Re: [symfony-users] Symfony developer needed
Hi, I'm an experienced Symfony developer, building websites for the U.S. Government on private networks. My rate is $100/hr. Please let me know if I can help you. Regards, Stan On Sat, Feb 5, 2011 at 10:18 AM, Mo Mughrabi wrote: > Hi, > > I have a project at the moment in which I need someone to jump in right > away, the project is a symfony based, I have already finished more than 30% > of the application and I need a developer with sense of ownership and > dedication to jump in. It will require a lot of communication and if things > work well, I will continue working with other projects. > > For the time being, > > the project needs some modificstion to the backend and a lot of work to the > frontend. > > If anyone interested please write back to me to discuss the details, > > regards, > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] problem with $sf_user->getCredentials()
Thanks everybody for the help. On Wed, Jan 26, 2011 at 4:16 AM, Justen Doherty wrote: > if your application is in frontend_dev.php you will need to add this to > your .htaccess file (as apache will return index.php by default) > > > ServerName myserver.blah.com > DocumentRoot "/home/mysite/ > DirectoryIndex frontend.php > ... > > > > > On Wed, Jan 26, 2011 at 6:42 AM, Stan@home wrote: > >> Ok I probably used the wrong terminology. I didn't call it directly from >> index.php - I simply used the URL /my/privileges instead of >> /frontend_dev.php/my/privileges. The first one doesn't work but the second >> one does. >> >> Sent from my iPhone >> >> On Jan 26, 2011, at 1:07 AM, Gareth McCumskey >> wrote: >> >> Why would you want to call it via index.php. Generally index.php is not to >> be touched and everything you need done display wise is done through >> layout.php or templates and everything logic wise through actions and model >> classes. >> >> On Tue, Jan 25, 2011 at 8:14 PM, Stan McFarland < >> sfmc...@gmail.com> wrote: >> >>> All, >>> >>> I have a problem with a call to $sf_user->getCredentials(). If I call >>> this method via frontend_dev.php, everything works correctly. But if >>> I call this method via index.php, it returns NULL. However, I can >>> successfully call getCredential() via index.php and frontend_dev.php >>> and get the same results. Does this make any sense to anybody? >>> >>> Thanks, >>> >>> Stan >>> >>> -- >>> If you want to report a vulnerability issue on symfony, please send it to >>> security at <http://symfony-project.com>symfony-project.com >>> >>> You received this message because you are subscribed to the Google >>> Groups "symfony users" group. >>> To post to this group, send email to >>> symfony-users@googlegroups.com >>> To unsubscribe from this group, send email to >>> >>> symfony-users+unsubscr...@googlegroups.com >>> For more options, visit this group at >>> <http://groups.google.com/group/symfony-users?hl=en> >>> http://groups.google.com/group/symfony-users?hl=en >>> >> >> >> >> -- >> Gareth McCumskey >> <http://garethmccumskey.blogspot.com>http://garethmccumskey.blogspot.com >> twitter: @garethmcc >> <http://identi.ca>identi.ca: @garethmcc >> >> -- >> If you want to report a vulnerability issue on symfony, please send it to >> security at <http://symfony-project.com>symfony-project.com >> >> You received this message because you are subscribed to the Google >> Groups "symfony users" group. >> To post to this group, send email to >> symfony-users@googlegroups.com >> To unsubscribe from this group, send email to >> >> symfony-users+unsubscr...@googlegroups.com >> For more options, visit this group at >> <http://groups.google.com/group/symfony-users?hl=en> >> http://groups.google.com/group/symfony-users?hl=en >> >> -- >> If you want to report a vulnerability issue on symfony, please send it to >> security at symfony-project.com >> >> You received this message because you are subscribed to the Google >> Groups "symfony users" group. >> To post to this group, send email to symfony-users@googlegroups.com >> To unsubscribe from this group, send email to >> symfony-users+unsubscr...@googlegroups.com >> For more options, visit this group at >> http://groups.google.com/group/symfony-users?hl=en >> > > > > -- > - > http://www.linkedin.com/in/justendoherty - LinkedIn > http://www.twitter.com/phpchap - Twitter > http://www.anotherwebdeveloper.com - Portfolio > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: problem with $sf_user->getCredentials()
sorry - meant to say that hasCredential() works via both handlers. On Jan 25, 1:14 pm, Stan McFarland wrote: > All, > > I have a problem with a call to $sf_user->getCredentials(). If I call > this method via frontend_dev.php, everything works correctly. But if > I call this method via index.php, it returns NULL. However, I can > successfully call getCredential() via index.php and frontend_dev.php > and get the same results. Does this make any sense to anybody? > > Thanks, > > Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] problem with $sf_user->getCredentials()
All, I have a problem with a call to $sf_user->getCredentials(). If I call this method via frontend_dev.php, everything works correctly. But if I call this method via index.php, it returns NULL. However, I can successfully call getCredential() via index.php and frontend_dev.php and get the same results. Does this make any sense to anybody? Thanks, Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] best way to hide form fields in front_end based on credentials?
Thanks to both of you. I have Gabor's method working but will consider yours also. Thanks again. -stan On Tue, Dec 21, 2010 at 9:39 AM, Yitzchak Schaffer < yitzchak.schaf...@gmx.com> wrote: > On 2010-12-20 10:27, Stan McFarland wrote: > >> I guess the subject says it all. :) Looking for suggestions as to >> how best to hide specific form fields (not in the backend generator, >> but the frontend) based on user credentials. Thanks! >> >> > I've created subclasses of the form classes for this purpose; for example, > User being the class generated by symfony, and UserFront the subclass which > strips away the undesired fields. Comparing this to Gábor's response, mine > moves the field-filtering logic from the form class to the action. Not sure > if either one is preferable from an architectural perspective... ? > > -- > Yitzchak Schaffer > > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] best way to hide form fields in front_end based on credentials?
Hi, I guess the subject says it all. :) Looking for suggestions as to how best to hide specific form fields (not in the backend generator, but the frontend) based on user credentials. Thanks! -stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] updating a field in action
I think it's because '$foo' is not an object but rather a set of objects returned by the find() method. -stan On Tue, Nov 30, 2010 at 12:54 PM, Martin Henits wrote: > I know it is a very silly question. > > How can I just update a db field in one of the actions? > > suppose that my code is like this: > > public function executeConfirm(sfWebRequest $request) { > $foo = Doctrine::getTable('foo')->find(array($request- > >getParameter('foo_id'))); > $foo->setConfirmed(1); > $foo->save(); > } > > > the above code doesn't work as the change doesn't save into the > database. > > cheers > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: symfony task into cron
my bad - that won't work. the cd won't take. try: /usr/bin/php /path/to/may/app/symfony ... > /dev/null On Nov 18, 11:00 am, Stan McFarland wrote: > try: cd /path/to/my/app; /usr/bin/php symfony ... > /dev/null > > you redirect to /dev/null - otherwise the output of your command gets > sent to you via e-mail. > > On Nov 18, 10:54 am, hribo wrote: > > > > > > > > > hello, > > how do you create cron with existing task that i am usually running > > from CLI like this: > > > php symfony email_service:sendLoggerEmailReturner -- > > application=frontend --env=prod > > > when i am on my production server, i run crontab -e command. > > then i am supposed to put there my cron, which i want ot run every > > night at 1 AM. syntax should be something like this, but it is not > > working: > > > 0 1 * * * php symfony email_service:sendLoggerEmailReturner -- > > application=frontend --env=prod > / dev/null > > ERROR: /bin/sh: /: Is a directory > > > or > > > 0 1 * * * cd /usr/bin/php cd /route/to/my/folder/symfony > > email_service:sendLoggerEmailReturner --application=frontend -- > > env=prod > / dev/null > > ERROR: /bin/sh: line 0: cd: /usr/bin/php: Not a directory > > > or other combinations. i am new to crontab so i am not sure what it > > is. i was also googling but nothing. > > one more question: why there must be : "dev/null" at the end? > > > thank you -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: symfony task into cron
try: cd /path/to/my/app; /usr/bin/php symfony ... > /dev/null you redirect to /dev/null - otherwise the output of your command gets sent to you via e-mail. On Nov 18, 10:54 am, hribo wrote: > hello, > how do you create cron with existing task that i am usually running > from CLI like this: > > php symfony email_service:sendLoggerEmailReturner -- > application=frontend --env=prod > > when i am on my production server, i run crontab -e command. > then i am supposed to put there my cron, which i want ot run every > night at 1 AM. syntax should be something like this, but it is not > working: > > 0 1 * * * php symfony email_service:sendLoggerEmailReturner -- > application=frontend --env=prod > / dev/null > ERROR: /bin/sh: /: Is a directory > > or > > 0 1 * * * cd /usr/bin/php cd /route/to/my/folder/symfony > email_service:sendLoggerEmailReturner --application=frontend -- > env=prod > / dev/null > ERROR: /bin/sh: line 0: cd: /usr/bin/php: Not a directory > > or other combinations. i am new to crontab so i am not sure what it > is. i was also googling but nothing. > one more question: why there must be : "dev/null" at the end? > > thank you -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] question about filter forms and multiple select widgets
Hi, I've successfully created a filter form for my frontend app, but want to allow the user to select multiple values for a given attribute. After changing the widget to allow multiple values, I can select a single value from the select widget, and the SQL appears to be generated correctly: Before: (r.status_id = ?) - (1) After: (r.status_id in ?) - (1) but if I select multiple values I get an error "Invalid parameter number: number of bound variables does not match number of tokens." I'd cut and paste the error log except I'm behind a firewall with no way to cut and paste. Is what I'm wanting to do possible? Thanks, Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] admin generator creating unwanted many-to-many forms
Hi Symfony newbie here. In my schema.yml I have three tables representing a many-to-many relationship - Issue, Resource, and IssueResource. On the IssueResource table, I have the following defined: relations: Issue: { onDelete: CASCADE, foreignAlias: IssueResources } Resource: { onDelete: CASCADE, foreignAlias: IssueResources } On the Resource table, I have the following defined: relations: Issues:{ foreignAlias: Resources, class: Issue, refClass: IssueResource } I have no relations defined on the Issue table: My frontend app works like a champ. But when I generate a backend module for Resource, it adds a field 'Issues List'.I just want to have the form display the fields for Resource.And if I try to add Issues to a Resource, I get an integrity constraint violation. Have I done something wrong in my schema.yml that's causing this behavior to appear in the backend app? Thanks, Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] sorting with formfilter?
Hi, Symfony newbie here. I needed to add a form filter capability to my frontend app, which I managed to do with the bind(), getQuery() and execute() methods, but my question is: can I add additional SQL-type criteria (such as order by) to the query generated by the formfilter methods, and if so, how? Thanks very much, Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: question about client certificate authentication
It was $request->getUri() that did the trick. Thanks again! On Nov 2, 11:42 am, Alex Pilon wrote: > How about redirecting them to the referrer? $request->getReferer(); That > will reference where the user came from to get to the Login method that you > are using. > > > > > > > > > > On Tue, Nov 2, 2010 at 11:38, Stan McFarland wrote: > > It makes sense, but I don't know what to redirect _to_. The user > > could potentially request any URL (say, url/mymodule/new or url/ > > mymodule/edit/id/5) as their first session request. If the > > authentication is successful I want to send them to whatever they > > originally requested. But once I'm in the executeLogin method I'm > > not sure I have access to the original request. Does that make > > sense? > > > I can't post my code - behind a firewall - sorry. :) Thanks for all > > the help. > > > -stan > > > On Nov 2, 11:28 am, Alex Pilon wrote: > > > Hey Stan, > > > > If you have an executeLogin method defined in > > > sfGuardAuth/actions/actions.class.php at the end of the executeLogin or > > > whenever you have decided the user is authenticated you should be able to > > do > > > $this->redirect or forward as you normally would. If this doesn't make > > sense > > > can you post the contents of the executeLogin and where you have this > > method > > > in code (i.e. what file is it in?). > > > > Thanks > > > > On Tue, Nov 2, 2010 at 11:23, Stan McFarland wrote: > > > > Alex, one more question, if you don't mind. I have the validation > > > > working, but I'm stuck on something. My executeLogin() method > > > > successfully does the login, but the machinery obviously wants to > > > > render the loginSuccess.php template. Is there a variable that > > > > contains the original request so I can just do a forward or a redirect > > > > if the user's certificate matches successfully? > > > > > Thanks very much, > > > > > On Nov 2, 10:51 am, Alex Pilon wrote: > > > > > Yeah, no problem.. read up on the cascading file system that symfony > > has. > > > > It > > > > > is very useful and makes it possible to very specifically override > > any > > > > > aspect of the framework and of plugins. > > > > > > On Tue, Nov 2, 2010 at 10:49, Stan McFarland > > wrote: > > > > > > Thanks, Alex - will give it a try. It was the adding of the > > > > > > sfGuardAuth folder that had me stumped. > > > > > > > On Nov 2, 10:29 am, Alex Pilon wrote: > > > > > > > Hi Stan, > > > > > > > > You can override the default behavior by making a sfGuardAuth > > folder > > > > in > > > > > > your > > > > > > > modules folder and overriding how authentication takes place. > > > > > > > > On Tue, Nov 2, 2010 at 10:15, Stan McFarland > > > > wrote: > > > > > > > > Hi, > > > > > > > > > I'm trying to secure an application where all users have client > > > > > > > > certificates. I want to compare the client certificate name > > > > > > > > (available in an environmental variable) to the list of valid > > users > > > > > > > > kept in a database table. If the user exists in the database, > > I > > > > want > > > > > > > > to grant the user access - otherwise, they just get a > > permission > > > > > > > > denied error. The problem I'm having is that the various > > guard > > > > > > > > modules (sfGuard, sfDoctrineGuard) seem to assume I want to > > > > redirect > > > > > > > > the user to a form prompting for a password. My use case > > seems > > > > to > > > > > > > > be pretty simple, but I'm frankly struggling with where to put > > the > > > > > > > > comparison of the client cert to the user table and what to do > > > > after > > > > > > > > that. Can someone offer a pointer or two? > > > > > > > > > Thanks very much, > > > > > > > > > Stan > > > > > > > > > -- > > > > > > > > If you want to report a vulnerability issue o
[symfony-users] Re: question about client certificate authentication
It makes sense, but I don't know what to redirect _to_.The user could potentially request any URL (say, url/mymodule/new or url/ mymodule/edit/id/5) as their first session request. If the authentication is successful I want to send them to whatever they originally requested.But once I'm in the executeLogin method I'm not sure I have access to the original request.Does that make sense? I can't post my code - behind a firewall - sorry. :) Thanks for all the help. -stan On Nov 2, 11:28 am, Alex Pilon wrote: > Hey Stan, > > If you have an executeLogin method defined in > sfGuardAuth/actions/actions.class.php at the end of the executeLogin or > whenever you have decided the user is authenticated you should be able to do > $this->redirect or forward as you normally would. If this doesn't make sense > can you post the contents of the executeLogin and where you have this method > in code (i.e. what file is it in?). > > Thanks > > > > > > > > > > On Tue, Nov 2, 2010 at 11:23, Stan McFarland wrote: > > Alex, one more question, if you don't mind. I have the validation > > working, but I'm stuck on something. My executeLogin() method > > successfully does the login, but the machinery obviously wants to > > render the loginSuccess.php template. Is there a variable that > > contains the original request so I can just do a forward or a redirect > > if the user's certificate matches successfully? > > > Thanks very much, > > > On Nov 2, 10:51 am, Alex Pilon wrote: > > > Yeah, no problem.. read up on the cascading file system that symfony has. > > It > > > is very useful and makes it possible to very specifically override any > > > aspect of the framework and of plugins. > > > > On Tue, Nov 2, 2010 at 10:49, Stan McFarland wrote: > > > > Thanks, Alex - will give it a try. It was the adding of the > > > > sfGuardAuth folder that had me stumped. > > > > > On Nov 2, 10:29 am, Alex Pilon wrote: > > > > > Hi Stan, > > > > > > You can override the default behavior by making a sfGuardAuth folder > > in > > > > your > > > > > modules folder and overriding how authentication takes place. > > > > > > On Tue, Nov 2, 2010 at 10:15, Stan McFarland > > wrote: > > > > > > Hi, > > > > > > > I'm trying to secure an application where all users have client > > > > > > certificates. I want to compare the client certificate name > > > > > > (available in an environmental variable) to the list of valid users > > > > > > kept in a database table. If the user exists in the database, I > > want > > > > > > to grant the user access - otherwise, they just get a permission > > > > > > denied error. The problem I'm having is that the various guard > > > > > > modules (sfGuard, sfDoctrineGuard) seem to assume I want to > > redirect > > > > > > the user to a form prompting for a password. My use case seems > > to > > > > > > be pretty simple, but I'm frankly struggling with where to put the > > > > > > comparison of the client cert to the user table and what to do > > after > > > > > > that. Can someone offer a pointer or two? > > > > > > > Thanks very much, > > > > > > > Stan > > > > > > > -- > > > > > > If you want to report a vulnerability issue on symfony, please send > > it > > > > to > > > > > > security at symfony-project.com > > > > > > > You received this message because you are subscribed to the Google > > > > > > Groups "symfony users" group. > > > > > > To post to this group, send email to > > symfony-users@googlegroups.com > > > > > > To unsubscribe from this group, send email to > > > > > > symfony-users+unsubscr...@googlegroups.com > > > > > legroups.com> > > > > > > > > > > > > For more options, visit this group at > > > > > >http://groups.google.com/group/symfony-users?hl=en > > > > > > -- > > > > > Alex Pilon > > > > > (613) 608-1480 > > > > > -- > > > > If you want to report a vulnerability issue on symfony, please send it > > to > > > > security at symfony-project.com > > > > > You received this message
[symfony-users] Re: question about client certificate authentication
Alex, one more question, if you don't mind. I have the validation working, but I'm stuck on something.My executeLogin() method successfully does the login, but the machinery obviously wants to render the loginSuccess.php template. Is there a variable that contains the original request so I can just do a forward or a redirect if the user's certificate matches successfully? Thanks very much, On Nov 2, 10:51 am, Alex Pilon wrote: > Yeah, no problem.. read up on the cascading file system that symfony has. It > is very useful and makes it possible to very specifically override any > aspect of the framework and of plugins. > > > > > > > > > > On Tue, Nov 2, 2010 at 10:49, Stan McFarland wrote: > > Thanks, Alex - will give it a try. It was the adding of the > > sfGuardAuth folder that had me stumped. > > > On Nov 2, 10:29 am, Alex Pilon wrote: > > > Hi Stan, > > > > You can override the default behavior by making a sfGuardAuth folder in > > your > > > modules folder and overriding how authentication takes place. > > > > On Tue, Nov 2, 2010 at 10:15, Stan McFarland wrote: > > > > Hi, > > > > > I'm trying to secure an application where all users have client > > > > certificates. I want to compare the client certificate name > > > > (available in an environmental variable) to the list of valid users > > > > kept in a database table. If the user exists in the database, I want > > > > to grant the user access - otherwise, they just get a permission > > > > denied error. The problem I'm having is that the various guard > > > > modules (sfGuard, sfDoctrineGuard) seem to assume I want to redirect > > > > the user to a form prompting for a password. My use case seems to > > > > be pretty simple, but I'm frankly struggling with where to put the > > > > comparison of the client cert to the user table and what to do after > > > > that. Can someone offer a pointer or two? > > > > > Thanks very much, > > > > > Stan > > > > > -- > > > > If you want to report a vulnerability issue on symfony, please send it > > to > > > > security at symfony-project.com > > > > > You received this message because you are subscribed to the Google > > > > Groups "symfony users" group. > > > > To post to this group, send email to symfony-users@googlegroups.com > > > > To unsubscribe from this group, send email to > > > > symfony-users+unsubscr...@googlegroups.com > > > legroups.com> > > > > > > For more options, visit this group at > > > >http://groups.google.com/group/symfony-users?hl=en > > > > -- > > > Alex Pilon > > > (613) 608-1480 > > > -- > > If you want to report a vulnerability issue on symfony, please send it to > > security at symfony-project.com > > > You received this message because you are subscribed to the Google > > Groups "symfony users" group. > > To post to this group, send email to symfony-users@googlegroups.com > > To unsubscribe from this group, send email to > > symfony-users+unsubscr...@googlegroups.com > legroups.com> > > For more options, visit this group at > >http://groups.google.com/group/symfony-users?hl=en > > -- > Alex Pilon > (613) 608-1480 -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: question about client certificate authentication
Thanks, Alex - will give it a try. It was the adding of the sfGuardAuth folder that had me stumped. On Nov 2, 10:29 am, Alex Pilon wrote: > Hi Stan, > > You can override the default behavior by making a sfGuardAuth folder in your > modules folder and overriding how authentication takes place. > > > > > > > > > > On Tue, Nov 2, 2010 at 10:15, Stan McFarland wrote: > > Hi, > > > I'm trying to secure an application where all users have client > > certificates. I want to compare the client certificate name > > (available in an environmental variable) to the list of valid users > > kept in a database table. If the user exists in the database, I want > > to grant the user access - otherwise, they just get a permission > > denied error. The problem I'm having is that the various guard > > modules (sfGuard, sfDoctrineGuard) seem to assume I want to redirect > > the user to a form prompting for a password. My use case seems to > > be pretty simple, but I'm frankly struggling with where to put the > > comparison of the client cert to the user table and what to do after > > that. Can someone offer a pointer or two? > > > Thanks very much, > > > Stan > > > -- > > If you want to report a vulnerability issue on symfony, please send it to > > security at symfony-project.com > > > You received this message because you are subscribed to the Google > > Groups "symfony users" group. > > To post to this group, send email to symfony-users@googlegroups.com > > To unsubscribe from this group, send email to > > symfony-users+unsubscr...@googlegroups.com > legroups.com> > > For more options, visit this group at > >http://groups.google.com/group/symfony-users?hl=en > > -- > Alex Pilon > (613) 608-1480 -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] question about client certificate authentication
Hi, I'm trying to secure an application where all users have client certificates. I want to compare the client certificate name (available in an environmental variable) to the list of valid users kept in a database table. If the user exists in the database, I want to grant the user access - otherwise, they just get a permission denied error. The problem I'm having is that the various guard modules (sfGuard, sfDoctrineGuard) seem to assume I want to redirect the user to a form prompting for a password. My use case seems to be pretty simple, but I'm frankly struggling with where to put the comparison of the client cert to the user table and what to do after that. Can someone offer a pointer or two? Thanks very much, Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Symfony newbie MVC best practices question
All, this was great help. Since this was my first Symfony project, I really wanted to try and learn some good habits. Thanks very much. -stan On Mon, Nov 1, 2010 at 5:07 PM, Gareth McCumskey wrote: > I can tell you now, your end users don't give two hoots HOW you do it, as > long as it works. The HOW is really for yourself and other developers. Best > practices are not only techniques to make end users lives easier (and to be > honest most best practices have little impact on the end user) but are there > to help keep things organised and maintaineable. > > That being said, you need to get a finished product out the door too. I'd > rather have hard to maintain code delivered on time than the worlds most > perfectly refactored and infinitely maintainable code delivered late. As > long as it works. You can perfect later. > > > On Mon, Nov 1, 2010 at 11:01 PM, Alex Pilon wrote: > >> Doing it how Gareth suggested would work too.. the way he has presented it >> indicates that whatever parameters for sorting the statuses essentially >> dictate a "data source" for what you are showing... however depending on >> requirements you might want to display the data differently, using grouping >> headings or something to show what issues go with what. >> >> On Mon, Nov 1, 2010 at 16:52, Gareth McCumskey wrote: >> >>> Personally I don't necessarily follow the idea of keeping all your >>> actions "RESTful". If you were building a rest API then sure, but sometimes >>> you need to get things done. >>> >>> That being said, this can still be done with a executeIndex action. Just >>> check within it for "group by" parameters: >>> >>> public function executeIndex (sfWebRequest $request) >>> { >>> if ($request->hasParameter('group_by') >>> { >>> $this->issues_to_display = IssuesPeer::getIssuesByStatus(); >>> } >>> else >>> { >>> $this->issues_to_display = IssuesPeer::getIssues(); >>> } >>> } >>> >>> I am being deliberately obvious here just to make the example clear. You >>> can pass criteria instead or any number of ways. >>> >>> >>> On Mon, Nov 1, 2010 at 10:35 PM, Stan McFarland wrote: >>> >>>> Hi all, hoping someone can offer some advice to a Symfony newbie. >>>> >>>> I have a issues table, with an attribute 'status_id' which links to a >>>> status table (an issue can have a status of new, open, closed, >>>> etc.)My customer wants to see a list of issues (easy - handled via >>>> the issue/executeIndex action) but they also want to see a list of >>>> issues grouped by status - in other words, a separate table of issues >>>> for each status type, all on one page. >>>> >>>> So I can think of several ways to do it: >>>> >>>> - add an action to the issues module called "indexByStatus" with a >>>> corresponding template; >>>> - change the index action on the status module; >>>> - add a new action to the status module. >>>> >>>> But what's the _right_ way? Someone told me that it was bad practice >>>> to add actions - that it violated the notion of RESTful interface. >>>> >>>> Any suggestions would be greatly appreciated. Thanks! >>>> >>>> -- >>>> If you want to report a vulnerability issue on symfony, please send it >>>> to security at symfony-project.com >>>> >>>> You received this message because you are subscribed to the Google >>>> Groups "symfony users" group. >>>> To post to this group, send email to symfony-users@googlegroups.com >>>> To unsubscribe from this group, send email to >>>> symfony-users+unsubscr...@googlegroups.com >>>> For more options, visit this group at >>>> http://groups.google.com/group/symfony-users?hl=en >>>> >>> >>> >>> >>> -- >>> Gareth McCumskey >>> http://garethmccumskey.blogspot.com >>> twitter: @garethmcc >>> >>> -- >>> If you want to report a vulnerability issue on symfony, please send it to >>> security at symfony-project.com >>> >>> You received this message because you are subscribed to the Google >>> Groups "symfony users" group. >>> To post to this group, send email to symfony-users@googlegroups.com >>> To u
[symfony-users] Symfony newbie MVC best practices question
Hi all, hoping someone can offer some advice to a Symfony newbie. I have a issues table, with an attribute 'status_id' which links to a status table (an issue can have a status of new, open, closed, etc.)My customer wants to see a list of issues (easy - handled via the issue/executeIndex action) but they also want to see a list of issues grouped by status - in other words, a separate table of issues for each status type, all on one page. So I can think of several ways to do it: - add an action to the issues module called "indexByStatus" with a corresponding template; - change the index action on the status module; - add a new action to the status module. But what's the _right_ way? Someone told me that it was bad practice to add actions - that it violated the notion of RESTful interface. Any suggestions would be greatly appreciated. Thanks! -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] many to many input question - best practice?
All, Symfony newbie here. I have the following basic schema (I'll try and be brief): Resource Action ResourceAction There's a M-M relationship between actions and resources.When a new action is added, the user wants to also add the resources associated with the action in the same form. The trick is that the ResourceAction table also has a description field, so the user needs to be able to select the resource and enter a description. First thing I tried was embedding the form multiple times, which worked great, except I can't figure out how to get around the referential integrity constraint. If I embed three ResourceAction forms, and the first two are completed but the third is blank, it still tries to insert the third form and throws an error. I tried working through a similar use case as described in http://www.symfony-project.org/more-with-symfony/1_4/en/06-Advanced-Forms, but I never could get it to work - I never could get the customized saveEmbeddedForms handler to fire if the fields were left blank. I'm sure I'm not the first person with this use case, so any best practices for implementation would sure be appreciated. Thanks, Stan -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en