> Now i was wondering while i impersonate a user is there a easy way to > find out in twig that i am doing so? > e.g. to generat an _exit link ?
You should be able to use this to check:
{% if has_role('ROLE_PREVIOUS_ADMIN') %}
The ROLE_PREVIOUS_ADMIN is assigned to users that are impersonating others, which you can see in the Security panel of the Symfony Profiler by the way :)
> > Now i was wondering while i impersonate a user is there a easy way to
> > find out in twig that i am doing so?
> > e.g. to generat an _exit link ?
> You should be able to use this to check:
> {% if has_role('ROLE_PREVIOUS_ADMIN') %}
> The ROLE_PREVIOUS_ADMIN is assigned to users that are impersonating
> others, which you can see in the Security panel of the Symfony Profiler
> by the way :)
Now I was working on this same thing, but I noticed that the ROLE_PREVIOUS_ADMIN gets lost.
I changed the config_dev.yml to intercept redirects (intercept_redirects: true). Whenever I go to a valid url and add '?_switch_user=<username here>' it wants to redirect me to the same page. At this point the user HAS the role ROLE_PREVIOUS_ADMIN. When I follow the redirect and check the user again (using the web profiler toolbar) this role is gone all of a sudden.
After spending about 6 hours debugging ROLE_PREVIOUS_ADMIN getting lost after redirect, I finally figured out what *MY *problem was. Tom maybe this will help you out. I am not sure which one of this triggered the fix for me but I had to do the following to my User Entity and UserRepository files:
1. User entity implements Serializable ( I created this entity before the docs where ready and I was using public function __sleep() I found on google to handle this. ) 2. User entity public function equals(UserInterface $user) only validates return $this->id == $user->getId(); ( Before I was validating a bunch of others including $this->credentialsNonExpired !== $user->isCredentialsNonExpired()) 3. My User Repository now implements UserProviderInterface
Again I am not sure which change triggered the fix, but it now works for me.
On Friday, August 10, 2012 8:40:02 AM UTC-4, Tom Maaswinkel wrote:
Now I was working on this same thing, but I noticed that the
> I changed the config_dev.yml to intercept redirects (intercept_redirects: > true). Whenever I go to a valid url and add '?_switch_user=<username here>' > it wants to redirect me to the same page. At this point the user HAS the > role ROLE_PREVIOUS_ADMIN. When I follow the redirect and check the user > again (using the web profiler toolbar) this role is gone all of a sudden.
Thanks for your reply, I finally fixed it myself too. It seems that when
you unserialize a user, you also need to (re)store its username. So it is
wise not only to serialize the user's ID, but also its username!
Met vriendelijke groet / Yours sincerely,
Tom Maaswinkel
> After spending about 6 hours debugging ROLE_PREVIOUS_ADMIN getting lost
> after redirect, I finally figured out what *MY *problem was. Tom maybe
> this will help you out. I am not sure which one of this triggered the fix
> for me but I had to do the following to my User Entity and UserRepository
> files:
> 1. User entity implements Serializable ( I created this entity before
> the docs where ready and I was using public function __sleep() I found on
> google to handle this. )
> 2. User entity public function equals(UserInterface $user) only
> validates return $this->id == $user->getId(); ( Before I was validating a
> bunch of others including $this->credentialsNonExpired !==
> $user->isCredentialsNonExpired())
> 3. My User Repository now implements UserProviderInterface
> Again I am not sure which change triggered the fix, but it now works for
> me.
> On Friday, August 10, 2012 8:40:02 AM UTC-4, Tom Maaswinkel wrote:
> Now I was working on this same thing, but I noticed that the
>> ROLE_PREVIOUS_ADMIN gets lost.
>> I changed the config_dev.yml to intercept redirects (intercept_redirects:
>> true). Whenever I go to a valid url and add '?_switch_user=<username here>'
>> it wants to redirect me to the same page. At this point the user HAS the
>> role ROLE_PREVIOUS_ADMIN. When I follow the redirect and check the user
>> again (using the web profiler toolbar) this role is gone all of a sudden.
>> Anyone got any ideas here?
>> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
> You received this message because you are subscribed to the Google
> Groups "Symfony2" group.
> To post to this group, send email to symfony2@googlegroups.com
> To unsubscribe from this group, send email to
> symfony2+unsubscribe@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony2?hl=en
