On May 11, 7:07 pm, pbreit <[email protected]> wrote: > Hmmm...I haven't seen that pattern. I always put the LOAD() in a view. And > decorate the calling controller. I don't see why or when you'd ever want to > protect an individual component. because you cannot grantee that the component cannot be guessed image somebody had access before, and now he is rejected access but sill has a record of the component urls i generally protect all components that are used in protected controller function
and yes i agree that this happens mostly due to weak design (links to components are not hidden if user is not logged in) but sometimes it is nice to show that a function is available, but you need to log in first image this -download -> links download component, which is available -update -> links upload component, only available to logged in user now i could generate a different menu for logged in and not logged in users, but why the hassle if this is not needed
