How to integrate users of PimcoreMember bundle with CoreShop?

Hi

My website use PimcoreMembers bundle for authorization. There is about 200 users in two groups. I’m going to add some ecommerce features for my website, so I decided to install CoreShop.

How can I integrate CoreShop with members already registered?

With MembersBundle installed and CoreShop installed there are two independent authorizations services.

I’m currently looking into the same thing. The members bundle is already implemented and a username is used to log in. I found this issue, which unfortunately was abandonned: https://github.com/coreshop/CoreShop/issues/186

@soulkast What solution did you end up with?

@dpfaffenbauer & @solverat Could you give any pointers on how to ‘map’ the CoreShop customer to the members user, if at all possible?

  • Implement the CustomerInterface in a custom class, configure it for the members user class and add the required fields.
  • Disable the Coreshop firewall and include its setup in the members firewall (is this possible?).

That’s all I could come up with so far. Any thoughts would be appreciated.

@kjkooistra-youwe you basically described the way to go.

  • Either configure members to use CoreShopCustomer or configure CoreShop to use the Members User.
  • Implement interface from both
  • Disable one of the firewalls (that is basically the most difficult part, Pimcore merges security configs, which is a bad thing… it doesn’t give you full control over the firewalls per se) (https://github.com/pimcore/pimcore/issues/5417)
1 Like

Thanks for your quick response. I’ll see if I can figure it out.

This is what I came up with so far, which seems to be working.

Combine MembersUser and CoreShop Customer

First of all, combining the MembersUser and CoreShop Customer into one class. Since the Members bundle provides a very useful UserTrait, the easiest approach is to use that and extend the CoreShop Customer model.

In this case the frontend permissions toolkit is also used. Since all three of them provide a getRoles() method they need to be merged to prevent roles from being ‘lost’ when a user logs in. Hence the trait method overrides.

<?php

declare(strict_types=1);

namespace Vivisol\PortalBundle\Model\DataObject;

use CoreShop\Component\Core\Model\Customer;
use FrontendPermissionToolkitBundle\CoreExtensions\Traits\PermissionResourcesAsRolesTrait;
use MembersBundle\Adapter\User\UserInterface;
use MembersBundle\Adapter\User\UserTrait;

/**
 * Combines the members user with the CoreShop customer
 */
abstract class CombinedUserAndCustomer extends Customer implements UserInterface
{
    use UserTrait {
        getRoles as getMembersRoles;
    }

    use PermissionResourcesAsRolesTrait {
        getRoles as getPermissionResourceRoles;
    }

    /**
     * Retrieve all allowed permission resources of current object prefixed with ROLE_
     *
     * @return string[]
     */
    public function getRoles(): array
    {
        // Combine CoreShop roles with members and permission resource roles
        return array_merge(
            parent::getRoles(),
            $this->getMembersRoles(),
            $this->getPermissionResourceRoles()
        );
    }
}

Update MemberUser class

Next the MembersUser class must be updated via the Pimcore classes interface. I added a separate ‘CoreShop customer’ layout panel (tab) and copied all fields from the CoreShopCustomer class, apart from the ones already existing in the MembersUser class (email and password).

Then in the ‘General Settings’, update the ‘Parent PHP Class’ to Vivisol\PortalBundle\Model\DataObject\CombinedUserAndCustomer.

Configure CoreShop to use the MembersUser model

The CoreShop provides a setting to configure the customer model, which defaults to the CoreShop Customer. Override it by adding the following to ‘app/config/config.yml’.

# Override CoreShop Customer class to use MembersUser instead
# See Vivisol\PortalBundle\Model\DataObject\CombinedUserAndCustomer
pimcore:
    customer:
        classes:
            model: 'Pimcore\Model\DataObject\MembersUser'

‘Disable’ the CoreShop firewall

Last but not least, disabling the CoreShop firewall. As mentioned by @dpfaffenbauer, it’s rather tricky to actually disable it, so instead I just configured a random hash for the regex, which is used as the firewall pattern and access control path patterns. Add something like the following to ‘app/config/security.yml’

parameters:
    # Disable CoreShop firewall by overriding the regex to part of a random hash, which will never be matched
    coreshop.security.frontend_regex: "^/generate-a-random-hash-or-any-other-random-string-and-put-it-here$"
1 Like

Perfect :slight_smile: I could not have described it better. Thanks a lot.

Re Firewall, maybe you can also back me on this: https://github.com/pimcore/pimcore/issues/5417. Would make life easier in this situations.

1 Like