[symfony-users] Re: sfGuard, securing and Templates

2008-06-27 Thread Phil 

*Phil look on with interest  and makes notes on how this all works*

This is a geat help guys pitty i didnt ask the questions myself
*mutters somthing about always rushing his work*

The info was great think it helps all the issues i was goingto ask
adrian on monday.

On Jun 24, 7:33 am, Piers Warmers <[EMAIL PROTECTED]> wrote:
> Hi,
>
> > If the user logs out (or if the session terminates), is it possible to
> > redirect the user to the main page?
>
> You can set a success_signout_url configuration in the app.yml. More  
> info here:
>
> http://trac.symfony-project.com/wiki/sfGuardPluginFor10#CustomizesfGu...
>
> > Many many thanks for the assistance!
>
> No problem at all.
>
> - Piers
>
> On 24/06/2008, at 5:17 PM, Ady (WK) wrote:
>
>
>
>
>
> > Piers
>
> > Yes that helped a lot!
>
> > The indents were definitely an issue with the copy and paste.
>
> > Ok - my final bit for the time being...
>
> > I have the "booking" now working so the user needs to be logged in to
> > continue on.
>
> > If the user logs out (or if the session terminates), is it possible to
> > redirect the user to the main page?
>
> > I know these are basic questions, but it good to see them answered :-)
>
> > Many many thanks for the assistance!
> > Ady- Hide quoted text -
>
> - Show quoted text -
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---

[symfony-users] Re: sfGuard, securing and Templates

2008-06-24 Thread Piers Warmers 
Hi,

> If the user logs out (or if the session terminates), is it possible to
> redirect the user to the main page?


You can set a success_signout_url configuration in the app.yml. More  
info here:

http://trac.symfony-project.com/wiki/sfGuardPluginFor10#CustomizesfGuardAuthredirecthandling

> Many many thanks for the assistance!

No problem at all.

- Piers

On 24/06/2008, at 5:17 PM, Ady (WK) wrote:

>
> Piers
>
> Yes that helped a lot!
>
> The indents were definitely an issue with the copy and paste.
>
> Ok - my final bit for the time being...
>
> I have the "booking" now working so the user needs to be logged in to
> continue on.
>
> If the user logs out (or if the session terminates), is it possible to
> redirect the user to the main page?
>
> I know these are basic questions, but it good to see them answered :-)
>
> Many many thanks for the assistance!
> Ady
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---

[symfony-users] Re: sfGuard, securing and Templates

2008-06-24 Thread Ady (WK) 

Piers

Yes that helped a lot!

The indents were definitely an issue with the copy and paste.

Ok - my final bit for the time being...

I have the "booking" now working so the user needs to be logged in to
continue on.

If the user logs out (or if the session terminates), is it possible to
redirect the user to the main page?

I know these are basic questions, but it good to see them answered :-)

Many many thanks for the assistance!
Ady

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---

[symfony-users] Re: sfGuard, securing and Templates

2008-06-23 Thread Piers Warmers 

Yeah,  It can be confusing - a few of tips:

1 ) Check out what credentials your current user has by using the dev  
panel.

You'll need to be using your application in dev mode ( something like  
backend_dev.php ) and then look in:

vars & config > Settings > credentials

that should give you a list of credentials.

Mine looks like:

> credentials:
>   -
> - Content_Create_Edit
> - Content_Delete
> - Content_Browse
> - Content_Edit_Navigation
> - Content_Copy_Paste
> - Content_Add_To_Publish_Queue
> - Content_Publish

Make sure the items in that list correspond to what your trying to  
configure in security.yml

2 ) Also make sure you understand the AND / OR syntax:

http://www.symfony-project.org/book/1_0/06-Inside-the-Controller-Layer#Complex%20Credentials

> delete:
>  is_secure:   on
>  credentials: [Can_Delete_Own, can_delete_any, admin]


taking this as an example - you're user will need to have -  
Can_Delete_Own AND can_delete_any AND admin credentials to get access  
to that action.

if you had double [[...]]  it would be OR.

For example:

> delete:
>   is_secure:   on
>   credentials: [[Can_Delete_Own, can_delete_any, admin]]


3 ) Make sure your indentation is correct.

Not sure if its just the email, but there should be two spaces of  
indentation for is_secure and credentials, the example sent through  
only had one.

As I said, that might just be a copy / paste thing.

Hope that helps.


On 24/06/2008, at 4:37 PM, Ady (WK) wrote:

>
> Thanks Piers! That helped a lot.
>
> OK, now to go on from that to the credentials...
>
> I have created 'permissions' that say can_book, can_delete and so on
> in the sfGuardPermission table.
>
> I have then created groups staff and student in sfGuardGroup with the
> relevant permissions
>
> The problem is that when I do:
>
> delete:
>  is_secure:   on
>  credentials: [Can_Delete_Own, can_delete_any, admin]
>
> create:
>  is_secure:   on
>  credentials: [Can_Book, admin]
>
> all:
>  is_secure:   off
>
> it says I do not have the correct credentials...
>
> hmmm
>
> This is the 1st time I have done this, so on the steep learning curve.
>
> Ady
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---

[symfony-users] Re: sfGuard, securing and Templates

2008-06-23 Thread Ady (WK) 

Thanks Piers! That helped a lot.

OK, now to go on from that to the credentials...

I have created 'permissions' that say can_book, can_delete and so on
in the sfGuardPermission table.

I have then created groups staff and student in sfGuardGroup with the
relevant permissions

The problem is that when I do:

delete:
  is_secure:   on
  credentials: [Can_Delete_Own, can_delete_any, admin]

create:
  is_secure:   on
  credentials: [Can_Book, admin]

all:
  is_secure:   off

it says I do not have the correct credentials...

hmmm

This is the 1st time I have done this, so on the steep learning curve.

Ady

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---

[symfony-users] Re: sfGuard, securing and Templates

2008-06-23 Thread Piers Warmers 

Hi Adrian,

1 ) Try something like:



of if you want a more "aware" link:

isAuthenticated()) ? link_to(__("logout"),  
"@sf_guard_signout"): link_to(__("login"), "@sf_guard_signin"); ?>

2 ) Try not to think of it in terms of authenticating a group. It all  
relates back to a single permission/credential.

So the groups Blog_Editor and Content_Editor might both have the  
permission/credential Can_Delete_Files - and it's that part you're  
actually checking.

So in your modules security.yml you might have something like:

delete:
   is_secure:   on
   credentials: [Can_Delete_Files]

all:
   is_secure:   on
   credentials: [Is_A_Special_User]

3 ) By default, a module should be open/public. Even if sfGuard is  
installed. But if you need to explicitly turn security off:

   is_secure:   off

That should do the trick :)

- Piers



On 24/06/2008, at 11:16 AM, Gould, Adrian wrote:

>
> Good morning everyone
>
> Just want a few pointers on how to do the following.
>
> 1) Add a link to the sfGuard login on an application template
>
> 2) Secure selected modules of an application based upon user group
>
> 3) Allow "main" module to be accessible to everyone
>
> All assistance would be appreciated.
>
> Adrian
>
> ---
> Adrian Gould
> Lecturer in IT / Network Engineering / Multimedia
> Business Finance & Computing [Midland Campus]
> Swan TAFE
> PO BOX 1336, Midland WA 6936
>
> Phone: (08) 9267 
> eMail: [EMAIL PROTECTED]
>
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---