Symfony – Create a service – the right way

Always create service interface for your service. This way you will have better structured code and phpunit testing will be real pleasure.
Also use dependency injection for your repositories in the service.

Service Interface Example

interface UserServiceInterface{
  public function getUsername();
  public function viewAll();
}

Service Example

class UserService implements UserServiceInterface
{

  private $entityManager;
  private $userRepository;

  public function __construct(EntityManager $entityManager, UserRepository $userRepository)
  {
    $this->entityManager = $entityManager;
    $this->userRepository = $userRepository;
  }

  public function viewAll()
  {
    return $this->userRepository->findAll();
  }
}

Repository Example

class UserRepository extends \Doctrine\ORM\EntityRepository
{
  public function __construct(EntityManager $em, Mapping\ClassMetadata $metadata = null)
  {
    parent::__construct(
      $em,
      $metadata == null ?
      new Mapping\ClassMetadata(User::class) :
      $metadata
    );
  }
}

Symfony Security Authorization

There are several way to make authorization on your site with Symfony.
First is in your security.yml on the same level as firewalls tag:

access_control:
        - { path: ^/admin, roles: ROLE_USER }

This will block all users that don’t have ‘ROLE_USER’ to admin page.

Second option is to use Controller. Inside Method insert:

        if(!$this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')){
            throw $this->createAccessDeniedException('GET OUT!');
        }

Or like this:

$this->denyAccessUnlessGranted('ROLE_ADMIN');

This will deny access to all users that don’t have ‘ROLE_ADMIN’ to this method.

You can also use annotations:

/**
* @Security("is_granted('ROLE_ADMIN')")
*/

Annotations also work if you add them to the Class. So they will block all users that don’t have ‘ROLE_ADMIN’ to this class.

Continue reading “Symfony Security Authorization” »

Symfony Security Authentication

Create Entity named User

< ?php

namespace AppBundle\Entity;

use Symfony\Component\Security\Core\User\UserInterface;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Entity
 * @ORM\Table(name="user")
 */
class User implements UserInterface
{
    /**
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     * @ORM\Column(type="integer")
     */
    private $id;

    /**
     * @ORM\Column(type="string", unique=true)
     */
    private $email;

    /**
     * @ORM\Column(type="string")
     */
    private $password;

    private $plainPassword;

    public function getUsername()
    {
        return $this->email;
    }

    public function getRoles()
    {
        return ['ROLE_USER'];
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getSalt()
    {
    }

    public function eraseCredentials()
    {
        $this->plainPassword = null;
    }

    /**
     * @param mixed $email
     */
    public function setEmail($email)
    {
        $this->email = $email;
    }

    /**
     * @param mixed $password
     */
    public function setPassword($password)
    {
        $this->password = $password;
    }

    /**
     * @return mixed
     */
    public function getPlainPassword()
    {
        return $this->plainPassword;
    }

    /**
     * @param mixed $plainPassword
     */
    public function setPlainPassword($plainPassword)
    {
        $this->plainPassword = $plainPassword;
        //This should be here to set value for password to activate doctrine listeners
        $this->password = null;
    }



}

and generate migration:

#php bin/console doctrine:migrations:diff
#php bin/console doctrine:migrations:migrate

Continue reading “Symfony Security Authentication” »