Hi all, I have worked on a plugin that has the same goals : verify owner rights on a (propel) object.
It is a propel Behavior plugin which links a sfUser to a propel Object and provides methods to Propel Object like : bool isOwnedBy(sfUser $sf_user=null); setOwners(array(sfUser1, sfUser2)); Visible here : http://code.google.com/p/sfownedbehavior/source/browse/trunk/lib/sfPropelOwnedBehavior.class.php Hope it could help !! Florian. On Jul 23, 9:00 am, Bernhard Schussek <[email protected]> wrote: > Hi all, > > We are currently developing a couple of (object) route classes that > handle access control on objects. After working on this for a while, I > must say that this is a very convenient way to protect your > application. Because the routes are aware of the requested, you can > not only test for plain credentials, but also fro access privileges on > the requested object. > > That made me think whether a full move of the security layer to the > routing might be a desirable option, maybe combined with some sort of > ACLs. > > Let me know what you think. > > Bernhard > -- > Software Architect & Engineer > Blog:http://webmozarts.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
