tags:

views:

31

answers:

2
Q: 

symfony sfGuardUser hasCrendential live after update

Hi, I'm using symfony 1.4 and the sfGuardDoctrinePlugin, I've got it installed and setup fine but I have the following problem:

If I login as an admin and update the permissions for a user, that user must logout then login again before having the newly added credential/permission.

Is there a way around this?

I'm not sure how easy this would be to fix. When a user logs in I think their credentials are added to their session attributes there and then. So when the admin updates their credentials their session still holds the old credentials. This means any call to hasCredential isn't "live".

Thanks

A: 

This would add extra queries to each and every request to your application. You could force update of the credentials by $user->getSfGuardUser()->refresh(true), which would reload the entity and all its relations (and thus its permissions).

bouke  2010-09-21 12:25:37
You could lessen the impact by only doing this on, say, one in every 10 page loads: if (1 == rand(1,10)) { $user->getSfGuardUser()->refresh(true); } This would cut down the impact significantly. The consequence would be a short delay between the credential change and the updated permissions, but there would be no need to log out.
lonesomeday  2010-09-21 17:07:55
A: 

Thanks for your answer, I've modified the processForm function of the sfGuardUser module's actions class.

If I login and change my own permissions, the session is updated there and then.

My problem is that if I edit the user permissions of another user, I would need to edit their session data. To solve this I enabled database sessions, so I now have sessions saving there instead of to file. So my next problem is how to isolate the session for the other user.

The sessions database has the following columns: sess_id, sess_data, sess_time.

sess_data is serialized and that is what I would need to update.

But I think symfony updates the session ids quite often and it would be hard to always isolate the correct session for the other user.

I think that it would also be slow to try and unserialize, check user_id then reserialize the data. I would need a user_id column I think.

Del1  2010-09-22 12:26:12

related questions

How to set different template layout for different modules in Symfony
Symfony 1.2: Error when adding/editing entry in admin module
custom 500 error page in symfony 1.1
Multiple database transaction
How to create a dynamic menu in Symfony
How to format an external URL in Symfony?
Encoding issue with symfony framework, using Postgres as the database
Symfony Propel criteria
How to deny foreign alphabets in utf-8 in PHP 5.x (symfony)?
Does moving to Symfony 1.1/1.2 make sense?
Is Symfony a better choice than Zend for a web development shop (10+) because it is a full stack framework?
Outer Join using Propel 1.2?
Using PHP variables in your CSS file in Symfony
Symfony Action Security - How to forward after successful authentication?
many-to-many lookup
Is there an OpenID 2.0 plugin for Symfony?
How to use MySQL functions in Propel
How do you check and see if a propel object has an i18n record?
PHP Framework Decision - Analysis paralysis!
Symfony app - how to add calculated fields to Propel objects?
What is the best free PHP framework working on shared hosting and why?
Which PHP-based CMS or framework has the best documentation?
MVC frameworks on hosted servers
How do I generate a friendly URL in Symfony PHP?
How to prevent session timeout in Symfony 1.0?