One requirement I didn't mention is recording the user who created the logs. Given that I'll have this info as a member of the log entity, does it make sense to use an ACL? Seems redundant to me.
On Wed, May 18, 2011 at 1:06 PM, badllama77 <badllam...@gmail.com> wrote: > I think you could filter the available pool of widgets/logs when you select. > At the user level, where they can edit their logs, they would be owner of > the entity in the acl. > Any higher role bypasses the ownership check, or you could assign a user > with these roles a > class-scope permission. > > e.g. Bob is a user, in group 5,6, orginazation 4. He can see all > widgets/logs > for the respective (filtered via select) then gets access to those he owns > (ACL), and can create because of his role (Security). > Jane is an administrator, she has edit/delete on groups etc.. she is in > (ACL), and can create because of her role (Security). > etc... > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
