README

Install through composer:

php -d memory_limit=-1 composer.phar require xlabs/mmadminbundle

In your AppKernel

public function registerbundles()
{
    return [
    	...
    	...
    	new XLabs\MMAdminBundle\XLabsMMAdminBundle(),
    ];
}

Requirements

MongoDB -> service 'doctrine_mongodb.odm.default_document_manager'
Assetic -> make sure to include this bundle if needed

# app/config.yml

assetic:
    ...
    bundles: [ ..., 'XLabsMMAdminBundle']
    ...

Routing

Append to main routing file:

# app/config/routing.yml

x_labs_mm_admin:
    resource: "@XLabsMMAdminBundle/Resources/config/routing.yml"
    prefix:   /

Configuration sample

Default values are shown below:

# app/config/config.yml

x_labs_mm_admin:
    user_class: XLabs\CoreBundle\Entity\User
    keyword: 'mySecretWord' # the secret word to type in the frontend
    cookie_secret: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' # to build user hash
    cookie_domains: ['domain1.com', 'domain2.com'] # optional; mmadmin cookies will also be created for these domains
    project: 'MyProject' # used as issuer for 2FA
    2FA:
        - { username: 'xmateos@domain.com', secret: 'XXXXXXXXXXXXXXXX', max_attempts: false, cookie_ttl: false, roles: ['ROLE_MMADMIN_MASTER']}
        - { username: 'xmateos5@domain.com', secret: 'XXXXXXXXXXXXXXXX', max_attempts: 5, retryAfterMinutes: 5, cookie_ttl: 6400}

Remember to run routing and assetic commands:

php bin/console fos:js-routing:dump && php bin/console assetic:dump && php bin/console assetic:dump --env=prod --no-debug

Usage

Once installed and logged in, just type the keyword on the frontend pages.

You can add custom controls to the panel on a custom template:

"::mm_admin_custom.html.twig"

If you want the panel accessible from the tour, make sure that nginx adds the proper header in nginx.conf

Authentication handlers: Login / Logout

If you have any login/logout handlers set, make sure to create the following services and set your current handlers as parent services for them:

# YourBundle/Resources/config/services.yml
services:
    ...
    
    xlabs_mmadmin_login_handler:
        parent: <your_login_handler_service_id>
            
    xlabs_mmadmin_logout_handler:
        parent: <your_logout_handler_service_id>

Also make sure to include in your handlers a way to skip captcha, if set in login page:

...
if($captcha_verified || $container->get('xlabs_mm_admin')->isMMAdmin() || ...)
{
    ...

Protecting routes/controllers/actions

If you want to protect a controller, add the following annotation:

# YourBundle/Controller/YourController.php
<?php

namespace YourBundle\Controller;
...
use XLabs\MMAdminBundle\Annotations as XLabsMMAdmin;

/**
 * @XLabsMMAdmin\isProtected
 */
class YourController extends Controller
{
    ...

If you want to protect a controller´s action, add the following annotation:

# YourBundle/Controller/YourController.php
<?php

namespace YourBundle\Controller;
...
use XLabs\MMAdminBundle\Annotations as XLabsMMAdmin;

class AffiliatesController extends Controller
{
    /**
     * @XLabsMMAdmin\isProtected
     */
    public function yourControllerAction(...)
    {
        ...
    }
    ...

You can also protect a route or a set of routes by setting the following option in their definitions:

# YourBundle/Resources/config/routing.yml
services:
    ...
    your_routing_id:
        ...
        options:
            isProtected: true

Additionally, you can specify specific bundle roles (as comma separated values) for the isProtected annotation (only inside controller classes and actions):

    ...
    /**
     * @XLabsMMAdmin\isProtected("ROLE_RANDOM, ROLE_WHATEVER")
     */
    ...

Role 'ROLE_MMADMIN_MASTER' will ALWAYS be allowed.

Troubleshooting

If you generated codes in GA are not working, it´s probably a time issue in the server.

sudo /usr/bin/rdate -s time-a.nist.gov

xlabs / mmadminbundle

Maintainers

Details