Thanks Rob and Mike, I will take this advice on board and try to come up
with a solution that is right for our application.
Michael Horwitz wrote:
Another option is to implement something in line with AppFuse's
UserSecurityAdvice which acts as a security interceptor on the save()
method of the
Another option is to implement something in line with AppFuse's
UserSecurityAdvice which acts as a security interceptor on the save() method
of the UserManager - it prevents anyone who is not an Administrator from
modifying user details other than their own. Has the advantage that you do
not need t
Hi Phillip,
Philip Barlow wrote:
I'm just wondering is there a general solution to the following example:
I pass a TeamId as a request parameter to a PersonAction to list all people
in a team with Person.TeamId=TeamId.
However I want to stop a logged in user being able to manually change the
T
