Using sfGuard I have configured various credentials that a user might have: members, employees, admins.
For a given action: member/edit, I want admins to be able to always execute this action, and for members I want them to be able to access this action only for their own id. Simply setting credentials for this action in security.yml will certainly handle the case for admins but it doesn't for a member who should only be able to edit their own account. The obvious solution is to allow both member and admins permission to the member/edit action and then code a special case where it checks that the member's editing their own data however this is not a clean way to set this up as I'll have many other actions needing this same special case. What is the best way to handle this case? Is there a way to augment symfony's security filter? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
