Reputation: 35
Don't use serialize for the user role Symfony
I have a project and a Symfony3 Silex 2 API that is based on the database created with SF3. The problem arises because of the ROLE field in the database, in effect symfony3 stores in the database the user roles via serialize, flint or using a string.
Why Symfony serialize and flint right? How to solve the problem because Silex does not manage the roles serialize?
Role field BDD: Silex:
ROLE_MODO,ROLE_SUPER_ADMIN
SF:
a:2:{i:0;s:9:"ROLE_MODO";i:1;s:16:"ROLE_SUPER_ADMIN";}
Thank you.
Upvotes: 2
Views: 2118
Answers (2)
Reputation: 9585
Make sure in SF3 platform, to map the roles field with simple_array DBAL type instead of array:
@ORM\Column(name="roles", type="simple_array")
The difference is that array type stores their values serialized and simple_array stores their values by using comma separated.
Upvotes: 4
Reputation: 5679
Symfony
I think that ROLE field is mapped as array in doctrine orm, so serialization/unserialization is made automatically by doctrine orm.
http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/types.html#array
Silex
You should unserialize roles manually. I don't know how you get user in silex..
class User implements Symfony\Component\Security\Core\User\AdvancedUserInterface
{
...
public function getRoles()
{
return unserialize($this['roles']);
}
...
}
Upvotes: 1
Related Questions
- Prevent storing entire user in Symfony session
- Prevent symfony serializer to certain attributes
- Symfony serializer ignore serialization groups
- Doctrine Serializer : Problem on using groups
- Symfony 3 - Declare and use the serializer other than in a controller
- using groups and accessor for serialization symfony2
- Symfony Serialize doctrine entity
- Symfony Serializer empty objects
- PHP: How to prevent serialize from hitting a certain member
- Which properties have to be serialized/deserialized in Symfony 2 User class?