### Helper Command Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md Command to initiate the SSO setup process. ```bash $ bin/console members:oauth:setup ``` -------------------------------- ### Configure Client Scope Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md YAML configuration to define custom scopes for an OAuth2 client, using Google as an example. ```yaml members: oauth: scopes: google: ['email'] ``` -------------------------------- ### Install Google OAuth2 Client Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md Composer command to install the Google OAuth2 client library. ```bash $ composer require league/oauth2-google:^3.0 ``` -------------------------------- ### Install KnpUOAuth2ClientBundle Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md Composer command to install the KnpUOAuth2ClientBundle. ```bash $ composer require knpuniversity/oauth2-client-bundle:^2.0 ``` -------------------------------- ### Install SSO Identity Class Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md Command to install the SsoIdentity class, with the -o flag to skip already installed classes. ```bash $ bin/console members:install:class -o ``` -------------------------------- ### Class Installer Command Source: https://github.com/dachcom-digital/pimcore-members/blob/master/README.md Command to install the Members bundle classes. Use the -o argument to also install the SsoIdentity Class. ```bash $ bin/console members:install:class ``` -------------------------------- ### Class Installation Source: https://github.com/dachcom-digital/pimcore-members/blob/master/README.md Install the required classes for the MembersBundle. ```bash bin/console members:install:class ``` -------------------------------- ### Enable SSO Feature Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md YAML configuration to enable the SSO feature and set the activation type. ```yaml members: oauth: enabled: true activation_type: 'complete_profile' # choose between "complete_profile" and "instant" ``` -------------------------------- ### Configure Google Client Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md YAML configuration for setting up the Google OAuth2 client, including client ID, secret, and redirect route. ```yaml knpu_oauth2_client: clients: google: type: google client_id: 'YOUR_CLIENT_ID' client_secret: 'YOUR_CLIENT_SECRET' redirect_route: members_user_security_oauth_check redirect_params: {} ``` -------------------------------- ### Configure Firewall Name Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md YAML configuration to set the firewall name if it differs from 'members_fe'. ```yaml parameters: members.firewall_name: your_fw_name ``` -------------------------------- ### Composer Installation Source: https://github.com/dachcom-digital/pimcore-members/blob/master/README.md Add the MembersBundle to your composer.json and bundles.php. ```json "require" : { "dachcom-digital/members" : "~5.1.0" } ``` ```php return [ MembersBundle\MembersBundle::class => ['all' => true], ]; ``` -------------------------------- ### Set Cookie SameSite Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md YAML configuration to set the session cookie SameSite attribute to 'lax'. ```yaml framework: session: cookie_samesite: 'lax' ``` -------------------------------- ### MembersResourceMappingListener Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/12_ResourceMapping.md An example EventListener for mapping user resources during OAuth authentication and registration. ```php 'onProfileMapping', MembersEvents::OAUTH_RESOURCE_MAPPING_REGISTRATION => 'onRegistrationMapping', MembersEvents::OAUTH_RESOURCE_MAPPING_REFRESH => 'onRegistrationRefresh', ]; } public function onProfileMapping(OAuthResourceEvent $event): void { $user = $event->getUser(); $resourceOwner = $event->getResourceOwner(); $ownerDetails = $resourceOwner->toArray(); $this->mapData($user, $ownerDetails); } public function onRegistrationMapping(OAuthResourceEvent $event): void { $user = $event->getUser(); $resourceOwner = $event->getResourceOwner(); $ownerDetails = $resourceOwner->toArray(); $this->mapData($user, $ownerDetails); } public function onRegistrationRefresh(OAuthResourceRefreshEvent $event): void { $user = $event->getUser(); $resourceOwner = $event->getResourceOwner(); $ownerDetails = $resourceOwner->toArray(); $user->setUserName($ownerDetails['name']); // ATTENTION! You need to inform event about changes! $event->setHasChanged(true); } protected function mapData(UserInterface $user, array $ownerDetails): void { if (empty($user->getEmail()) && isset($ownerDetails['email'])) { $user->setEmail($ownerDetails['email']); } if (empty($user->getUserName()) && isset($ownerDetails['name'])) { $user->setUserName($ownerDetails['name']); } } } ``` -------------------------------- ### Listing Query Injection Example Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/230_RestrictListing.md Demonstrates how to inject restrictions into listing queries for Data Objects, Documents, and Assets using the `onCreateQueryBuilder` method. ```php onCreateQueryBuilder(function (QueryBuilder $query) use ($restrictionQuery, $listing) { $restrictionQuery->addRestrictionInjection($query, $listing); }); dump($listing->getObjects()); # Documents $listing = new Model\Document\Listing(); $listing->setLimit(10); $listing->onCreateQueryBuilder(function (QueryBuilder $query) use ($listing, $restrictionQuery) { $restrictionQuery->addRestrictionInjection($query, $listing, 'id'); }); dump($listing->getDocuments()); # Assets $listing = new Model\Asset\Listing(); $listing->setLimit(10); $listing->onCreateQueryBuilder(function (QueryBuilder $query) use ($listing, $restrictionQuery) { $restrictionQuery->addRestrictionInjection($query, $listing, 'id'); }); dump($listing->getAssets()); } ``` -------------------------------- ### Statements Example Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/230_RestrictListing.md Shows how to check element restriction status using statements if SQL query modification is not feasible. ```php container->get(RestrictionManager::class)->getElementRestrictionStatus($element); if($restriction->getSection() === RestrictionManager::RESTRICTION_SECTION_ALLOWED) { //allowed! } ``` -------------------------------- ### Check Role in Controller Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/90_Roles.md Example of how to check if a user has a specific role within a controller action. ```php denyAccessUnlessGranted('ROLE_MEMBERS_MODERATOR', null, 'Unable to access this page!'); } } ``` -------------------------------- ### Generate Protected Asset Package URL (PHP) Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/240_AssetProtection.md Example of generating a temporary zip file URL for multiple protected assets using generateAssetPackageUrl(). ```php restrictionUri = \MembersBundle\Security\RestrictionUri $restrictionUri; //these assets need to be protected! $download1 = \Pimcore\Model\Asset::getById(1); $download2 = \Pimcore\Model\Asset::getById(2); $packageData = [ ['asset' => $download1], ['asset' => $download2] ]; $downloadLink = $this->restrictionUri->generateAssetPackageUrl($packageData, true); //since the second argument is set to TRUE, the link will only available if the current user is correctly authenticated. //$downloadLink for users with same group restrictions: 'domain.com/members/request-data/W3siZiI6NiwicCI6ZmFsc2V9XQ' //$downloadLink for guest users: '' ``` -------------------------------- ### Generate Protected Asset Download URL (PHP) Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/240_AssetProtection.md Example of generating a protected download URL for a single asset using the RestrictionUri service. ```php restrictionUri = \MembersBundle\Security\RestrictionUri $restrictionUri; //this asset needs to be a protected one! $download = \Pimcore\Model\Asset::getById(1); $downloadLink = $this->restrictionUri->generateAssetUrl($download); //$downloadLink: domain.com/members/request-data/W3siZiI6NiwicCI6ZmFsc2V9XQ ``` -------------------------------- ### Add SSO Identity Relation Field Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/20_Installation.md JSON configuration snippet to add the SSO Identity relation field to a user class definition. ```json { "fieldtype": "manyToManyObjectRelation", "width": "", "height": "", "maxItems": "", "queryColumnType": "text", "phpdocType": "array", "relationType": true, "visibleFields": "key", "optimizedAdminLoading": false, "visibleFieldDefinitions": [], "lazyLoading": true, "classes": [ { "classes": "SsoIdentity" } ], "pathFormatterClass": "", "name": "ssoIdentities", "title": "SSO Identities", "tooltip": "", "mandatory": false, "noteditable": false, "index": false, "locked": false, "style": "", "permissions": null, "datatype": "data", "invisible": false, "visibleGridView": false, "visibleSearch": false } ``` -------------------------------- ### Generate Protected Asset Package URL (Twig) Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/240_AssetProtection.md Twig extension example for generating a protected download URL for a package of assets. ```twig {# generate link #} download protected package {# generate protected link only if content is available for current user #} {{ dump(members_generate_asset_package_url([12,40], true)) }} ``` -------------------------------- ### Generate Protected Asset URL (Twig) Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/240_AssetProtection.md Twig extension example for generating a protected download URL for a single asset. ```twig {# generate link #} download protected file {# generate protected link only if content is available for current user #} {{ dump(members_generate_asset_url(12, true)) }} ``` -------------------------------- ### Build Navigation with Members Bundle Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/210_RestrictedNavigation.md Example of how to use the members_build_nav twig extension to build secure menus, ensuring restricted pages are not displayed. It also handles navigation cache strategy. ```twig {% set nav = members_build_nav({ active: currentDoc, root: documentRootDoc }) %} {{ pimcore_render_nav(nav, 'menu', 'renderMenu', { maxDepth: 2 }) }} ``` -------------------------------- ### IdentityStatusProfileCompletionEvent Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/32_IdentityStatusListener.md An example listener for the OAUTH_IDENTITY_STATUS_PROFILE_COMPLETION event. This event can be used to change the status definition for whether an SSO-only user can access the completion profile route. By default, a user can complete their profile if no password has been set. ```php 'onDispatch' ]; } public function onDispatch(OAuthIdentityEvent $event): void { $user = $event->getIdentity(); // this is just an example if (!empty($user->getUsername())) { // this will prevent the user deletion $event->setIdentityDispatchStatus(false); } } } ``` -------------------------------- ### IdentityStatusDeletionEvent Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/32_IdentityStatusListener.md An example listener for the OAUTH_IDENTITY_STATUS_DELETION event, which can be used to change the deletion status of an SSO Identity. This event triggers if the identity clean-up task is enabled. ```php 'onDispatch' ]; } public function onDispatch(OAuthIdentityEvent $event): void { $user = $event->getIdentity(); // this is just an example if (!empty($user->getLastLogin())) { // this will prevent the user deletion $event->setIdentityDispatchStatus(false); } } } ``` -------------------------------- ### Instant Login Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/11_IntegrationTypes.md YAML configuration for enabling OAuth and setting the activation type to 'instant'. ```yaml members: oauth: enabled: true activation_type: 'instant' ``` -------------------------------- ### Login via Profile Completion Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/11_IntegrationTypes.md YAML configuration for enabling OAuth and setting the activation type to 'complete_profile'. ```yaml members: oauth: enabled: true activation_type: 'complete_profile' ``` -------------------------------- ### Default Email Paths Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/70_EmailConfiguration.md Configuration for default email paths. ```yaml members: emails: default: register_confirm: '/email/register-confirm' register_confirmed: '/email/register-confirmed' register_password_resetting: '/email/password-reset' admin_register_notification: '/email/admin-register-notification' ``` -------------------------------- ### Enable Preview Confirmation Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/60_RegistrationTypes.md Configuration to enable a 'preview confirmation' page to prevent unintended automatic activations due to email provider prefetching. ```yaml members: enable_preview_confirmation: true # default is false ``` -------------------------------- ### Members User Adapter Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/300_CustomerDataFw.md Defines the class name for the members user adapter. ```yaml members: user: adapter: class_name: 'MembersCustomer' ``` -------------------------------- ### Site-based Mail Templates Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/70_EmailConfiguration.md Configuration for site-specific email templates, with a default fallback. ```yaml members: emails: # if no site gets found, the default stays as fallback. default: register_confirm: '/{_locale}/email/register-confirm' register_confirmed: '/{_locale}/email/register-confirmed' register_password_resetting: '/{_locale}/email/password-reset' admin_register_notification: '/{_locale}/email/admin-register-notification' sites: - main_domain: 'your-domain1' emails: register_confirm: '/domain1/email/register-confirm' register_confirmed: '/domain1/email/register-confirmed' register_password_resetting: '/domain1/email/password-reset' admin_register_notification: '/domain1/email/admin-register-notification' - main_domain: 'your-domain2' emails: register_confirm: '/domain2/{_locale}/email/register-confirm' register_confirmed: '/domain2/{_locale}/email/register-confirmed' register_password_resetting: '/domain2/{_locale}/email/password-reset' admin_register_notification: '/domain2/{_locale}/email/admin-register-notification' ``` -------------------------------- ### Add Default Groups to new User Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/80_Groups.md Configuration to add default groups to a new user upon successful registration. ```yaml members: user: initial_groups: - 'Group 1' # via group name - 22 # via id ``` -------------------------------- ### Add Roles Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/90_Roles.md Configuration snippet to add a new role hierarchy in config/config.yaml. ```yaml security: role_hierarchy: ROLE_MEMBERS_MODERATOR: [ROLE_USER] ``` -------------------------------- ### Include all Routes Source: https://github.com/dachcom-digital/pimcore-members/blob/master/README.md Include all routes provided by the MembersBundle in your config/routes.yaml. ```yaml #config/routes.yaml app: resource: '@MembersBundle/config/pimcore/routing/all.yaml' ``` -------------------------------- ### Clean Up Expired Tokens Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/31_Listener.md Configuration to enable the clean-up of expired identities based on the 'expiresAt' field. ```yaml members: oauth: clean_up_expired_tokens: true ``` -------------------------------- ### Custom Class Names Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/20_ClassCustomization.md Configuration to set custom class names for user, group, and SSO identity classes. ```yaml members: # for the user class user: adapter: class_name: 'customer' # default was 'MembersUser' # for the group class group: adapter: class_name: 'group' # default was 'MembersGroup' # for the sso identity class # only available if you're using the SSO feature sso: adapter: class_name: 'identity' # default was 'SsoIdentity' ``` -------------------------------- ### Clean Up Expired Tokens by TTL Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/31_Listener.md Configuration to enable the clean-up of expired identities based on a Time-To-Live (TTL) in seconds. ```yaml members: oauth: clean_up_expired_tokens: true expired_tokens_ttl: 86400 ``` -------------------------------- ### Mail Localization Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/70_EmailConfiguration.md Configuration for localizing email paths using the {_locale} fragment. ```yaml members: emails: default: register_confirm: '/{_locale}/email/register-confirm' register_confirmed: '/{_locale}/email/register-confirmed' register_password_resetting: '/{_locale}/email/password-reset' admin_register_notification: '/{_locale}/email/admin-register-notification' ``` -------------------------------- ### Include some Routes Source: https://github.com/dachcom-digital/pimcore-members/blob/master/README.md Include only specific routes, such as authentication routes, from the MembersBundle. ```yaml #config/routes.yaml members_auth: resource: '@MembersBundle/config/pimcore/routing/auth.yaml' prefix: /{_locale}/members #change your prefix if you have to. ``` -------------------------------- ### Custom Object Key Form Field Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/20_ClassCustomization.md Configuration to define a form field whose value generates the Pimcore object key. ```yaml members: user: adapter: object_key_form_field: 'username' # default was 'email' ``` -------------------------------- ### General Registration Type Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/60_RegistrationTypes.md Configuration options for setting the post-registration type and related notification settings. ```yaml members: # choose between 'confirm_by_mail', 'confirm_by_admin', 'confirm_instant' post_register_type: 'confirm_by_mail' #optional: see "Confirm by Mail" send_admin_mail_after_register: false #optional: see "Confirm By Admin" send_user_mail_after_confirmed: false ``` -------------------------------- ### List available social connectors Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/30_TwigExtensions.md This snippet shows how to list all available social connectors by calling `members_oauth_social_links()`, ensuring OAuth is enabled first. ```twig {% if members_system_oauth_enabled() == true %} {% set social_route_name = 'members_user_security_oauth_login' %} {% set skip_connected_identities = false %} {% dump(members_oauth_social_links(social_route_name, skip_connected_identities)) %} {% endif %} ``` -------------------------------- ### Navigation with Page Callback Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/210_RestrictedNavigation.md Demonstrates using the pageCallback parameter with members_build_nav to set custom data to the navigation document. The ElementRestriction argument is also passed to the callback. ```twig {% set nav = members_build_nav({ active: document, root: rootPage, pageCallback: navigation_callback() }) %} ``` -------------------------------- ### CMF Customer Class Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/300_CustomerDataFw.md Defines the Pimcore class to be used for CMF customers. ```yaml pimcore_customer_management_framework: general: customerPimcoreClass: MembersCustomer ``` -------------------------------- ### Configuration for Custom Form Types Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/50_CustomFormTypes.md This YAML configuration demonstrates how to override default form types with custom ones in `config/config.yaml`. It shows the mapping of form names to their respective types and validation groups. ```yaml members: relations: login: form: type: MembersBundle\Form\Type\LoginFormType name: members_user_login_form validation_groups: [Login, Default] # or instance of \MembersBundle\Validation\ValidationGroupResolverInterface profile: form: type: MembersBundle\Form\Type\ProfileFormType name: members_user_profile_form validation_groups: [Profile, Default] # or instance of \MembersBundle\Validation\ValidationGroupResolverInterface change_password: form: type: MembersBundle\Form\Type\ChangePasswordFormType name: members_user_change_password_form validation_groups: [ChangePassword, Default] # or instance of \MembersBundle\Validation\ValidationGroupResolverInterface registration: form: type: App\Form\Type\RegistrationFormType name: members_user_registration_form validation_groups: [Registration, Default] # UsernameOnlyRegistration, EmailOnlyRegistration, or instance of \MembersBundle\Validation\ValidationGroupResolverInterface resetting_request: form: type: MembersBundle\Form\Type\ResettingRequestFormType name: members_user_resetting_request_form validation_groups: [ResetPassword, Default] # or instance of \MembersBundle\Validation\ValidationGroupResolverInterface resetting: token_ttl: 86400 form: type: MembersBundle\Form\Type\ResettingFormType name: members_user_resetting_form validation_groups: [ResetPassword, Default] # or instance of \MembersBundle\Validation\ValidationGroupResolverInterface delete_account: form: type: MembersBundle\Form\Type\DeleteAccountFormType name: members_user_delete_account_form validation_groups: [DeleteAccount, Default] # or instance of \MembersBundle\Validation\ValidationGroupResolverInterface ``` -------------------------------- ### Check if profile completion is allowed Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/30_TwigExtensions.md This snippet demonstrates how to check if a newly registered SSO user can proceed to the profile completion route using `members_oauth_can_complete_profile()`. ```twig {% if members_system_oauth_enabled() == true %} {% if members_oauth_can_complete_profile() == true %} {# do something funky #} {% endif %} {% endif %} ``` -------------------------------- ### Public Asset Path Protection .htaccess Rules Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/200_Restrictions.md Configuration for the public .htaccess file to protect assets within the /restricted-assets folder. ```apacheconf # add this at the top in public/.htaccess RewriteEngine On RewriteCond %{HTTP_HOST}==%{HTTP_REFERER} !^(.*?)==https?://\1/admin/ [OR] RewriteCond %{HTTP_COOKIE} !^.*pimcore_admin_sid.*$ [NC] RewriteRule ^restricted-assets/.* - [F,L] RewriteRule ^var/.*/restricted-assets(.*) - [F,L] RewriteRule ^cache-buster-[\d]+/restricted-assets(.*) - [F,L] ``` -------------------------------- ### SQL Explanation for Expired Date Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/31_Listener.md SQL query to select entities where 'expiresAt' is not null and is in the past. ```mysql SELECT entites WHERE expiresAt IS NOT NULL AND expiresAt < NOW(); ``` -------------------------------- ### Enable Public Asset Path Protection Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/200_Restrictions.md Enables protection for public asset paths, preventing unauthorized access to assets like thumbnails. ```yaml members: restriction: enabled: true enable_public_asset_path_protection: true ``` -------------------------------- ### SQL Explanation for Expired by TTL Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/31_Listener.md SQL query to select entities where the creation date is older than the specified TTL. ```mysql SELECT entites WHERE o_creationDate < (UNIX_TIMESTAMP() - $TTL); ``` -------------------------------- ### SSO Registration Type Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/60_RegistrationTypes.md Configuration option for defining the post-registration type specifically for SSO (OAuth) registrations. ```yaml members: # choose between 'confirm_by_mail', 'confirm_by_admin', 'confirm_instant' post_register_type_oauth: 'confirm_instant' ``` -------------------------------- ### Enable Object Restriction Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/200_Restrictions.md Enables restriction for specific object types by listing them in 'allowed_objects'. ```yaml members: restriction: enabled: true allowed_objects: - 'NewsEntry' - 'YourObjectName' ``` -------------------------------- ### Global Restriction Check Helper Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/200_Restrictions.md PHP code to retrieve restriction status information for a given document, object, or asset using the RestrictionManager. ```php container->get(RestrictionManager::class)->getElementRestrictionStatus($element); //get restriction group ids echo $restriction->getRestrictionGroups(); //get section echo $restriction->getSection(); //get state echo $restriction->getState(); ``` -------------------------------- ### Event Listener Implementation Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/220_RestrictedRouting.md PHP code for the RestrictedStaticRouteListener that listens for the StaticRouteEvent and binds the relevant object to the event if conditions are met. ```php 'checkStaticRoute' ]; } public function checkStaticRoute(StaticRouteEvent $event): void { $request = $event->getRequest(); if($event->getRouteName() === 'news_detail') { $newsObject = News::getById($request->attributes->get('newsId')); if($newsObject instanceof News) { //bind your object to the event. that's it. $event->setStaticRouteObject($newsObject); } } } } ``` -------------------------------- ### Check if OAuth is enabled Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/SSO/30_TwigExtensions.md This snippet demonstrates how to check if the OAuth system is enabled using the `members_system_oauth_enabled()` function. ```twig {% if members_system_oauth_enabled() == true %} {# oauth is enabled #} {% endif %} ``` -------------------------------- ### Auth Identifier Only for Registration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/10_AuthIdentifier.md This snippet demonstrates how to configure the registration form to only include the 'auth_identifier' field when 'only_auth_identifier_registration' is set to true. ```yaml members: user: only_auth_identifier_registration: true ``` -------------------------------- ### Enable Restriction Globally Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/200_Restrictions.md Enables the restriction feature globally by setting 'enabled' to true in the members configuration. ```yaml members: restriction: enabled: true ``` -------------------------------- ### Service Configuration Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/220_RestrictedRouting.md YAML configuration to register the MembersStaticRouteListener as a service and an event subscriber. ```yaml App\EventListener\MembersStaticRouteListener: tags: - { name: kernel.event_subscriber } ``` -------------------------------- ### Configure Auth Identifier Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/10_AuthIdentifier.md This snippet shows how to configure the MembersBundle to use the 'email' field as the authentication identifier instead of the default 'userName'. ```yaml members: user: auth_identifier: 'email' # can be "username" (default) or "email" ``` -------------------------------- ### Navigation Callback Function Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/210_RestrictedNavigation.md PHP code for a Twig extension that provides a navigation_callback function. This function returns a closure that can be used in Twig to set custom settings on navigation documents. ```php setCustomSetting('key', $page->getKey()); } }; } } ``` -------------------------------- ### Retrieve Custom Setting Source: https://github.com/dachcom-digital/pimcore-members/blob/master/docs/210_RestrictedNavigation.md Twig code to retrieve a custom setting that was previously set on a navigation page using the pageCallback. ```twig {{ page.getCustomSetting('key') }} ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.