Hello, *Context:* I am currently implementing the CMF Router Chain for the Sonata Page Bundle. The router chain allows to cascade routing matching and generation to different routers. Now, in the SonataPageBundle, we have 2 types of entity bound to 1 url:
- a page: a version of the actual page managed by an editor - a snapshot : a locked version of a page view by standard user The CmsRouter (https://gist.github.com/3693051) uses the security component to retrieve the correct cms manager (page or snapshot) depends on the current user's roles. *Question:* The code does not work as the security.context's token is set after the router dispatcher event*. *Is there any reason why the security event is dispatched after the router event ? The only solution for now is to use the a session attribute which is against the roles associated to a token. This might work on 99% on use cases but still an issue remains. -- Thomas Rabaix http://rabaix.net | http://sonata-project.org <http://rabaix.net> -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to symfony-devs@googlegroups.com To unsubscribe from this group, send email to symfony-devs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
