There is another thing that would be cool that have IDE support for, and
that are annotations. Eclipse PDT has already autocompletion for the "@var"
annotation, but maybe that is extensible to include all annotations such as
@Route, @Template, @Secure, etc.
Another thing that might be helpful, but
ced and did not adversely affect annotations
> from other projects.
>
>/**
> * @IgnoreAnnotation("fn")
> * @fn loginAction
> *
> */
>
> Thank you for your help,
>
> Roger
>
> On May 23, 10:17 am, Johannes Schmitt wrote:
Put an @IgnoreAnnotation("fn") in the doc comment of the class where this
annotation is used.
Johannes
On Mon, May 23, 2011 at 5:05 PM, Roger Webb wrote:
> Hey Everyone,
>
> I'm using Doxygen for my documentation generation. I updated to Beta2
> and fixed all of the Doctrine annotations as de
The ACL system supports batch loading ACLs (up to 30 in two queries).
Kind regards,
Johannes
On Tue, May 3, 2011 at 3:49 PM, Gediminas Morkevicius <
gediminas.morkevic...@gmail.com> wrote:
> Your posts can have an author id, which can be mapped to all permissions,
> same as groups this user bel
d like to be sure if there's a technical reason to not update
> the $granting property of an ACE.
>
>
> Thanks!
>
> Best regards.
>
> 2011/4/8 Johannes Schmitt
>
>> It would be nice if you can provide a failing test case in
>> MutableAclProviderTest,
It would be nice if you can provide a failing test case in
MutableAclProviderTest, otherwise just create a ticket, and I'll take a look
at it.
Johannes
On Fri, Apr 8, 2011 at 9:43 PM, Gustavo Adrian
wrote:
> MySQL logs show:
>
> 2940 Query START TRANSACTION
> 2940 Query UPDATE acl_entries SET a
This command is broken in PR10, but if you didn't change any of the table
names, you can copy/paste the required SQL from
Symfony/Component/Security/Acl/Resources/schema/.
Johannes
On Fri, Apr 8, 2011 at 12:49 AM, Malc wrote:
> Hello,
>
> I have a problem with the installation of the acl (Symf
Your idea is sound except for the behavior of the
PermissionGrantingStrategy. If you take a closer look, you'll see that the
first applicable ACE will make the ultimate decision for the permission
bitmask. Only if you check for more than one mask, the loop will continue.
Also see the documentation
$securityContext->isGranted('CREATE', new FieldVote($oid, 'field'));
On Mon, Apr 4, 2011 at 8:19 PM, Gustavo Adrian
wrote:
> Hi all,
>
> If we want to check a class permission / object permission like CREATE, we
> would do:
>
> if ($securityContext->isGranted('CREATE', $objectIdentity) {
> //
Why is accessing a service from an entity a bad practice? The only problem
here is the PHP language, the design pattern itself is fine imo.
Kind regards,
Johannes
On Mon, Apr 4, 2011 at 6:35 PM, Christophe COEVOET wrote:
> Le 04/04/2011 17:37, Chris a écrit :
>
>> Hey everyone,
>>
>> I know th
When you delete entries, I'd recommend that you iterate from back to front
"for ($i=count($aces)-1; $i>=0; $i--) { /* ... */ }" since deleting an entry
will change all indices of the following entries.
One of the principles of the ACL system is that each domain object instance
has exactly one ACL
Can you explain a bit what you want to do?
On Tue, Mar 29, 2011 at 4:17 PM, badllama77 wrote:
> I am guessing there is no easy solution?
>
> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you
I had written a JS route implementation for symfony 1.4 which should work
with minor modifications for Symfony2.
If it helps someone, the code is here (and it's actually unit-tested :)):
https://gist.github.com/3d39cf593ceb1ea63713
See the tests for how to use it.
Kind regards,
Johannes
On Mon
1, and then every child of BusinessUnit 1 would inherit from
>>>> it. So, for this case, I'd create an ACL for BusinessUnit 1, create all the
>>>> ACEs I want in it (in this case, an ALLOW rule for the VIEW class-scope
>>>> permission for the "Article&qu
1) Yes, granting specifies whether the entry is granting (true) or denying
(false). Depending on the order of ACL entries, and the SIDs to which the
ACEs have been assigned, this can be used to implement scenarios like "grant
access to all users, but for this specific user deny access".
2) The ind
, I didn't know that :P. Which would be the right way to inject the
> request service on our own services? Should we use a Compiler pass?
>
>
>
> Thanks for clarifying this. I thought this was the right solution.
>
> Best regards.
>
> On Thu, Mar 17, 2011 at 11:54 AM, Joh
That's because there is no documentation on these features yet; they are
very advanced, and most users won't need them, so they have no priority atm.
While the "fix" that Gustavo posted virtually disables all scope sanity
checks, it should be avoided at all cost; you'll only create problems for
yo
On first sight, this looks like a bug. Could it be that you added a custom
scope?
Kind regards,
Johannes
On Wed, Mar 16, 2011 at 10:16 PM, Gustavo Adrian <
comfortablynum...@gmail.com> wrote:
> Hi all,
>
> I'm having some issues with service scoping. I'll try to describe my
> situation the best
rA
> and userE
> In the friends group of userD there are userB and the same for userE.
>
> In this case, the userB would have the roles "userA_friends",
> "userC_friends", "userD_friends" and "userE_friends".
> When the userB has 100 friend
other option
> is how FOS user bundle does, wich is merge group roles and user roles.
>
> On 13 mar, 23:46, Johannes Schmitt wrote:
> > You're right, this is a bit more complex, yet possible.
> >
> > You can use one role for each blacklist (ROLE_BLACKLISTED_$userId)
the photo. Also, in the
> future the user can add (or remove) users from this group.
>
> My requirements are similar to those of an operating system for the
> management of users and permissions.
>
>
> On 13 mar, 20:55, Johannes Schmitt wrote:
> > If you mean something l
If you mean something like "$securityContext->isGranted('ROLE_EDITOR',
$post)", that wouldn't invoke the ACL system.
Kind regards,
Johannes
On Sun, Mar 13, 2011 at 7:30 PM, stof wrote:
> On Sun, 13 Mar 2011 18:50:44 +0100, Johannes Schmitt
>
> wrote:
&g
e some doubts.
> When you say that a group assign a set of roles, what roles are
> available? One role for each group?
> Perhaps I'm not understanding very well how the roles works...
> Would you kindly tell me an example?
>
> Thank you
>
>
> On 12 mar, 09:02, Johanne
We have made a change in the way how passwords are hashed. Therefore, your
sha1 hash will be different for the same password; you simply need to rehash
your real password and put the new hash in the configuration.
Kind regards,
Johannes
On Sat, Mar 12, 2011 at 8:11 PM, olimination wrote:
> Hell
little
> slower. Perhaps I am Mistaken symfony manager about how the roles.
>
> What do you think?
>
> My idea is to make this work with mysql so that would be quick.
>
> Thank you
>
> On 10 mar, 11:18, Johannes Schmitt wrote:
> > Technically, you can use the UserSec
Whatever you're trying to do, this is certainly the wrong way.
If you need remember-me, turn on the remember-me setting in the
configuration. If you still need to do something upon a successful login,
use a custom authentication success handler.
Kind regards,
Johannes
On Fri, Mar 11, 2011 at 4:
Don't you like the built-in security for some reason? :)
Kind regards,
Johannes
On Fri, Mar 11, 2011 at 1:15 AM, Michael wrote:
> I have created my own login form, once submitting it call an Ajax
> (controller) action that execute a login function from a service I
> wrote. The service gets an
Technically, you can use the UserSecurityIdentity for that, but I think a
better approach would be to use roles.
Kind regards,
Johannes
On Thu, Mar 10, 2011 at 10:28 AM, Alvaro Garcia wrote:
> Hi!
> ACL in Symfony 2 is wonderful but I can't find how to manage groups.
> In my app I haver users
There is an open PR for that, see https://github.com/symfony/symfony/pull/98
I'm not sure if ornicar has time, but if you like to take this on, that
would be appreciated.
Kind regards,
Johannes
On Fri, Mar 4, 2011 at 10:55 PM, Francis Besset wrote:
> Hi all,
> I created my failure_handler serv
Yes, but it's not easy. You'd have to write your own security voter.
Kind regards,
Johannes
On 3/1/11, Roger Webb wrote:
> I couldn't find anything in the "Authorization" section of the
> documentation covering this.
>
> Is there a way to restrict access to a pattern by forcing a user to
> have
What is a "security event" for you?
Kind regards,
Johannes
On Fri, Feb 11, 2011 at 8:14 AM, Manfred Dohmen wrote:
> Thanks Leon, but the question relates more to how to hook into
> Symfony2 in order to observe security events (and then having them
> logged).
>
> --
> If you want to report a vul
Note that there is no such concept like Object, or ObjectCollection routes
in Symfony2. So, the routing systems are not functionally equivalent.
Kind regards,
Johannes
On Wed, Feb 9, 2011 at 12:56 PM, Yelena Bunina wrote:
> Oh I forgot to tell that we use APC :)
>
>
> On Wed, Feb 9, 2011 at 2:
As I said, this is a bad idea nonetheless...
It might be working now, but it will only cause you problems further down
the road. It's better to go with the proper solution I mentioned before.
Kind regards,
Johannes
On Mon, Feb 7, 2011 at 10:05 PM, phil0 wrote:
> Ok, what I've done now is:
>
>
You can write your own security voter to do this. There is no documentation
on this yet as it is quite advanced, but you can use the built-in security
voters as a starting point; overriding SecurityContext->vote() is a bad
idea...
Kind regards,
Johannes
On Mon, Feb 7, 2011 at 7:05 PM, phil0 wro
34 matches
Mail list logo