1

I want to know how to check an arbitrary password against the validation rules defined in validation.xml. I created an admin page where admin users can create other admin users. I want to validate these users using the same rules that are used when anonymous users register for their own account at the /register page. From what I can see, these rules are defined in validation.xml.

So basically I want to do something like this:

$userManager = $container->get('fos_user.user_manager');
$user = $userManager->createUser();
$user->setPlainPassword('1');
$arrayOfErrors = functionThatValidatesUserPassword($user);

or even call a function on the password directly like this:

$arrayOfErrors = functionThatValidatesUserPassword('1');

What should I use to replace functionThatValidatesUserPassword here?

I thought the validator service might work, but when I try

$validator = $this->get('validator');
$errors = $validator->validate($user);
print_r($errors);exit;

I just get an empty list of errors. I was expecting to see an error saying "The password is too short" which is what you get if you register for an account with the same password on the /register page.

I am on Symfony 3.4 and FosUserBundle 2.0.

While searching for answers to my question, I found the following two posts describing how to override the rules defined in the validation.xml file.

I do plan on overriding the validation rules, but for now I just want to validate my password using the built-in rules that come with FosUserBundle.

Cave Johnson
  • 6,499
  • 5
  • 38
  • 57
  • @bangbambang Yes that is correct, using rules that I create in a custom validation.xml file – Cave Johnson Dec 06 '17 at 20:14
  • Sorry, got sleepy and accidentally deleted my last comment. Assuming that `createUser()` return an Entity, validator service *should* work. What version of SF do you use? – bangbambang Dec 06 '17 at 20:20
  • @bangbambang Symfony 3.4, FosUserBundle 2.0 – Cave Johnson Dec 06 '17 at 20:22
  • I've never use FOSUserBundle extensively so I might be wrong. But have you try triggering validation by calling `$userManager->updatePassword($user)`? – bangbambang Dec 06 '17 at 20:48
  • @bangbambang Sorry I had to go away for a while. Do you suggest I do that before I do `$validator->validate($user)`? – Cave Johnson Dec 07 '17 at 02:34
  • According to https://symfony.com/doc/current/bundles/FOSUserBundle/user_manager.html *the default behavior is to flush ... when calling the updateUser method. You can disable the flush by passing a second argument set to false. This will then be equivalent to calling updateCanonicalFields and updatePassword.* So either call `updateUser($user, false)` or `updatePassword($user)` should trigger the underlying listeners without flushing UoW (just to be safe). Again, I've never use FosUserBundle extensively and I haven't got the time to setup a test project, so it's just a conjecture. – bangbambang Dec 07 '17 at 02:58
  • from the same page *"To make it easier, the bundle comes with a Doctrine listener handling the update of the password and the canonical fields for you behind the scenes. ..."* Sorry, that's all I could do to help. Might come back later if I manage to verify (and this question still left unanswered). Since prolonged discussion in comments are discouraged, probably you'll get faster response to ask at SO chat/slack/github issue. – bangbambang Dec 07 '17 at 03:05
  • @bangbambang Thanks very much for your help. I managed to solve my problem. The problem was that the rules belong to validation groups so I have to pass in the group that I want to test into an optional third parameter of the validate function. – Cave Johnson Dec 07 '17 at 18:23

1 Answers1

0

I found the answer to my problem. The constraints in FOSUserBundle's built-in validation.xml belong to validation groups. By default, the validate function only validates for constraints that don't belong to any group. There is a third parameter to the validate function that takes in an array of groups that contain the constraints that you want to check for. So all you have to do is pass in the groups that contain the constraints you want to check. For example, the password field belongs to the following groups: Registration, Profile, ResetPassword, ChangePassword. I used the Registration group, so my code looks like this:

$userManager = $this->get('fos_user.user_manager');
$user = $userManager->createUser();
$user->setPlainPassword('1');
$validator = $this->get('validator', null, array("Registration"));
$errors = $validator->validate($user);
Cave Johnson
  • 6,499
  • 5
  • 38
  • 57