8000 [#2765] WIP Tweaks to changes made to entity provider entry · symfony/symfony-docs@7a37651 · GitHub
[go: up one dir, main page]
Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 7a37651

Browse files
weaverryanweaverryan
committed
[#2765] WIP Tweaks to changes made to entity provider entry
1 parent 1d00f06 commit 7a37651

File tree

1 file changed

+31
-20
lines changed

1 file changed

+31
-20
lines changed

cookbook/security/entity_provider.rst

Lines changed: 31 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,15 @@ To make it shorter, the getter and setter methods for each have been removed to
4040
focus on the most important methods that come from the
4141
:class:`Symfony\\Component\\Security\\Core\\User\\UserInterface`.
4242

43+
.. tip::
44+
45+
You can :ref:`generate the missing getter and setters<book-doctrine-generating-getters-and-setters>`
46+
by running:
47+
48+
.. code-block:: bash
49+
50+
$ php app/console doctrine:generate:entities Acme/UserBundle/Entity/User
51+
4352
.. code-block:: php
4453
4554
// src/Acme/UserBundle/Entity/User.php
@@ -154,6 +163,15 @@ focus on the most important methods that come from the
154163
}
155164
}
156165
166+
.. tip::
167+
168+
:ref:`Generate the database table<book-doctrine-creating-the-database-tables-schema>`
169+
for your ``User`` entity by running:
170+
171+
.. code-block:: bash
172+
173+
$ php app/console doctrine:schema:update --force
174+
157175
In order to use an instance of the ``AcmeUserBundle:User`` class in the Symfony
158176
security layer, the entity class must implement the
159177
:class:`Symfony\\Component\\Security\\Core\\User\\UserInterface`. This
@@ -197,15 +215,9 @@ For more details on each of these, see :class:`Symfony\\Component\\Security\\Cor
197215
because the :method:`Symfony\\Bridge\\Doctrine\\Security\\User\\EntityUserProvider::refreshUser`
198216
method reloads the user on each request by using the ``id``.
199217

200-
.. tip::
201-
202-
To generate missing setters and getters for your ``User`` entity, you
203-
can use ``php app/console doctrine:generate:entities Acme/UserBundle/Entity/User``.
204-
For more details, see Doctrine's :ref:`book-doctrine-generating-getters-and-setters`.
205-
206-
Below is an export of my ``User`` table from MySQL with user `admin`
207-
and password `admin`. For details on how to create user records and
208-
encode their password, see :ref:`book-security-encoding-user-password`.
218+
Below is an export of the ``User`` table from MySQL with user ``admin`` and
219+
password ``admin`` (which has been encoded). For details on how to create
220+
user records and encode their password, see :ref:`book-security-encoding-user-password`.
209221

210222
.. code-block:: bash
211223
@@ -216,12 +228,6 @@ encode their password, see :ref:`book-security-encoding-user-password`.
216228
| 1 | admin | | d033e22ae348aeb5660fc2140aec35850c4da997 | admin@example.com | 1 |
217229
+----+----------+------+------------------------------------------+--------------------+-----------+
218230
219-
.. tip::
220-
221-
To generate database table from your ``User`` entity, you can run
222-
``php app/console doctrine:schema:update --force``.
223-
For mor details, see Doctrine's :ref:`book-doctrine-creating-the-database-tables-schema`.
224-
225231
The next part will focus on how to authenticate one of these users
226232
thanks to the Doctrine entity user provider and a couple of lines of
227233
configuration.
@@ -337,13 +343,15 @@ entity user provider to load User entity objects from the database by using
337343
the ``username`` unique field. In other words, this tells Symfony how to
338344
fetch the user from the database before checking the password validity.
339345
340-
This code is not enough to secure the application for **active** users.
341-
The next section explains how to forbid non active users.
346+
Forbid Inactive Users
347+
---------------------
342348
343-
Forbid non Active Users
344-
-----------------------< 8000 /span>
349+
If a User's ``isActive`` property is set to ``false`` (i.e. ``is_active``
350+
is 0 in the database), the user will still be able to login access the site
351+
normally. To prevent "inactive" users from logging in, you'll need to do a
352+
little more work.
345353
346-
The easiest way to exclude non active users is to implement the
354+
The easiest way to exclude inactive users is to implement the
347355
:class:`Symfony\\Component\\Security\\Core\\User\\AdvancedUserInterface`
348356
interface that takes care of checking the user's account status.
349357
The :class:`Symfony\\Component\\Security\\Core\\User\\AdvancedUserInterface`
@@ -396,6 +404,9 @@ For this example, the first three methods will return ``true`` whereas the
396404
}
397405
}
398406
407+
Now, if you try to authenticate as a user who's ``is_active`` database field
408+
is set to 0, you won't be allowed.
409+
399410
The next session will focus on how to write a custom entity provider
400411
to authenticate a user with his username or his email address.
401412

0 commit comments

Comments
 (0)
0