Heya, Sadly I couldn't attend sfday, but I just read the slides, and I have a question regarding the Security/Firewall thingy.
Why are all the patterns defined on urls? Why not using routes (as we do in templates to reference URLs)? Can't we define security on a per-controller/action basis rather than trying to pinpoint URLs? I guess we'll be able to access the user's role from the controller to assess more fine-grained rights, like the guy can edit an article, but not that last field of the form. I also guess a user can have multiple roles, if not I think this should be adjusted. Cheers -- Jordi Boggiano @seldaek :: http://seld.be/ -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
