这个方法用它来添加一个新工作但是当我添加一个作业时,当前用户的密码将其密码设置为空cus我检索的用户对象没有密码 symfony的行为就像是为了保护密码,任何帮助都会非常感激 `public function addJobAction(){
if(false === $this->get('security.context')
->isGranted('ROLE_ANNOUNCER')
)
{
throw new AccessDeniedException();
}
$job = new Job() ;
$jobForm = $this->createForm( new JobType() ,$job) ;
$request = $this->getRequest();
if( $request->getMethod() == 'GET'){
return
$this->render('MyJobBundle:Job:addJob.html.twig' ,
array('form'=> $jobForm->createView() )
) ;
}
if( $request->getMethod() == 'POST'){
$jobForm->bindRequest($request);
if( $jobForm->isValid() ){
$user = $this->get('security.context')->getToken()
->getUser();
$job->setAnnouncer($user);
$em = $this->getDoctrine()->getEntityManager();
$em->persist($job) ;
$em->flush() ;
return
$this->redirect($this->generateUrl('show_job' ,
array('id'=> $job->getId() ) )
);
}else{
return
new Response('no');
}
}
}
继承我的工作实体
namespace My\JobBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use My\UserBundle\Entity\User ;
use Symfony\Component\Validator\Constraints as Assert;
/**
* My\JobBundle\Entity\Job
*
* @ORM\Table()
* @ORM\Entity(repositoryClass="My\JobBundle\Entity\JobRepository")
*/
class Job
{
/**
* @var integer $id
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string $title
*
*
* @ORM\Column(name="title", type="string", length=255)
*/
private $title;
/**
* @var string $content
*
*
* @ORM\Column(name="content", type="text")
*/
private $content;
/**
* @var string $city
*
* @ORM\Column(name="city", type="string", length=255)
*
*/
private $city;
/**
* @var datetime $created_at
*
* @ORM\Column(name="created_at", type="datetime")
*/
private $created_at;
/**
* @var string $salary
*
* @ORM\Column(name="salary", type="string", length=255)
*
*
*/
private $salary;
/**
* @ORM\ManyToOne(targetEntity="My\UserBundle\Entity\User")
*/
private $announcer ;
/**
* link a job to a user
*/
public function setAnnouncer(User $a)
{
$this->announcer = $a;
}
/**
* return a user from a job object
*/
public function getAnnouncer()
{
return $this->announcer;
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set title
*
* @param string $title
*/
public function setTitle($title)
{
$this->title = $title;
}
/**
* Get title
*
* @return string
*/
public function getTitle()
{
return $this->title;
}
/**
* Set content
*
* @param string $content
*/
public function setContent($content)
{
$this->content = $content;
}
/**
* Get content
*
* @return string
*/
public function getContent()
{
return $this->content;
}
/**
* Set created_at
*
* @param datetime $createdAt
*/
public function setCreatedAt($createdAt)
{
$this->created_at = $createdAt;
}
/**
* Get created_at
*
* @return datetime
*/
public function getCreatedAt()
{
return $this->created_at;
}
/**
* Set salary
*
* @param string $salary
*/
public function setSalary($salary)
{
$this->salary = $salary;
}
/**
* Get salary
*
* @return string
*/
public function getSalary()
{
return $this->salary;
}
public function setCity($c)
{
$this->city = $c;
}
public function getCity()
{
return $this->city ;
}
public function __construct(){
$this->created_at = new \DateTime() ;
}
}
继承我的职业类型
namespace My\JobBundle\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilder;
class JobType extends AbstractType
{
public function buildForm(FormBuilder $builder, array $options)
{
$builder
->add('title')
->add('content','textarea' )
//->add('created_at')
->add('salary')
->add('city')
//->add('announcer')
;
}
public function getName()
{
return 'my_jobbundle_jobtype';
}
}
并且继续我的日志,我看到更新的密码
INSERT INTO Job (title, content, city, created_at, salary, announcer_id) VALUES (?, ?, ?, ?, ?, ?) ({"1":"lfdgdfl;","2":";lkl;fdlgkdfl;","3":"lklkl;;l","4":{"date":"2012-02-05 23:39:16","timezone_type":3,"timezone":"Europe\/Paris"},"5":"333","6":1})
UPDATE User SET password = ? WHERE id = ? ([null,1])
答案 0 :(得分:4)
我发现它是由我的用户实体中UserInterface的eraseCredential方法引起的问题
<?php
public function eraseCredential(){
$this->password = null ;
}
我只需通过评论该行就可以清空密码; ]
答案 1 :(得分:4)
2 kosaidpo
您的解决方案有效,因为在序列化用户对象或将其保存到数据库时,eraseCredentials()方法用于清除用户敏感数据(意味着不是秘密,但是可以恢复,感觉就像__sleep()) (这就是手册所说的)。因此,当您将用户附加到作业对象并调用 #flush()时,doctrine将检查与作业相关的所有对象的更改,并发现该用户对象已更改,因为eraseCredentials()已擦除密码。这就是您的用户更新的原因。
还有一个解决方案可以帮助您:
解决方案:
来自Doctrine文档的简而言之,你可以添加@ChangeTrackingPolicy(“DEFERRED_EXPLICIT”)注释(正如我所做的那样,因为我正在使用注释。船长Obvious =))到UserInterface实现(在我的情况下我使用的是User类)和这个将告诉Doctrine不要检查所有“连接”到作业对象。
在这种情况下,原则不会检查用户对象,并使用已删除的密码保存,除非您将强制执行此操作 #persist(用户对象)手动。
但无论如何,你不应该在eraseCredentials()方法中执行 $ this-&gt; password = null 。
答案 2 :(得分:0)
看起来确实很奇怪,但您可以在将User对象绑定到新创建的作业之前始终检索它:
$token = $this->get('security.context')->getToken();
$user_repo = $this->getDoctrine()->getRepository('**NAMESPACE**:User');
$user = $user_repo->find($token->getUser()->getId());
$job->setAnnouncer($user);
$em = $this->getDoctrine()->getEntityManager();
$em->persist($job) ;
$em->flush();
另外,我不太确定,但是我读到某个地方,由于它的安全性,令牌不应该带密码......也许这就是你的问题......