Skip to content

uncompleted documentation cookbook/security/entity_provider.html #2756

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
10 of 11 tasks
gondo opened this issue Jun 22, 2013 · 9 comments
Closed
10 of 11 tasks

uncompleted documentation cookbook/security/entity_provider.html #2756

gondo opened this issue Jun 22, 2013 · 9 comments
Labels
actionable Clear and specific issues ready for anyone to take them. Doctrine Security

Comments

@gondo
Copy link
Contributor

gondo commented Jun 22, 2013

This tutorial needs more love. Here is a list of few things what i found confusing or incorrect:

  • 1. discrepancy in table names. table "acme_users" declared in user class, but table "user" referenced in select query select * from user;
  • 2. missing create table users description. (this can be guessed by putting together information from annotations from user class and provided output of select query, but why so complicated?)
  • 3. missing reference on how to generate passwords with salt (provided link gives vague general idea but does not give answer on how to create password what would be usable in presented example)
  • 4. some random, unexplained and possibly unrelated code: cleaning #2753
  • 5. you can still authenticate with maxime - this is confusing, as it is the first time that some maxime is mentioned. missing password for maxime and missing reference to when this authentification should be tried for the first time. also this would not work because user class is referencing UserRepository in annotation, but UserRepository was not yet defined. (it will be later in the tutorial)
  • 6. missing create table acme_groups declaration.
  • 7. Group should be renamed to Role to avoid unnecessary confusion, and it should be declared as class Role implements RoleInterface
  • 7. tutorial should mention how to generate missing setters/getters by php app/console doctrine:generate:entities Acme/UserBundle (this does it for both User and Group as per http://symfony.com/doc/current/book/doctrine.html#generating-getters-and-setters )
  • 8. missing at least 1 working example of user and password for testing (f.e.: u: 'admin', p: 'password', p-hash: 'd033e22ae348aeb5660fc2140aec35850c4da997', salt: '')
  • 9. missing at least 1 working example of role/group and user assignment to this role/group.
  • 10. missing explanation how is the user mapped to the role/group. this time not even select * from groups is provided

Question:

how should the user role be saved in the groups table?
this is my users table

id username salt password email is_active
1 admin d033e22ae348aeb5660fc2140aec35850c4da997 admin@admin.com 1

and this is my current groups table:

id name role
1 admin ROLE_ADMIN

but when i login as admin/admin (yes admin is the correct password) the user role on return is empty.

Answer

ok i've noticed that after running table doctrine:generate:entities there is one more table created what mapps user to the role.
This was referenced Jun 23, 2013
Closed
Closed
weaverryan pushed a commit that referenced this issue Jul 1, 2013
@gondo @weaverryan
Fixing Security Entity Provider tutorial
1d00f06 
for more info see #2756
@weaverryan
Copy link
Member

@gondo I know that you've fixed many of these issues in #2765, but I'm not sure which issues have been fixed and which have not. I've changed your original questions into checkmark boxes. Can you "check off" the items that have already been fixed? Then we can work through any remaining items.

Thanks!

@gondo
Copy link
Contributor Author

gondo commented Jul 1, 2013

hi, pretty much everything was addressed in my pull request. however:
3. - password generation - was not explained as it is not needed. i've provided working example and the new user can be generated by registration or extra code what is linked in the tutorial. the question is, if this is obvious at the point when the new user is reading this? i can understand how things work now, but i had to read much more to get to this point.
7. - Group vs Role - i've noticed that later in documentation you use Groups rather than Roles. i understand that this is more of a choice than convention, i think its wrong as i prefer role to be called Role (not Group). i've changed Group to Role in my pull request but this might break compatibility with later tutorial.
this is not necessary wrong, as Role/s are core classes in symfony, but it just inconsistance with the rest of the tutorials.

@weaverryan
Copy link
Member

@gondo

About 3, I do think that we should at least link to other places in the documentation that show you how you would actually create users. It does seem a little incomplete that you can set all of this up, but that without any data (users, roles) in the database, you can't really do anything.

About 7, which later tutorial are you talking about that mentions Group? I don't see anything else (but let me know), so I don't think this is an issue. I actually like your change from Group to Role. We do sometimes use "Group" in the Symfony world, but usually in those cases, a "Group" represents many roles, not just one role. You can see this idea, for example, in the FOSUserBundle. So, I liked your change to Role.

@gondo
Copy link
Contributor Author

gondo commented Jul 7, 2013

  1. agree, unfortunately i do not have time to get back to this
  2. you are absolutely right, the concept of groups seems to be used just in FOSUserBundle

@wouterj
Copy link
Member

wouterj commented Dec 4, 2013

So the only thing to fix now is (3).

@javiereguiluz
Copy link
Member

@gondo thanks for your great work improving this tutorial!

I have another suggestion. Some user asked on IRC what is or where is the User bundle that mentions the tutorial. Specifically, this is the phrase that should be improved:

This tutorial assumes there is a bootstrapped and loaded Acme\UserBundle bundle in the application kernel.

Something like this would be enough (obviously with a proper English wording):

For the sake of simplificty, this article assumes that you already have a bundle called UserBundle under the Acme namespace. Your application bundle name and location could of course vary.

@weaverryan
Copy link
Member

And there's another problem. It assumes you have a User entity. If you don't have that yet, it doesn't help you know how to create this. It does below say you can generate your getters/setters using php app/console doctrine:generate:entities Acme/UserBundle/Entity/User, which a user in IRC tried (thinking it would generate the User entity).

I think we need to actually guide people (not necessarily here, but point to other links) on how to create their bundle and generate the entity if they don't have one.

@wouterj wouterj removed the good first issue Ideal for your first contribution! (some Symfony experience may be required) label Dec 17, 2014
@javiereguiluz
Copy link
Member

This issue seems to have been solved in the merged #2765 PR. If that's true, should we close it?

@weaverryan weaverryan mentioned this issue Mar 15, 2015
Merged
@weaverryan
Copy link
Member

I'll close this - I've almost certainly checked off the last item with #5083

Thanks!

weaverryan added a commit that referenced this issue Mar 23, 2015
@weaverryan
feature #5083 Proofreading and updating entity_provider for readabili…
fa10f1c 
…ty (weaverryan)

This PR was merged into the 2.3 branch.

Discussion
----------

Proofreading and updating entity_provider for readability

| Q             | A
| ------------- | ---
| Doc fix?      | no
| New docs?     | no
| Applies to    | all
| Fixed tickets | #2756

Hi guys!

I wanted to close #2756, and when I started looking into things, there were a bunch of changes I wanted to make for readability. I think it's good, but of course, errors are likely :).

Thanks!

Commits
-------

0bb82c6 Fixing bad link name
7153f3b Many fixes thanks to stof, WouterJ, xabbuh and dupuchba
768f7cc Proofreading and updating entity_provider for readability
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
actionable Clear and specific issues ready for anyone to take them. Doctrine Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@javiereguiluz @weaverryan @gondo @wouterj