On 13 sep, 17:30, Lukas Kahwe Smith <[email protected]> wrote: > On 13.09.2010, at 16:00, Fabien Potencier wrote: > ... ... ... > but the key thing that i would like to see addressed in a more consistent > manner in the symfony community is checking of permissions when reading > models. this obviously requires support on the ORM/ODM level. > ... ... ...
I like the concept of ACL applied on the Model. I used to apply it when worked with Java. I used the ACEGI framework (http://www.acegisecurity.org/) to protect the Model and do not rely on web page developper for managing rights. I did not find this concept around Php. I think, from an industrial view, it's a must have. Regards, Cyrille. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
