Hi,
Just carrying on from an earlier thread[1] where I was discussing a
subscription member type I've been working on of late. I've finished
implementing it (thanks a lot to this mailing list et al!) but am trying
to ensure there are no security holes in the implementation. I thought
today I could set the default_roles to () in my member type and then
grant the 'Member' role (and any additional custom roles) once the
member is 'paid up'. This appears to work fine but was just wondering if
there could potentially be any 'other issues' by removing the
default_roles (for the record its initially set to ('Member',))?
Thanks again,
Tim
[1]
http://www.openplans.org/projects/remember/lists/remember/archive/2009/06/1243892080561
--
Archive:
http://www.openplans.org/projects/remember/lists/remember/archive/2009/06/1245223129611
To unsubscribe send an email with subject "unsubscribe" to
[email protected]. Please contact
[email protected] for questions.
