On 9/17/10 11:09 AM, Cyrille37 wrote:
On 13 sep, 17:30, Lukas Kahwe Smith<[email protected]> wrote:
On 13.09.2010, at 16:00, Fabien Potencier wrote:
... ... ...
but the key thing that i would like to see addressed in a more consistent
manner in the symfony community is checking of permissions when reading models.
this obviously requires support on the ORM/ODM level.
... ... ...
I like the concept of ACL applied on the Model.
I used to apply it when worked with Java. I used the ACEGI framework
(http://www.acegisecurity.org/) to protect the Model and do not rely
on web page developper for managing rights.
I did not find this concept around Php. I think, from an industrial
view, it's a must have.
I makes a lot of sense but how can you do the same in PHP? The only
possibility is to have AOP.
Fabien
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
