[symfony-users] Re: sfGuard, securing and Templates
*Phil look on with interest and makes notes on how this all works* This is a geat help guys pitty i didnt ask the questions myself *mutters somthing about always rushing his work* The info was great think it helps all the issues i was goingto ask adrian on monday. On Jun 24, 7:33 am, Piers Warmers <[EMAIL PROTECTED]> wrote: > Hi, > > > If the user logs out (or if the session terminates), is it possible to > > redirect the user to the main page? > > You can set a success_signout_url configuration in the app.yml. More > info here: > > http://trac.symfony-project.com/wiki/sfGuardPluginFor10#CustomizesfGu... > > > Many many thanks for the assistance! > > No problem at all. > > - Piers > > On 24/06/2008, at 5:17 PM, Ady (WK) wrote: > > > > > > > Piers > > > Yes that helped a lot! > > > The indents were definitely an issue with the copy and paste. > > > Ok - my final bit for the time being... > > > I have the "booking" now working so the user needs to be logged in to > > continue on. > > > If the user logs out (or if the session terminates), is it possible to > > redirect the user to the main page? > > > I know these are basic questions, but it good to see them answered :-) > > > Many many thanks for the assistance! > > Ady- Hide quoted text - > > - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: sfGuard, securing and Templates
Hi, > If the user logs out (or if the session terminates), is it possible to > redirect the user to the main page? You can set a success_signout_url configuration in the app.yml. More info here: http://trac.symfony-project.com/wiki/sfGuardPluginFor10#CustomizesfGuardAuthredirecthandling > Many many thanks for the assistance! No problem at all. - Piers On 24/06/2008, at 5:17 PM, Ady (WK) wrote: > > Piers > > Yes that helped a lot! > > The indents were definitely an issue with the copy and paste. > > Ok - my final bit for the time being... > > I have the "booking" now working so the user needs to be logged in to > continue on. > > If the user logs out (or if the session terminates), is it possible to > redirect the user to the main page? > > I know these are basic questions, but it good to see them answered :-) > > Many many thanks for the assistance! > Ady > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: sfGuard, securing and Templates
Piers Yes that helped a lot! The indents were definitely an issue with the copy and paste. Ok - my final bit for the time being... I have the "booking" now working so the user needs to be logged in to continue on. If the user logs out (or if the session terminates), is it possible to redirect the user to the main page? I know these are basic questions, but it good to see them answered :-) Many many thanks for the assistance! Ady --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: sfGuard, securing and Templates
Yeah, It can be confusing - a few of tips: 1 ) Check out what credentials your current user has by using the dev panel. You'll need to be using your application in dev mode ( something like backend_dev.php ) and then look in: vars & config > Settings > credentials that should give you a list of credentials. Mine looks like: > credentials: > - > - Content_Create_Edit > - Content_Delete > - Content_Browse > - Content_Edit_Navigation > - Content_Copy_Paste > - Content_Add_To_Publish_Queue > - Content_Publish Make sure the items in that list correspond to what your trying to configure in security.yml 2 ) Also make sure you understand the AND / OR syntax: http://www.symfony-project.org/book/1_0/06-Inside-the-Controller-Layer#Complex%20Credentials > delete: > is_secure: on > credentials: [Can_Delete_Own, can_delete_any, admin] taking this as an example - you're user will need to have - Can_Delete_Own AND can_delete_any AND admin credentials to get access to that action. if you had double [[...]] it would be OR. For example: > delete: > is_secure: on > credentials: [[Can_Delete_Own, can_delete_any, admin]] 3 ) Make sure your indentation is correct. Not sure if its just the email, but there should be two spaces of indentation for is_secure and credentials, the example sent through only had one. As I said, that might just be a copy / paste thing. Hope that helps. On 24/06/2008, at 4:37 PM, Ady (WK) wrote: > > Thanks Piers! That helped a lot. > > OK, now to go on from that to the credentials... > > I have created 'permissions' that say can_book, can_delete and so on > in the sfGuardPermission table. > > I have then created groups staff and student in sfGuardGroup with the > relevant permissions > > The problem is that when I do: > > delete: > is_secure: on > credentials: [Can_Delete_Own, can_delete_any, admin] > > create: > is_secure: on > credentials: [Can_Book, admin] > > all: > is_secure: off > > it says I do not have the correct credentials... > > hmmm > > This is the 1st time I have done this, so on the steep learning curve. > > Ady > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: sfGuard, securing and Templates
Thanks Piers! That helped a lot. OK, now to go on from that to the credentials... I have created 'permissions' that say can_book, can_delete and so on in the sfGuardPermission table. I have then created groups staff and student in sfGuardGroup with the relevant permissions The problem is that when I do: delete: is_secure: on credentials: [Can_Delete_Own, can_delete_any, admin] create: is_secure: on credentials: [Can_Book, admin] all: is_secure: off it says I do not have the correct credentials... hmmm This is the 1st time I have done this, so on the steep learning curve. Ady --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: sfGuard, securing and Templates
Hi Adrian, 1 ) Try something like: of if you want a more "aware" link: isAuthenticated()) ? link_to(__("logout"), "@sf_guard_signout"): link_to(__("login"), "@sf_guard_signin"); ?> 2 ) Try not to think of it in terms of authenticating a group. It all relates back to a single permission/credential. So the groups Blog_Editor and Content_Editor might both have the permission/credential Can_Delete_Files - and it's that part you're actually checking. So in your modules security.yml you might have something like: delete: is_secure: on credentials: [Can_Delete_Files] all: is_secure: on credentials: [Is_A_Special_User] 3 ) By default, a module should be open/public. Even if sfGuard is installed. But if you need to explicitly turn security off: is_secure: off That should do the trick :) - Piers On 24/06/2008, at 11:16 AM, Gould, Adrian wrote: > > Good morning everyone > > Just want a few pointers on how to do the following. > > 1) Add a link to the sfGuard login on an application template > > 2) Secure selected modules of an application based upon user group > > 3) Allow "main" module to be accessible to everyone > > All assistance would be appreciated. > > Adrian > > --- > Adrian Gould > Lecturer in IT / Network Engineering / Multimedia > Business Finance & Computing [Midland Campus] > Swan TAFE > PO BOX 1336, Midland WA 6936 > > Phone: (08) 9267 > eMail: [EMAIL PROTECTED] > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---