2010/11/3 Lukas Kahwe Smith <[email protected]>:
> but you set the values in the entity. why can't you validate the data just
> before you set it?
Because we can never _avoid_ that invalid data is set in the object.
Forget about the form for a minute. You want that setPassword() does
not accept any invalid values, but how do you do that _without custom
code_ and without AOP?
> hmm not sure what you mean here exactly. how/what should i be constraining?
> also note in the entity i dont have access to the form anymore.
You need to change or override the field and add constraints to that
class. With annotations, this unfortunately is a bit ugly.
class MyPasswordField extends PasswordField
{
/**
* @validation:...
*/
public function getDisplayedData()
{
return parent::getDisplayedData();
}
}
Or you can add custom test methods to that inherited class and
constrain them with AssertTrue.
class MyPasswordField extends PasswordField
{
/**
* @validation:AssertTrue(message = "The password must contain at
least one letter")
*/
public function isAtLeastOneLetter()
{
return count_letters($this->getDisplayedData()) > 0;
}
}
The last solution is to have two properties in your class of which one
contains the plain text password (which is not persisted) and the
other the persisted hashed password.
class User
{
/**
* @validation:MinLetters(1)
*/
protected $password;
/**
* @PersistMe
*/
protected $hashedPassword;
public function setPassword($password)
{
$this->password = $password;
$this->hashedPassword = hash_me($password);
}
}
IMO that last solution is the cleanest one, because it works
regardless of whether you call setPassword() from a form or from
somewhere else.
Bernhard
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
