Hm. Well, how could that be possible? You have to execute some kind of query to the database to determine if the user has the ability to view that record or not.
- Jon On Sat, May 2, 2009 at 5:10 AM, Gandalf <[email protected]> wrote: > > Hello there! > > I added a constraint at the model to limits the current user to ready > only messages addresed to him. > > The problem is that the route model only executes the query after I > called the getObject method in the action. > > I would like to ban the user to the 404 page without calling the > getObejct method in the action, the same behavior that one gets if I > send a char instead of an integer. > > Feature or bug? > > > I did this: > > routing.yml > > message: > url: /message/:id > class: sfDoctrineRoute > options: > model: Message > type: object > method_for_query: getMessageToCurrentUser > param: { module: messages, action: view } > requirements: > id: \d+ > sf_method: [GET] > > and the model: > > public function getMessageToCurrentUser (Doctrine_Query $q){ > $alias = $q->getRootAlias(); > > $q->andWhere($alias . '.to_id = ?', > sfContext::getInstance()->getUser ()->getGuardUser()->id); > return $q->fetchOne(); > } > > > > -- Jonathan H. Wage Open Source Software Developer & Evangelist sensiolabs.com | jwage.com | doctrine-project.org | symfony-project.org --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
