Is there a way to wrap objects when traversing the object graph? P.S. I think ACL wont fit in memory.
On Wed, Jan 8, 2014 at 4:24 PM, Marco Pivetta <[email protected]> wrote: > You don't really need to "select" objects again - you can filter your > associations against an in-memory ACL structure. > > As for exposing entities - simply disallow any access to the real > instances by only passing the "wrapped" ones to them. > > Or simply don't expose anything at all except for your service endpoints > > Marco Pivetta > > http://twitter.com/Ocramius > > http://ocramius.github.com/ > > > On 8 January 2014 14:33, Syao Work <[email protected]> wrote: > >> So Doctrine mappings will be used only for association type and identity? >> Then knowing that and using respository I select the object again using >> ACL-able repository. >> What will be to performance? >> >> P.S. And If I expose some code to a user and they should be able to >> change code for their needs, the ACL rules should be enforced for them too. >> >> >> On Wed, Jan 8, 2014 at 3:12 PM, Marco Pivetta <[email protected]> wrote: >> >>> You'd basically avoid hopping through the graph directly, and would go >>> through associations manually through repositories. >>> >>> Another way is via wrappers - the repository returns a wrapped Obj1, >>> Obj2, etc. >>> >>> Each wrapper has logic to filter any association traversal operations. >>> >>> >>> Marco Pivetta >>> >>> http://twitter.com/Ocramius >>> >>> http://ocramius.github.com/ >>> >>> >>> On 8 January 2014 14:06, Syao Work <[email protected]> wrote: >>> >>>> So how can I check for permissions for an object when it relates to >>>> other object in clean way? Should I iterate objects and check? >>>> >>>> >>>> P.S. as I know MS Navision does that.. >>>> >>>> >>>> On Wed, Jan 8, 2014 at 2:45 PM, Marco Pivetta <[email protected]>wrote: >>>> >>>>> I'd keep this in a custom repository (not a doctrine repository): >>>>> >>>>> $mySpecialRepo->gimme('obj1_id'); // considers ACL and returns or >>>>> throws depending on case >>>>> >>>>> I wouldn't try to mix the ACL problem with the persistence problem. I >>>>> tried that in the past and it had horrible implications. >>>>> >>>>> Marco Pivetta >>>>> >>>>> http://twitter.com/Ocramius >>>>> >>>>> http://ocramius.github.com/ >>>>> >>>>> >>>>> On 8 January 2014 13:25, <[email protected]> wrote: >>>>> >>>>>> Hello, >>>>>> >>>>>> I have some situation.. >>>>>> If there are Obj1 and Obj2 entities and a relationship between Obj1 >>>>>> and Obj2 (ex. One-To-One). Each Object has ACL. >>>>>> Ex. user X can have access to Obj1, but not to Obj2. If a user X has >>>>>> access to Obj1, and a tries to access Obj2 I need to know should I return >>>>>> object or throw an ACL exception (or in some way return different >>>>>> object). >>>>>> How it can be done in doctrine? Should I implement it in some sort of >>>>>> wrapper? If yes, what should I wrap? Do I need to extend doctrine >>>>>> relationship classes? >>>>>> What are other options? >>>>>> >>>>>> Edgar >>>>>> >>>>>> P.S. Sorry for my bad English. >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "doctrine-user" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> >>>>>> To post to this group, send email to [email protected]. >>>>>> Visit this group at http://groups.google.com/group/doctrine-user. >>>>>> For more options, visit https://groups.google.com/groups/opt_out. >>>>>> >>>>> >>>>> -- >>>>> You received this message because you are subscribed to a topic in the >>>>> Google Groups "doctrine-user" group. >>>>> To unsubscribe from this topic, visit >>>>> https://groups.google.com/d/topic/doctrine-user/VcMD5cKspsg/unsubscribe >>>>> . >>>>> To unsubscribe from this group and all its topics, send an email to >>>>> [email protected]. >>>>> >>>>> To post to this group, send email to [email protected]. >>>>> Visit this group at http://groups.google.com/group/doctrine-user. >>>>> For more options, visit https://groups.google.com/groups/opt_out. >>>>> >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "doctrine-user" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> Visit this group at http://groups.google.com/group/doctrine-user. >>>> For more options, visit https://groups.google.com/groups/opt_out. >>>> >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "doctrine-user" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/doctrine-user/VcMD5cKspsg/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at http://groups.google.com/group/doctrine-user. >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "doctrine-user" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at http://groups.google.com/group/doctrine-user. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > You received this message because you are subscribed to a topic in the > Google Groups "doctrine-user" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/doctrine-user/VcMD5cKspsg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/doctrine-user. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "doctrine-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/doctrine-user. For more options, visit https://groups.google.com/groups/opt_out.
