Search code examples
phpsymfonysession-variables

Access Symfony session values from external application

I have a third party application (responsivefilemanager plugin for TinyMCE) that I can't re-write it using Symfony2.
I need to protect it against unauthorized users.
Is it possible to access Symfony2's session variables (user, roles , etc) from external application? How?
I tried to do session_start() and read $_SESSION variable, but it is empty!
My config.yml is: 

imports:
    - { resource: parameters.yml }
    - { resource: security.yml }
    - { resource: @ar1y4nArticleBundle/Resources/config/admin.yml }

framework:
    #esi:             ~
    translator:      { fallback: %locale% }
    secret:          %secret%
    router:
        resource: "%kernel.root_dir%/config/routing.yml"
        strict_requirements: ~
    form:            ~
    csrf_protection: ~
    validation:      { enable_annotations: true }
    templating:
        engines: ['twig']
        #assets_version: SomeVersionScheme
    default_locale:  "%locale%"
    trusted_proxies: ~
    session:         ~
    fragments:       ~

# Twig Configuration
twig:
    debug:            %kernel.debug%
    strict_variables: %kernel.debug%

# Assetic Configuration
assetic:
    debug:          %kernel.debug%
    use_controller: false
    bundles:        [ ]
    #java: /usr/bin/java
    filters:
        cssrewrite: ~
        #closure:
        #    jar: %kernel.root_dir%/Resources/java/compiler.jar
        #yui_css:
        #    jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar

# Doctrine Configuration
doctrine:
    dbal:
        driver:   %database_driver%
        host:     %database_host%
        port:     %database_port%
        dbname:   %database_name%
        user:     %database_user%
        password: %database_password%
        charset:  UTF8
        types: #this is about this line and line below
            json:     Sonata\Doctrine\Types\JsonType
        # if using pdo_sqlite as your database driver, add the path in parameters.yml
        # e.g. database_path: %kernel.root_dir%/data/data.db3
        # path:     %database_path%

    orm:
        auto_generate_proxy_classes: %kernel.debug%
        auto_mapping: true

# Swiftmailer Configuration
swiftmailer:
    transport: %mailer_transport%
    host:      %mailer_host%
    username:  %mailer_user%
    password:  %mailer_password%
    spool:     { type: memory }

fos_user:
    db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
    firewall_name: main
    user_class:     ar1y4n\UserBundle\Entity\User

    group:
        group_class: ar1y4n\UserBundle\Entity\Group  

sonata_block:
    default_contexts: [cms]
    blocks:
        sonata.admin.block.admin_list:
            contexts:   [admin]

        #sonata.admin_doctrine_orm.block.audit:
        #    contexts:   [admin]

        sonata.block.service.text:
        sonata.block.service.rss:

        sonata.user.block.menu:    # used to display the menu in profile pages
        sonata.user.block.account: # used to display menu option (login option)

        # Some specific block from the SonataMediaBundle
        #sonata.media.block.media:
        #sonata.media.block.gallery:
        #sonata.media.block.feature_media:

knp_menu:
    twig:  # use "twig: false" to disable the Twig extension and the TwigRenderer
        template: knp_menu.html.twig
    templating: false # if true, enables the helper for PHP templates
    default_renderer: twig # The renderer to use, list is also available by default

sonata_user:
    security_acl: true
    class:                  # Entity Classes
        user:               ar1y4n\UserBundle\Entity\User
        group:              ar1y4n\UserBundle\Entity\Group  

sonata_admin:
    title:      My title
    title_logo: bundles/ar1y4narticle/images/logo-big.png

genemu_form:
    tinymce:
        enabled: true
        theme:   modern
        configs: {plugins: ["responsivefilemanager advlist autolink lists link image charmap print preview hr anchor pagebreak","searchreplace wordcount visualblocks visualchars code fullscreen","insertdatetime media nonbreaking save table contextmenu directionality", "emoticons template paste textcolor"],toolbar1: "insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image",toolbar2: "print preview media | forecolor backcolor emoticons | responsivefilemanager",image_advtab: true, external_filemanager_path:"/filemanager/",filemanager_title:"Responsive Filemanager" ,external_plugins: { "filemanager" : "/filemanager/plugin.min.js"}}
Solution

  • I managed to access security context by doing this:
    In reponsivefilemanager/config/config.php add: 

    require_once '../../vendor/autoload.php';
require_once '../../app/bootstrap.php.cache';
require_once '../../app/AppKernel.php';
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\HttpKernel;

$kernel = new AppKernel('dev', true);
//$kernel = new AppKernel('prod', false);
$kernel->loadClassCache();
$kernel->boot();

$session = new \Symfony\Component\HttpFoundation\Session\Session($kernel->getContainer()->get('session.storage'));
$session->start();
$request = Request::createFromGlobals();
$request->setSession($session);
$event = new GetResponseEvent($kernel->getContainer()->get('http_kernel'),$request, HttpKernel::MASTER_REQUEST);

$firewall = $kernel->getContainer()->get('security.firewall');
$firewall->onKernelRequest($event);
if(!$kernel->getContainer()->get('security.context')->isGranted('ROLE_ADMIN')) die("Access Denied");

    Of course you should change autoload.php, bootstrap.php.cache & AppKernel.php paths according to your file structure.
    This has two problems:

    • You should use $kernel = new AppKernel('prod', false); when using prod mode (app.php) and $kernel = new AppKernel('dev', true); when using dev mode (app_dev.php)
    • This has a problem when a non-logged in user attempts to access filemanager and gives symfony's Access Denied error ; however, it does the job and prevents non-granted user to use the file manager

    I'm working on solving the problems; and I'll post the result here.

    Good luck