Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>So after a couple of days trying to find a viable solution and contributing to the Symfony2 user mailing list, I finally found it. The following has been derived from the discussion at <a href="https://groups.google.com/d/topic/symfony2/NDBb4JN3mNc/discussion" rel="noreferrer">https://groups.google.com/d/topic/symfony2/NDBb4JN3mNc/discussion</a></p> <p>It turns out that there's an interface <code>Symfony\Component\Security\Core\User\EquatableInterface</code> that is not intended for comparing object identity but precisely to </p> <blockquote> <p>test if two objects are equal in security and re-authentication context</p> </blockquote> <p>Implement that interface in your user class (the one already implementing <code>UserInterface</code>). Implement the only required method <code>isEqualTo(UserInterface $user)</code> so that it returns false if the current user's roles differ from those of the passed user.</p> <p><strong>Note: The User object is serialized in the session. Because of the way serialization works, make sure to store the roles in a field of your user object, and do not retrieve them directly in the <code>getRoles()</code> Method, otherwise all of that won't work!</strong></p> <p>Here's an example of how the specific methods might look like:</p> <pre><code>protected $roles = null; public function getRoles() { if ($this-&gt;roles == null) { $this-&gt;roles = ...; // Retrieve the fresh list of roles // from wherever they are stored here } return $this-&gt;roles; } public function isEqualTo(UserInterface $user) { if ($user instanceof YourUserClass) { // Check that the roles are the same, in any order $isEqual = count($this-&gt;getRoles()) == count($user-&gt;getRoles()); if ($isEqual) { foreach($this-&gt;getRoles() as $role) { $isEqual = $isEqual &amp;&amp; in_array($role, $user-&gt;getRoles()); } } return $isEqual; } return false; } </code></pre> <p>Also, note that when the roles actually change and you reload the page, the profiler toolbar might tell you that your user is not authenticated. Plus, looking into the profiler, you might find that the roles didn't actually get refreshed.</p> <p>I found out that the role refreshing actually <em>does</em> work. It's just that if no authorization constraints are hit (no <code>@Secure</code> annotations, no required roles in the firewall etc.), the refreshing is not actually done and the user is kept in the "unauthenticated" state.</p> <p>As soon as you hit a page that performs any kind of authorization check, the user roles are being refreshed and the profiler toolbar displays the user with a green dot and "Authenticated: yes" again.</p> <p>That's an acceptable behavior for me - hope it was helpful :)</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload