
}
And inject it inside your controller easily (in the following example is use the ServiceControllerServiceProvider to declare controller as services):
class ControllerProvider implements ServiceProviderInterface {
public function register(Container $pimple)
{
$pimple['controller.user'] = function ($pimple) {
return new UserController($pimple['number_calculator']);
};
$pimple['controller.email'] = function ($pimple) {
return new EmailController($pimple['number_calculator']);
};
}
}
note: In my example i use silex 2., since its not specified in your question, you may need to adapt it if you use an older version but the logic remain the same.*
I think you need to make UserController inherit the function getEmail() from EmailController
class UserController extends EmailController {
public function getUserMail(Request $request, Application $app) {
$number = ???;
return $number;
}
}
I have a Symfony2 controller as follows:
/**
* #Security("is_granted('my_permission')")
*/
class MyController extends Controller
{
/**
* #Security("is_granted('another_permission')")
*/
public function myAction()
{
// ...
}
}
It appears the #Security annotation on the myAction() method overrides/ignores the parent #Security annotation on the MyController class. Is there any way to make these stack, to avoid having to do:
/**
* #Security("is_granted('my_permission') and is_granted('another_permission')")
*/
public function myAction()
{
// ...
}
on every action method in the controller?
It appears the #Security annotation on the myAction method overrides/ignores the parent #Security annotation on the MyController class.
Indeed, Sensio\Bundle\FrameworkExtraBundle\Configuration\Security annotation doesn't allows nested configuration (see allowArray() method). So method configuration overrides class configuration for #Security annotation.
Is there any way to make these stack...
Not in a simple way, you need create three class and one trick to not reimplement the whole parent code:
Security.php
namespace AppBundle\Configuration;
/**
* #Annotation
*/
class Security extends \Sensio\Bundle\FrameworkExtraBundle\Configuration\Security
{
public function getAliasName()
{
return 'app_security';
}
public function allowArray()
{
// allow nested configuration (class/method).
return true;
}
}
SecurityConfiguration.php
This class allow you compound the final security expression through all security configurations (class/method).
namespace AppBundle\Configuration;
class SecurityConfiguration
{
/**
* #var Security[]
*/
private $configurations;
public function __construct(array $configurations)
{
$this->configurations = $configurations;
}
public function getExpression()
{
$expressions = [];
foreach ($this->configurations as $configuration) {
$expressions[] = $configuration->getExpression();
}
return implode(' and ', $expressions);
}
}
SecurityListener.php
namespace AppBundle\EventListener;
use AppBundle\Configuration\SecurityConfiguration;
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
use Symfony\Component\HttpKernel\KernelEvents;
class SecurityListener extends \Sensio\Bundle\FrameworkExtraBundle\EventListener\SecurityListener
{
public function onKernelController(FilterControllerEvent $event)
{
$request = $event->getRequest();
if (!$configuration = $request->attributes->get('_app_security')) {
return;
}
// trick to simulate one security configuration (all in one class/method).
$request->attributes->set('_security', new SecurityConfiguration($configuration));
parent::onKernelController($event);
}
public static function getSubscribedEvents()
{
// this listener must be called after Sensio\Bundle\FrameworkExtraBundle\EventListener\ControllerListener.
return array(KernelEvents::CONTROLLER => array('onKernelController', -1));
}
}
services.yml
services:
app.security.listener:
class: AppBundle\EventListener\SecurityListener
parent: sensio_framework_extra.security.listener
tags:
- { name: kernel.event_subscriber }
Finally, just use your #AppBundle\Configuration\Security annotation instead the standard one.
Here's my try:
Using, in app/config/security.yml, this role hierarchy:
role_hierarchy:
ROLE_CLASS: ROLE_CLASS
ROLE_METHOD: [ROLE_CLASS, ROLE_METHOD]
And if I have two users: user1 with ROLE_CLASS, and user2 with ROLE_METHOD (which means this user has both roles), then the first user can see all the pages created inside the controller, except the ones that have additional restrictions.
Controller example:
/**
* #Security("is_granted('ROLE_CLASS')")
*/
class SomeController extends Controller
{
/**
* #Route("/page1", name="page1")
* #Security("is_granted('ROLE_METHOD')")
*/
public function page1()
{
return $this->render('default/page1.html.twig');
}
/**
* #Route("/page2", name="page2")
*/
public function page2()
{
return $this->render('default/page2.html.twig');
}
}
So because user1 has ROLE_CLASS, he is able to see just /page2, but not /page1, as he will receive a 403 Expression "is_granted('ROLE_METHOD')" denied access. error (for dev obviously).
On the other hand, user2, having ROLE_METHOD (and ROLE_CLASS), he is able to see both pages.
I Want to extend Symfony2 Controller to my project that is using API but I am having error of a non object use getParameter() function look at my code:
namespace Moda\CategoryBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
class ApiController extends Controller
{
/**
* #var String
*/
protected $_host;
/**
* #var String
*/
protected $_user;
/**
* #var String
*/
protected $_password;
public function __construct()
{
$this->_host = $this->container->getParameter('api_host');
$this->_user = $this->container->getParameter('api_user');
$this->_password = $this->container->getParameter('api_password');
}
}
And next Controller
namespace Moda\CategoryBundle\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
class CategoryController extends ApiController
{
/**
* #Route("/category", name="_category")
* #Template()
*/
public function indexAction()
{
return array('name' => 'test');
}
}
And the end, I got this Fatal Error:
FatalErrorException: Error: Call to a member function getParameter()
on a non-object in (..)
I try to use $this->setContainer() but it doesn't work. Do you have any idea how can I slove this problem?
If your controller is not defined as service, The constructor execution of the controller is not persisted.
You have two options to solve your situation:
Define the controller as a service and inject the parameters you need using dependency injection.
Add an init method in the controller, or on a parent abstract controller, and call the init method, before the action you need to have these parameters available;
You cant use container in Controller __construct at reason that when constructor called where is none container set yeat.
You can simply define some simple methods in controller like
class ApiController extends Controller
{
protected function getApiHost()
{
return $this->container->getParameter('api_host');
}
}
I wonder if something crazy like this would work? Instead of overriding the constructor, override the setContainer method? I haven't tried it...just thinking out loud.
namespace Moda\CategoryBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\DependencyInjection\ContainerInterface;
class ApiController extends Controller
{
/**
* #var String
*/
protected $_host;
/**
* #var String
*/
protected $_user;
/**
* #var String
*/
protected $_password;
public function setContainer(ContainerInterface $container = null)
{
parent::setContainer($container);
$this->_host = $this->container->getParameter('api_host');
$this->_user = $this->container->getParameter('api_user');
$this->_password = $this->container->getParameter('api_password');
}
}