Sonata – Install UserBundle

Install Sonata user

Installation

Install FOS

# composer require friendsofsymfony/user-bundle --no-update

Enable the bundle

# composer require sonata-project/user-bundle --no-update
# composer require sonata-project/doctrine-orm-admin-bundle --no-update # optional
# composer update

Then add in app/AppKernel.php

<?php
// app/AppKernel.php

public function registerbundles()
{
    return array(
        // ...
        // extend the ``FOSUserBundle``
        new FOS\UserBundle\FOSUserBundle(),
        new Sonata\UserBundle\SonataUserBundle('FOSUserBundle'),
    );
}

Enable preventing normal user to change settings of super-admin users

Add :

# app/config/config.yml

sonata_user:
    security_acl: true
    manager_type: orm # can be orm or mongodb

sonata_block:
    blocks:
        #...
        sonata.user.block.menu:    # used to display the menu in profile pages
        sonata.user.block.account: # used to display menu option (login option)
# app/config/security.yml
security:
    # [...]
    acl:
        connection: default

Doctrine configuration

Add :

# app/config/config.yml

fos_user:
    db_driver:      orm # can be orm or odm
    firewall_name:  main
    user_class:     Application\Sonata\UserBundle\Entity\User


    group:
        group_class:   Application\Sonata\UserBundle\Entity\Group
        group_manager: sonata.user.orm.group_manager                    # If you're using doctrine orm (use sonata.user.mongodb.user_manager for mongodb)

    service:
        user_manager: sonata.user.orm.user_manager                      # If you're using doctrine orm (use sonata.user.mongodb.group_manager for mongodb)

doctrine:
    dbal:
        types:
            json: Sonata\Doctrine\Types\JsonType

And let auto_mapping enable

Update routing.yml with :

sonata_user_security:
    resource: '@SonataUserBundle/Resources/config/routing/sonata_security_1.xml'

sonata_user_resetting:
    resource: '@SonataUserBundle/Resources/config/routing/sonata_resetting_1.xml'
    prefix: /resetting

sonata_user_profile:
    resource: '@SonataUserBundle/Resources/config/routing/sonata_profile_1.xml'
    prefix: /profile

sonata_user_register:
    resource: '@SonataUserBundle/Resources/config/routing/sonata_registration_1.xml'
    prefix: /register

sonata_user_change_password:
    resource: '@SonataUserBundle/Resources/config/routing/sonata_change_password_1.xml'
    prefix: /profile

Security:

Add security routing information in routing.yml:

sonata_user:
    resource: '@SonataUserBundle/Resources/config/routing/admin_security.xml'
    prefix: /admin

Then, add in security.yml:

security:
    role_hierarchy:
        ROLE_ADMIN:       [ROLE_USER, ROLE_SONATA_ADMIN]
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
        SONATA:
            - ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT  # if you are using acl then this line must be commented

    providers:
        fos_userbundle:
            id: fos_user.user_manager

    encoders:
        Application\Sonata\UserBundle\Entity\User: plaintext

    firewalls:
        # Disabling the security for the web debug toolbar, the profiler and Assetic.
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        # -> custom firewall for the admin area of the URL
        admin:
            pattern:            /admin(.*)
            context:            user
            form_login:
                provider:       fos_userbundle
                login_path:     /admin/login
                use_forward:    false
                check_path:     /admin/login_check
                failure_path:   null
            logout:
                path:           /admin/logout
            anonymous:          true

        # -> end custom configuration

        # default login area for standard users

        # This firewall is used to handle the public login area
        # This part is handled by the FOS User Bundle
        main:
            pattern:             .*
            context:             user
            form_login:
                provider:       fos_userbundle
                login_path:     /login
                use_forward:    false
                check_path:     /login_check
                failure_path:   null
            logout:             true
            anonymous:          true

Define 3 new access control rules in security.yml:

security:
    access_control:
        # URL of FOSUserBundle which need to be available to anonymous users
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }

        # Admin login page needs to be access without credential
        - { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }

        # Secured part of the site
        # This config requires being logged for the whole site and having the admin role for the admin part.
        # Change these rules to adapt them to your needs
        - { path: ^/admin/, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN] }
        - { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

Generate the correct entities:

# php app/console doctrine:schema:update --force

execute it maybe two times if you get an error.

Then execute:

# php app/console sonata:easy-extends:generate SonataUserBundle -d src

Now add the new application Bundle into the kernel:

<?php
// AppKernel.php

class AppKernel {
    public function registerbundles()
    {
        return array(
            // Application Bundles
            // ...
            new Application\Sonata\UserBundle\ApplicationSonataUserBundle(),
            // ...

        )
    }
}

Finally create the super-admin user:

First update db :

# php app/console doctrine:schema:update --force

Then, create an user :

# php app/console fos:user:create admin you@example.com --super-admin

 

Raphaël has written 45 articles

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>