Hi Dominik
Unfortunately, this was the best thing i could find and what i implemented
in the end
In case of the assertion where i want to verify if someone is the owner of a
resource i did these things:
* I created a ResourceWithOwnerInterface that demands a method getOwnerId()
* Any entity
Hey Martijn,
did you get a better solution right now? Have the same problems and cant
find a better way to do it, but it feels weird...
regards
Dominik
--
View this message in context:
I've been able to come up with a working solution, using the doctrine events.
Within these events i do an (additional) acl-isAllowed() call which will
trigger the assertion, but this time with the resource that is a doctrine
entity. It works ... but i'm not really happy with it:
1) I have to
Hi Michael
Thanks for the response. However, i'm afraid it didnt really help.
Everything works fine, except the assertion-part. My Problem is this:
1. De resource (the blog-post) is loaded in the controller. This works fine.
2. The acl-check is done _before_ the controller loads the blog-post.
Hi
I would bind the creation/update/editing of your models to an ACL
checking listener which can derive ACL parameters from the model(s)
associations.
On Mon, Sep 9, 2013 at 11:01 AM, Martijn Korse ma...@excudo.net wrote:
Hi Michael
Thanks for the response. However, i'm afraid it didnt really
Hi Richard
Sounds interesting and where it concerns database _changes_ i think it's
also possible. I already have an abstract controller class with a method
writeDbChanges() that takes a Zend-Form as argument. This form as a
doctrine entity bound to it, so i see a lot of possibilities there.
The
Only one ACL config / instance required, with the FQCN of the Entity
the Resource, the action (edit/update ..) the Privilege, and the role
dynamically determined by the users association to the blog post the
Role. If you are using Doctrine ORM I believe the events are already
there