Been thinking more about this for a couple days and I think your suggestion that I stick with ACLs has some merit. Say I ditch the assignment relation ships in my model between User and Group entities and instead rely on ACLs. How would I get a list of the entities the user has been granted some level of access to? My understanding is that the ACL implementation is not intended to be directly related to my model so I'll not be able use it in SELECT statements, right? Seems to me that iterating over SELECT results to serially check the ACL status of each entry would be resource intensive and wouldn't scale well if the number of returned entities was large compared to the number that would pass the ACL.
Thanks for the time, Paul On Fri, May 20, 2011 at 2:01 PM, badllama77 <badllam...@gmail.com> wrote: > I originally had the same issue, I was trying to figure out how to retrieve > the user or objects linked using the acl. > It can be done, messily, but after some quiet contemplation and some posting > back and forth on here I determined not > to do it. > > So I decided to try to only use the ACL when I need fine permissions. I was > working on an app that started with one user > connected to a resume. Then there were three other users that suddenly > needed access. We didn't want to create another > many to many table for the user connections. We ended up with all kinds of > association checks to see if user B was linked > to user A with permission D. The ACL would have made this much easier > allowing permissions to be added and removed > separately without all those checks. > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
