fosuserbundle

I'm using Symfony 2.1 for a project. I use the FOSUserBundle for managing users & SonataAdminBundle for administration usage. I have some questions about that: As an admin, I want to set roles from users in users edit form. How can I have access to roles in role_hierarchy ? And how can I use them as choice fields so the admin can set roles to users? When I show roles in a list, it is shown as string like this: [0 => ROLE_SUPER_ADMIN] [1 => ROLE_USER] How can I change it to this? ROLE_SUPER_ADMIN, ROLE_USER I mean, having just the value of the array. Romain Bruckert Based on the answer of

I wanted to inject the current user into an Entity Listener but I ran into an ServiceCircularReferenceException . I know there are other questions dealing with this issue, and one mentioned solution was to inject the entire service_container into the listener, which didn't work. I then stumbled accross a seemingly duplicate question , where the provided accepted answer was to implement a UserCallable. But this again yields in the exact same exception. Could it be that it is due to my dependency of the FOSUserBUndle? How can I fix this? The exception: [Symfony\Component\DependencyInjection

I want to add an address and telephone number using FOSUserBundle. How can I add a Custom fields, with FOSuserBundle, to have a profile that contains address and telephone number.... Create an own user bundle and in the MyCompanyUserBundle.php you set public function getParent(){ return 'FOSUserBundle'; } Then in your new UserBundle you create a User entity and let it extend from the base user of the FOS user bundle: use FOS\UserBundle\Model\User as BaseUser; use Doctrine\ORM\Mapping as ORM; /** * @ORM\Entity * @ORM\Table(name="user") */ class User extends BaseUser { public function __toString

I need to apply a purchased template to our dashboard. In this template, the login , register and forgot password forms are all under the same view, and switching between them using simple JQuery. I have been looking for a nice, not-too-flashy way of combining all three forms into one, but I came up empty. My standing options (as I see them), and why I don't like any of them: Take the views from the fos bundle, copy them to /app/Resources/FOSUserBundle/views/ , remove the {% extend %} part and {% include %} them in my own login view. Reason for dislike: to me this looks a little like a quick-n

Whenever I edit a user's role, the user needs to logout and log back in to see the changes. There's no problem when promoting a user as they just won't see the extra permissions until signing in again. However, when a demotion was to occur, a user will still keep its existing role which impose security risks. Imagine revoking admin user on a rogue employee, and still have them be able to do anything (eg. sabotaging the system) until they log out! Is it possible to invalidate all sessions or tokens that are related to a specific user? If there is another way to dynamically update the roles of a

I have a symfony 2.8 app, with fosuserbundle implemented. In the dev environment, the registration confirm mails are sent, but not in the prod environment. There is no log message and the smpt configuration is correct. sf version: 2.8.1 swiftmailer-bundle version: current (compatible with sf version; 2.* in composer json) fosuserbundle: 1.3.5 ( * in composer) dev-config: imports: - { resource: config.yml } framework: router: resource: "%kernel.root_dir%/config/routing_dev.yml" #strict_requirements: true profiler: { only_exceptions: true } web_profiler: toolbar: true intercept_redirects: true

I have simple login page and security set up like this: firewalls: main: pattern: ^/ form_login: provider: fos_userbundle csrf_provider: form.csrf_provider use_referer: true always_use_default_target_path: true default_target_path: / logout: true anonymous: true access_control: - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, role: ROLE_ADMIN } And in my base.html.twig file I have {% stylesheets '@BrStgCcBundle/Resources/public/css/bootstrap.css' %} <link

I'd like to disallow access to /login and /register if a client's IP address has been banned. The (black-) list of banned IPs is stored in the database. How can I solve this? Since symfony 2.4 you can use the Expression Language Component in your config-files. Now implementing a simple IP check is easy: create a service (i.e. access_manager ) with a method (i.e. getBannedIPs() ) that fetches the list of banned IPs from your storage layer Add an expression to your security configuration that compares the returned array against the client's IP address That's it. example # app/config/security.yml

I'm trying to implement single sign on access to a website using Symfony2. The authentication itself seems to work fine, but only for the initial page. On the next page that is loaded the user is not logged in anymore. Relevant code: $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles()); $event = new InteractiveLoginEvent($request, $token); $this->get("event_dispatcher")->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $event); $this->get("security.context")->setToken($token); return $this->redirect($this->generateUrl('sonata_user_profile_show')); First page (without the