Thanks, yeah I can do this.
Really my original question is if anyone has come across any solutions
(eg: plugins) that handle this type of action. I don't writing
proprietary code for stuff that should really be handled by the
framework. :-)
Cheers,
Steve
On Oct 23, 12:28 pm, Alexandre SALOME <alexandre.sal...@gmail.com>
wrote:
> So the other part would be to overload the hasCredentials method and add in
> the top of it :
>
> if (!$this->isActive())
> {
> return false;
>
> }
>
> Other solution : create a filter : if the user account is inactive, redirect
> him
>
> class myFilter extends sfFilter
> {
> public function execute($filterChain)
> {
> $context = $this->getContext();
> // do your stuff with $context->getResponse() and $context->getRequest()
> and $context->getUser()
> }
>
> }
>
> and register it in the filters.yml
>
> 2009/10/23 Steve Sanyal <steve.san...@gmail.com>
>
>
>
>
>
> > I've already overloaded signin for a few other reasons, but the
> > solution you suggest would would only be part of the solution, because
> > if I disable a user I would have to remove all of the user's
> > permissions also. Otherwise, the user could manually navigate to a
> > page to which he/she had access. If the user has a remember cookie to
> > bypass signin they could also avoid the disabled status.
>
> > Ideally I'd rather not have to remove all the ACL permissions because
> > this creates an additional maintenance tasks, for example if I were to
> > later re-enable the user. It would be much more user friendly if I
> > could simply disable at which point ACL permissions would be ignored,
> > but the user would get sent to a page explaining the user has been
> > disabled.
>
> > To be comprehensive, this needs to hook into whenever permissions are
> > checked, almost an "allow_disabled_access" in the security.yml, so
> > public pages would be visible by the user but secure pages would not.
>
> > Steve
>
> > On Oct 23, 3:07 am, Alexandre SALOME <alexandre.sal...@gmail.com>
> > wrote:
> > > Overload the signin action, and make your test in it : if the account is
> > > disabled, redirect to your special page, else, login.
>
> > > Which ORM/symfony version are you using ?
>
> > > 2009/10/23 Steve Sanyal <steve.san...@gmail.com>
>
> > > > Hi,
>
> > > > Has anyone come across any good solutions for having a disabled user
> > > > in symfony? Ideally, I'd like a person whose account has been
> > > > disabled to be sent to a special page. I'm using sfguard for my login
> > > > and ACL. Currently, I just change the user's active status to false,
> > > > but this merely prevents the user from logging in.
>
> > > > Regards,
> > > > Steve
>
> > > --
> > > Alexandre Salomé -- alexandre.sal...@gmail.com
>
> --
> Alexandre Salomé -- alexandre.sal...@gmail.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
