Symfony2:无需密码即可编辑用户 [英] Symfony2: Edit user without having password

问题描述

在我的应用程序中，只有管理员用户可以创建和理论上编辑用户.到目前为止，只使用 Symfony 安全系统(没有 FOSUserBundle 管理——不需要它的复杂性)，创建具有不同角色的用户就可以了.完全逃避我的挑战是如何在不知道用户密码的情况下编辑用户.我不断遇到预期的验证错误

In my application, only the admin user can create and, theoretically, edit users. So far, using only the Symfony security system (no FOSUserBundle management - its complexity is not required), creating users with varying roles is just fine. The challenge that totally escapes me is how to edit a user without knowing the user's password. I keep running into the expected validation error

密码不能为空

.如何完成编辑?我肯定在这里遗漏了一些非常基本的东西.

. How can editing be accomplished? I'm surely missing something very fundamental here.

    public function editAction($id) {
        $em = $this->getDoctrine()->getManager();
        $user = $em->getRepository('ManaClientBundle:User')->find($id);
        $form = $this->createForm(new UserType(), $user);
        return array(
            'form' => $form->createView(),
            'user' => $user,
            'title' => 'Edit user',
            );
   }

更新操作:

   public function updateAction(Request $request, $id) {
        $em = $this->getDoctrine()->getManager();
        $user = $em->getRepository('ManaClientBundle:User')->find($id);
        $originalPassword = $user->getPassword();
        $form = $this->createForm(new UserType(), $user);
        $form->bind($request);
        if ($form->isValid()) {
            $plainPassword = $form->get('password')->getData();
            if (!empty($plainPassword))  {  
                //encode the password   
                $encoder = $this->container->get('security.encoder_factory')->getEncoder($entity); //get encoder for hashing pwd later
                $tempPassword = $encoder->encodePassword($entity->getPassword(), $entity->getSalt()); 
                $user->setPassword($tempPassword);                
            }
            else {
                $user->setPassword($originalPassword);
            }
            $em->persist($user);
            $em->flush();
            return $this->redirect($this->generateUrl('user_main', array()));
        }        

用户表单:

public function buildForm(FormBuilderInterface $builder, array $options) {
    $builder
            ->add('enabled', 'choice', array(
                'choices' => array('Yes' => 'Yes', 'No' => 'No'),
                'expanded' => true,
                'multiple' => false,
                'label' => 'Enabled: ',
            ))
            ->add('fname')
            ->add('sname')
            ->add('email')
            ->add('username')
            ->add('password', 'repeated', array(
                'type' => 'password',
                'invalid_message' => 'Password fields do not match',
                'first_options' => array('label' => 'Password'),
                'second_options' => array('label' => 'Repeat Password'),
            ))
            ->add('role', 'choice', array(
                'choices' => array('ROLE_USER' => 'User', 'ROLE_ADMIN' => 'Admin'),
                'expanded' => true,
                'multiple' => false,
                'label' => 'Group: ',
            ))
    ;
}

推荐答案

直到我看到一个更优雅的解决方案，这是我想出的:

Until I see a more elegant solution, here's what I came up with:

1. 创建一个包含除密码字段以外的所有字段的 UserEditType 表单类
2. 将 UserEditType 分配给 Default 以外的验证组
3. 为 2 中的验证组配置密码长度约束.
4. 修改编辑和更新操作以使用 UserEditType

现在无需密码即可编辑用户！

And now users can be edited without having the password!

class UserEditType extends AbstractType {
    public function buildForm(FormBuilderInterface $builder, array $options) {
        $builder
                ->add('enabled', 'choice', array(
                    'choices' => array('Yes' => 'Yes', 'No' => 'No'),
                    'expanded' => true,
                    'multiple' => false,
                    'label' => 'Enabled: ',
                ))
                ->add('fname')
                ->add('sname')
                ->add('email')
                ->add('username')
                ->add('role', 'choice', array(
                    'choices' => array('ROLE_USER' => 'User', 'ROLE_ADMIN' => 'Admin'),
                    'expanded' => true,
                    'multiple' => false,
                    'label' => 'Group: ',
                ))
        ;
    }

    public function setDefaultOptions(OptionsResolverInterface $resolver) {
        $resolver->setDefaults(array(
            'data_class' => 'Mana\ClientBundle\Entity\User',
            'validation_groups' => array('edit'),
        ));
    }

用户实体中的密码:

 * @ORM\Column(name="userpass", type="string", length=100, nullable=false)
 * @Assert\NotBlank(message="Password may not be empty")
 * @Assert\Length(
 *      min = "5",
 *      max = "12",
 *      minMessage = "Password must be at least 5 characters long",
 *      maxMessage = "Password cannot be longer than than 12 characters",
 *      groups = {"Default"}
 * )

更新操作:

public function updateAction(Request $request, $id) {
    $em = $this->getDoctrine()->getManager();
    $user = $em->getRepository('ManaClientBundle:User')->find($id);

    $form = $this->createForm(new UserEditType(), $user);
    $form->bind($request);
    if ($form->isValid()) {
        $em->persist($user);
        $em->flush();
        return $this->redirect($this->generateUrl('user_main', array()));
    }
    return array(
        'form' => $form->createView(),
        'user' => $user,
        'title' => 'Edit user',
    );
}

这篇关于Symfony2:无需密码即可编辑用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！