Programming SfGuard plugin in Symfony

Symfony web development
This article is like a lesson for those learning Symfony Framework. We hope that this article will help you in your web development with Symfony. We will describe one of the ways to work with SfDoctrineGuard at Symfony 1.4. For Propel ORM is very similar. To complete the task you need to have a basic understanding of Symfony.
Next lines are for those of you who have read at least part of the documentation of Symfony Framework and you have experienced the problems using SfDoctrineGuard plugin. We used the word “problem”, because the documentation for this plugin is absolutely not complete for the users. That is the motive for writing this article.
Here is a short explanation of the plugin. SfDoctrineGuard is a wonderful plugin with a good login system for controlling the users of your website with different levels of protection. But this plugin has no registration for users and that’s why we need another plugin.
Here is a simple description of what we are going to introduce you in this article:

– Installing the SfDoctrineGuard in the frontend of your application

– Installing and configuring SfDoctrineForkedApply plugin

– Administration of the plugins based on your needs

Lets start with installation of SfDoctrineGuard. You can find the plugin here or you can search at Symfony web site for the latest version. After the download unzip the package inside folder /plugins/ in your Symfony website project. Please find /config/ProjectConfiguration.class.php
Symfony Programming
in your project and add next few lines of code:

class ProjectConfiguration extends sfProjectConfiguration {
   public function setup() {
      $this->enablePlugins(array('sfDoctrinePlugin','sfDoctrineGuardPlugin'));
   }
}

Write the following commands at CMD.
ATTENTION: To be valid next commands need to be in the folder of the project, for example: C:xampphtdocssfprojects (your project)

php symfony doctrine:build --all --and-load

Symfony Programming commands

The line above is building your model of the database with the tables of the plugin. At this way SfDoctrineGuard is creating all the necessary classes for work in your application.
apps/frontend/config/settings.yml
Symfony web development commands

Find:

all:
  .settings:
  enabled_modules:

and change to:

all:
  .settings:
  enabled_modules: [default, sfGuardAuth]

Find the line .action: at the same file and add:

.actions:
  login_module: login
  login_action: index
  secure_module: login
  secure_action: index

After that clean the cache at CMD with the command:

symfony cc

symfony - building web site commands
– Find the class myUser.class.php inside apps/frontend/lib/
Symfony console commands
and change:

class myUser extends sfGuardSecurityUser {
}

Final step is to enter at security.yml in the apps/frontend/config/security.yml
Symfony web development
and change:

default:
  is_secure: true

In this case the “frontend” of the website is locked for not registered users. Now we have secured your web application, but even we can’t access it. If we want to change that we need to create a user with SuperAdministrator credentials, write at CMD:

php symfony guard:create-user [email protected] Username YourPassword

Symfony web programming
After the creation of the user you can give him rights as s Super Administrator with next command:

php symfony guard:promote Username

symfony guard promote username
And we are finished with SfGuard for now. It is time to install SfDoctrineForkApply plugin. With this plugin we can build new users. The plugin is giving wide range of options for configurations based on your needs. In the registration form you can add capcha, registration will happen with email verification. The user can change their password and edit their profile. Lets start with the installation:
– Download the plugin from here sfForkedDoctrineApplyPlugin/1_3_3 or find the latest version.
– unzip inside the folder of your project /plugins/.
– after that add at config/ProjectConfiguration.class.php
Symfony config file
– You must allow the use of the additive and the class must have the following form:

class ProjectConfiguration extends sfProjectConfiguration {
   public function setup() {
      $this->enablePlugins(array('sfDoctrinePlugin','sfDoctrineGuardPlugin','sfForkedDoctrineApplyPlugin',));
   }
}

Open the CMD again and write the following commands:

Php symfony doctrine:generate-migrations-diff

symfony doctrine generate migration diff

symfony doctrine:migrate

symfony doctrine migrate

php symfony doctrine:build --all --and-load

symfony build all command
With the last line reset your database again. Create again user and make him super administrator. Above we described how to do that. Now we can open apps/frontend/config/settings.yml
Symfony website development
and add:

all:
  .settings:
  enabled_modules: [default, sfGuardAuth]

add sfApply

enabled_modules: [default, sfGuardAuth, sfApply]

Add next line too:

I18n: true

Go to /config/security.yml and change:

default:
  is_secure: true

to

default:
  is_secure: false

With this command we remove the global security, but later in this tutorial you will see how to secure only a separate modules in your website. Now we have to activate the email authentication:
– go to /plugins/sfDoctrineForkedApplyPlugin/config/app.yml
Symfony - development of websites
open app.yml and find the following lines:

confirmation:
  reset: true
  apply: true
  email: true
  reset_logged: false

make a changes:

confirmation:
  reset: false
  apply: false
  email: false
  reset_logged: false

Now, we can create new users!
– go to /apps/frontend/templates/layout.php and:
echo $sf_content;
add

include_component('sfApply', 'login');

With this line we have your login status. If you have registered already you will see your data and links for edit and change of password, if you are not registered, you will see registration form.
ATTENTION: This line can be added everywhere in your project, but when it is at the layout.php the login status is accessible from everywhere.
Now we will create a new module that later we will make secure. At CMD write:

php symfony generate:module frontend login

Symfony - website building
Now we have an empty module where we can put our login part from our plugin.
Go to action.class.php at this module find the function

public function executeIndex(sfWebRequest $request) { }

remove the content from this function. After that go to /config/settings.yml and add the parameters of the new module

.actions:
  login_module: login
  login_action: index

In this case if at the routing.yml there is routing leading to the first page of the secure module, we will be redirected to the index of the login module. After successful registration the page you wanted to visit will load. To see how exactly it is working and how you can protect separate pages of your website from a module, we will create a test module.
Go to CMD and write:

symfony generate:module frontend test

Symfony - website programming
First thing we do is to go at the action.class.php and remove the content of the executeIndex function as we did before. After that we create new folder “config” in the module. We create a file called security.yml in the config folder. In the beginning we put in this file:

default:
  is_secure: true

If we want to see how the routing is working we have to go to /config/routing.yml of the project and publish only index from the “test” module. It is visible only for the registered users.

homepage:
  url: /
  param: { module: test, action: index }

It is good if you put some text at login/index and test/index to understand how everything is working. Later we will describe the levels of security when we create the “backend” application. Now we will talk about one very important question: “How to change the form for registration for our needs” ? After the installation of the “sfDoctrineForkedApply”, the info for the users is kept at table “sf_guard_user_profile”. To add new fields you have to go to
/plugins/sfForkedDoctrineApplyPlugin/config/doctrine/schema.yml.
Symfony - web programming
From here you can add or remove or edit the fields of the table. Don’t forget to load the changes with:

symfony doctrine:build --all --and-load

symfony build all
Keep in mind that if you use this command everything at the database will be deleted. You have to create again super administrator user. If you are not familiar with the symfony forms we highly recommend you to read:
Day 10: The Forms
Symfony Forms
You can change your forms from here: /plugins/sfForkedDoctrineApplyPlugin/lib/ forms. Here you can find all the forms you need for this plugin. It is necessary to put some widgets and validators based on your needs and based on the fields you insert at your table in the database. With a little practice everything will happen. About the visible part of the forms you have to go to:
/plugins/sfForkedDoctrineApply/modules/templates/
_loginPromt.php is showing the forms for input.
_logoutPrompt.php is showing the output after you login with your username and password.
_settingsSuccess.php is showing the forms for changing of user data.
_resetLogged.php is showing the forms for changing password of the user after the login.
We are talking about these four files, because they are fundamental in our web development, after that you will learn how to change other elements based on your needs. A small thing that we need to know when we use this function:

<?php include_component('sfApply', 'login') ?>

If you put incorrect data as “username” and “password” the system redirects you to the main template of SfDoctrineGuard. To avoid showing of two forms for login we have to go to:
/plugin/sfDoctrineGuardPlugin/modules/templates/_singin_form.php
web programming
In the beginning of the file we write:

slot('sf_apply_login')
end_slot()

In this way we deactivate the forms for login from sfForkedApply and after the system redirects you because of incorrect data, we will see loading only one form. This code you can use at the pages where it is not necessary to check the status of the user (if he is logged in or not). Now you have all the necessary elements to protects modules at the “frontend” of your system.
Last part of the lesson is for how to administrate the users, groups, and credentials in “sfGuard” at the “backend” of your website. In the beginning you have to know how to build the “backend”
After you create the backend and you know the main elements go to: /backand/config/settings.yml In the part for permitted modules add:

all:
  .settings:
  enabled_modules: [default,sfGuardGroup, sfGuardUser, sfGuardPermission]

After that go to /backend/templates/layout.php add the following lines:

echo link_to('Users', 'sf_guard_user');
echo link_to('Permissions', 'sf_guard_permission');
echo link_to('Groups', 'sf_guard_group');

In this way you can create permission and groups and you can control the access of the users to different modules, pages and event elements of a page. Also you have access to the database table with the users. The security on a page or module with credentials is very easy. After creating the group of users you give the ‘title’ for each user who has access with certain permission. After that in the “frontend” in the file “security.yml” on each module you protect you add something like this, depending on the module:

all:
  is_secure: true
  new:
    is_secure: true
    credentials: [users]
  edit:
    is_secure: true
    credentials: [[creator ,administrator ]]
  delete:
    is_secure: true
    credentials: [[creator ,administrator ]]

These lines are just for example, how you can individually disable or enable access to a user group with credentials. If you want to add certain credentials to a user registration go to:
/plugins/sfForkedDoctrineApplyPlugin/lib/form/sfApplyForm.class.php
Symfony sfApply plugin
at the end of the file we have a function with name: public function doSave. If you create at “permission” for example credentials with name “user” add the following lines:

public function doSave($con = null) {
   .......
   $permission = new sfGuardUserPermission();
   $permission->setPermissionId('1');
   $permission->setUserId($user->getId());
   $permission->save();

   return parent::doSave($con);
}

In this way every new registered user will have credentials “user” and he can visit only the modules requiring the rights you have set. For more information please read the official documentation for SfDoctrineGuard and also Day 13: The User. In this article we tried to explain the fundamentals of the web development for working with SfDoctrineGuard plugin and sfForkedDoctrineApply plugin. Overall, they are insufficient, but I hope to help you understand more easy this difficult matter and help you in your web development for programming better websites and web application.

Leave a Reply

Your email address will not be published. Required fields are marked *