I wrote my simple Route which throws 404 if owner is not current user. # rule event_delete: url: /event/:id class: myObjectOwnerRoute options: { model: Event, type: object, owner_column: user_id } param: { module: event, action: delete } requirements: id: \d+ sf_method: delete
# Route class myObjectOwnerRoute extends sfPropelRoute { protected function getObjectForParameters($parameters) { $object = parent::getObjectForParameters($parameters); if ($object) { $className = $this->options['model']; $method = 'get' . call_user_func(array($className, 'translateFieldName'), $this->options['owner_column'], BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_PHPNAME); if ($object->$method() != sfContext::getInstance()->getUser ()->getId()) { return false; } } return $object; } } Is it worth to include into sfPropelActAsSignableBehaviorPlugin? On Apr 12, 2:09 am, naholyr <naho...@gmail.com> wrote: > Sorry to auto-promote my work here, but you should take a look at > sfPropelActAsSignableBehaviorPlugin, which is less limited than the > one you quoted : supports create_by, updated_by, deleted_by which > relies on Paranoid behavior, and does not require it to be a foreign > key as users can be deleted in some environments. > > If you get inspired from a plugin to do your own, take care to have > that kind of considerations to be the most generic possible ;) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---