Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit63be099

Browse files
committed
Merge remote-tracking branch 'origin/2.3' into 2.3
2 parents6364741 +46671ce commit63be099

28 files changed

+243
-172
lines changed

‎book/security.rst

Lines changed: 1 addition & 119 deletions
Original file line numberDiff line numberDiff line change
@@ -1830,125 +1830,6 @@ method of the security context::
18301830
A firewall must be active or an exception will be thrown when the ``isGranted``
18311831
method is called. See the note above about templates for more details.
18321832

1833-
Impersonating a User
1834-
--------------------
1835-
1836-
Sometimes, it's useful to be able to switch from one user to another without
1837-
having to log out and log in again (for instance when you are debugging or trying
1838-
to understand a bug a user sees that you can't reproduce). This can be easily
1839-
done by activating the ``switch_user`` firewall listener:
1840-
1841-
..configuration-block::
1842-
1843-
..code-block::yaml
1844-
1845-
# app/config/security.yml
1846-
security:
1847-
firewalls:
1848-
main:
1849-
# ...
1850-
switch_user:true
1851-
1852-
..code-block::xml
1853-
1854-
<!-- app/config/security.xml-->
1855-
<config>
1856-
<firewall>
1857-
<!-- ...-->
1858-
<switch-user />
1859-
</firewall>
1860-
</config>
1861-
1862-
..code-block::php
1863-
1864-
// app/config/security.php
1865-
$container->loadFromExtension('security', array(
1866-
'firewalls' => array(
1867-
'main'=> array(
1868-
// ...
1869-
'switch_user' => true
1870-
),
1871-
),
1872-
));
1873-
1874-
To switch to another user, just add a query string with the ``_switch_user``
1875-
parameter and the username as the value to the current URL:
1876-
1877-
..code-block::text
1878-
1879-
http://example.com/somewhere?_switch_user=thomas
1880-
1881-
To switch back to the original user, use the special ``_exit`` username:
1882-
1883-
..code-block::text
1884-
1885-
http://example.com/somewhere?_switch_user=_exit
1886-
1887-
During impersonation, the user is provided with a special role called
1888-
``ROLE_PREVIOUS_ADMIN``. In a template, for instance, this role can be used
1889-
to show a link to exit impersonation:
1890-
1891-
..configuration-block::
1892-
1893-
..code-block::html+jinja
1894-
1895-
{% if is_granted('ROLE_PREVIOUS_ADMIN') %}
1896-
<a href="{{ path('homepage', {'_switch_user': '_exit'}) }}">Exit impersonation</a>
1897-
{% endif %}
1898-
1899-
..code-block::html+php
1900-
1901-
<?php if ($view['security']->isGranted('ROLE_PREVIOUS_ADMIN')): ?>
1902-
<a
1903-
href="<?php echo $view['router']->generate('homepage', array(
1904-
'_switch_user' => '_exit',
1905-
) ?>"
1906-
>
1907-
Exit impersonation
1908-
</a>
1909-
<?php endif; ?>
1910-
1911-
Of course, this feature needs to be made available to a small group of users.
1912-
By default, access is restricted to users having the ``ROLE_ALLOWED_TO_SWITCH``
1913-
role. The name of this role can be modified via the ``role`` setting. For
1914-
extra security, you can also change the query parameter name via the ``parameter``
1915-
setting:
1916-
1917-
..configuration-block::
1918-
1919-
..code-block::yaml
1920-
1921-
# app/config/security.yml
1922-
security:
1923-
firewalls:
1924-
main:
1925-
# ...
1926-
switch_user:{ role: ROLE_ADMIN, parameter: _want_to_be_this_user }
1927-
1928-
..code-block::xml
1929-
1930-
<!-- app/config/security.xml-->
1931-
<config>
1932-
<firewall>
1933-
<!-- ...-->
1934-
<switch-userrole="ROLE_ADMIN"parameter="_want_to_be_this_user" />
1935-
</firewall>
1936-
</config>
1937-
1938-
..code-block::php
1939-
1940-
// app/config/security.php
1941-
$container->loadFromExtension('security', array(
1942-
'firewalls' => array(
1943-
'main'=> array(
1944-
// ...
1945-
'switch_user' => array(
1946-
'role' => 'ROLE_ADMIN',
1947-
'parameter' => '_want_to_be_this_user',
1948-
),
1949-
),
1950-
),
1951-
));
19521833

19531834
Stateless Authentication
19541835
------------------------
@@ -2073,6 +1954,7 @@ Learn more from the Cookbook
20731954
----------------------------
20741955

20751956
*:doc:`Forcing HTTP/HTTPS</cookbook/security/force_https>`
1957+
*:doc:`Impersonating a User</cookbook/security/impersonating_user>`
20761958
*:doc:`Blacklist users by IP address with a custom voter</cookbook/security/voters>`
20771959
*:doc:`Access Control Lists (ACLs)</cookbook/security/acl>`
20781960
*:doc:`/cookbook/security/remember_me`

‎cookbook/doctrine/custom_dql_functions.rst

Lines changed: 24 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -17,17 +17,14 @@ In Symfony, you can register your custom DQL functions as follows:
1717
doctrine:
1818
orm:
1919
# ...
20-
entity_managers:
21-
default:
22-
# ...
23-
dql:
24-
string_functions:
25-
test_string:Acme\HelloBundle\DQL\StringFunction
26-
second_string:Acme\HelloBundle\DQL\SecondStringFunction
27-
numeric_functions:
28-
test_numeric:Acme\HelloBundle\DQL\NumericFunction
29-
datetime_functions:
30-
test_datetime:Acme\HelloBundle\DQL\DatetimeFunction
20+
dql:
21+
string_functions:
22+
test_string:Acme\HelloBundle\DQL\StringFunction
23+
second_string:Acme\HelloBundle\DQL\SecondStringFunction
24+
numeric_functions:
25+
test_numeric:Acme\HelloBundle\DQL\NumericFunction
26+
datetime_functions:
27+
test_datetime:Acme\HelloBundle\DQL\DatetimeFunction
3128
3229
..code-block::xml
3330
@@ -41,15 +38,12 @@ In Symfony, you can register your custom DQL functions as follows:
4138
<doctrine:config>
4239
<doctrine:orm>
4340
<!-- ...-->
44-
<doctrine:entity-managername="default">
45-
<!-- ...-->
46-
<doctrine:dql>
47-
<doctrine:string-functionname="test_string>Acme\HelloBundle\DQL\StringFunction</doctrine:string-function>
48-
<doctrine:string-function name="second_string>Acme\HelloBundle\DQL\SecondStringFunction</doctrine:string-function>
49-
<doctrine:numeric-functionname="test_numeric>Acme\HelloBundle\DQL\NumericFunction</doctrine:numeric-function>
50-
<doctrine:datetime-function name="test_datetime>Acme\HelloBundle\DQL\DatetimeFunction</doctrine:datetime-function>
51-
</doctrine:dql>
52-
</doctrine:entity-manager>
41+
<doctrine:dql>
42+
<doctrine:string-functionname="test_string>Acme\HelloBundle\DQL\StringFunction</doctrine:string-function>
43+
<doctrine:string-function name="second_string>Acme\HelloBundle\DQL\SecondStringFunction</doctrine:string-function>
44+
<doctrine:numeric-functionname="test_numeric>Acme\HelloBundle\DQL\NumericFunction</doctrine:numeric-function>
45+
<doctrine:datetime-function name="test_datetime>Acme\HelloBundle\DQL\DatetimeFunction</doctrine:datetime-function>
46+
</doctrine:dql>
5347
</doctrine:orm>
5448
</doctrine:config>
5549
</container>
@@ -60,23 +54,16 @@ In Symfony, you can register your custom DQL functions as follows:
6054
$container->loadFromExtension('doctrine', array(
6155
'orm' => array(
6256
// ...
63-
64-
'entity_managers' => array(
65-
'default' => array(
66-
// ...
67-
68-
'dql' => array(
69-
'string_functions' => array(
70-
'test_string' => 'Acme\HelloBundle\DQL\StringFunction',
71-
'second_string' => 'Acme\HelloBundle\DQL\SecondStringFunction',
72-
),
73-
'numeric_functions' => array(
74-
'test_numeric' => 'Acme\HelloBundle\DQL\NumericFunction',
75-
),
76-
'datetime_functions' => array(
77-
'test_datetime' => 'Acme\HelloBundle\DQL\DatetimeFunction',
78-
),
79-
),
57+
'dql' => array(
58+
'string_functions' => array(
59+
'test_string' => 'Acme\HelloBundle\DQL\StringFunction',
60+
'second_string' => 'Acme\HelloBundle\DQL\SecondStringFunction',
61+
),
62+
'numeric_functions' => array(
63+
'test_numeric' => 'Acme\HelloBundle\DQL\NumericFunction',
64+
),
65+
'datetime_functions' => array(
66+
'test_datetime' => 'Acme\HelloBundle\DQL\DatetimeFunction',
8067
),
8168
),
8269
),

‎cookbook/map.rst.inc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,7 @@
124124

125125
* :doc:`/cookbook/security/entity_provider`
126126
* :doc:`/cookbook/security/remember_me`
127+
* :doc:`/cookbook/security/impersonating_user`
127128
* :doc:`/cookbook/security/voters`
128129
* :doc:`/cookbook/security/acl`
129130
* :doc:`/cookbook/security/acl_advanced`
Lines changed: 136 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,136 @@
1+
..index::
2+
single: Security; Impersonating User
3+
4+
How to Impersonate a User
5+
=========================
6+
7+
Sometimes, it's useful to be able to switch from one user to another without
8+
having to log out and log in again (for instance when you are debugging or trying
9+
to understand a bug a user sees that you can't reproduce). This can be easily
10+
done by activating the ``switch_user`` firewall listener:
11+
12+
..configuration-block::
13+
14+
..code-block::yaml
15+
16+
# app/config/security.yml
17+
security:
18+
firewalls:
19+
main:
20+
# ...
21+
switch_user:true
22+
23+
..code-block::xml
24+
25+
<!-- app/config/security.xml-->
26+
<?xml version="1.0" encoding="UTF-8"?>
27+
<srv:containerxmlns="http://symfony.com/schema/dic/security"
28+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
29+
xmlns:srv="http://symfony.com/schema/dic/services"
30+
xsi:schemaLocation="http://symfony.com/schema/dic/services
31+
http://symfony.com/schema/dic/services/services-1.0.xsd">
32+
<config>
33+
<firewall>
34+
<!-- ...-->
35+
<switch-user />
36+
</firewall>
37+
</config>
38+
</srv:container>
39+
40+
..code-block::php
41+
42+
// app/config/security.php
43+
$container->loadFromExtension('security', array(
44+
'firewalls' => array(
45+
'main'=> array(
46+
// ...
47+
'switch_user' => true
48+
),
49+
),
50+
));
51+
52+
To switch to another user, just add a query string with the ``_switch_user``
53+
parameter and the username as the value to the current URL:
54+
55+
..code-block::text
56+
57+
http://example.com/somewhere?_switch_user=thomas
58+
59+
To switch back to the original user, use the special ``_exit`` username:
60+
61+
..code-block::text
62+
63+
http://example.com/somewhere?_switch_user=_exit
64+
65+
During impersonation, the user is provided with a special role called
66+
``ROLE_PREVIOUS_ADMIN``. In a template, for instance, this role can be used
67+
to show a link to exit impersonation:
68+
69+
..configuration-block::
70+
71+
..code-block::html+jinja
72+
73+
{% if is_granted('ROLE_PREVIOUS_ADMIN') %}
74+
<a href="{{ path('homepage', {'_switch_user': '_exit'}) }}">Exit impersonation</a>
75+
{% endif %}
76+
77+
..code-block::html+php
78+
79+
<?php if ($view['security']->isGranted('ROLE_PREVIOUS_ADMIN')): ?>
80+
<a
81+
href="<?php echo $view['router']->generate('homepage', array(
82+
'_switch_user' => '_exit',
83+
) ?>"
84+
>
85+
Exit impersonation
86+
</a>
87+
<?php endif; ?>
88+
89+
Of course, this feature needs to be made available to a small group of users.
90+
By default, access is restricted to users having the ``ROLE_ALLOWED_TO_SWITCH``
91+
role. The name of this role can be modified via the ``role`` setting. For
92+
extra security, you can also change the query parameter name via the ``parameter``
93+
setting:
94+
95+
..configuration-block::
96+
97+
..code-block::yaml
98+
99+
# app/config/security.yml
100+
security:
101+
firewalls:
102+
main:
103+
# ...
104+
switch_user:{ role: ROLE_ADMIN, parameter: _want_to_be_this_user }
105+
106+
..code-block::xml
107+
108+
<!-- app/config/security.xml-->
109+
<?xml version="1.0" encoding="UTF-8"?>
110+
<srv:containerxmlns="http://symfony.com/schema/dic/security"
111+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
112+
xmlns:srv="http://symfony.com/schema/dic/services"
113+
xsi:schemaLocation="http://symfony.com/schema/dic/services
114+
http://symfony.com/schema/dic/services/services-1.0.xsd">
115+
<config>
116+
<firewall>
117+
<!-- ...-->
118+
<switch-userrole="ROLE_ADMIN"parameter="_want_to_be_this_user" />
119+
</firewall>
120+
</config>
121+
</srv:container>
122+
123+
..code-block::php
124+
125+
// app/config/security.php
126+
$container->loadFromExtension('security', array(
127+
'firewalls' => array(
128+
'main'=> array(
129+
// ...
130+
'switch_user' => array(
131+
'role' => 'ROLE_ADMIN',
132+
'parameter' => '_want_to_be_this_user',
133+
),
134+
),
135+
),
136+
));

‎cookbook/security/index.rst

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ Security
66

77
entity_provider
88
remember_me
9+
impersonating_user
910
voters
1011
acl
1112
acl_advanced

‎reference/forms/types/birthday.rst

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@ option defaults to 120 years ago to the current year.
3030
|| - `format`_|
3131
|| - `model_timezone`_|
3232
|| - `view_timezone`_|
33+
|| - `data`_|
3334
|| - `invalid_message`_|
3435
|| - `invalid_message_parameters`_|
3536
|| - `read_only`_|
@@ -76,6 +77,8 @@ These options inherit from the :doc:`date </reference/forms/types/date>` type:
7677

7778
These options inherit from the:doc:`form</reference/forms/types/form>` type:
7879

80+
..include::/reference/forms/types/options/data.rst.inc
81+
7982
..include::/reference/forms/types/options/invalid_message.rst.inc
8083

8184
..include::/reference/forms/types/options/invalid_message_parameters.rst.inc

‎reference/forms/types/checkbox.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ not affect the value that's set on your object.
5050

5151
..caution::
5252

53-
To make a checkbox checked by default,use the `data`_ option.
53+
To make a checkbox checked by default,set the `data`_ option to ``true``.
5454

5555
Inherited options
5656
-----------------

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp