I wrote my simple Route which throws 404 if owner is not current user.
# rule
event_delete:
url: /event/:id
class: myObjectOwnerRoute
options: { model: Event, type: object, owner_column: user_id }
param: { module: event, action: delete }
requirements:
id: \d+
sf_method: delete
# Route
class myObjectOwnerRoute extends sfPropelRoute
{
protected function getObjectForParameters($parameters)
{
$object = parent::getObjectForParameters($parameters);
if ($object) {
$className = $this->options['model'];
$method = 'get' . call_user_func(array($className,
'translateFieldName'), $this->options['owner_column'],
BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_PHPNAME);
if ($object->$method() != sfContext::getInstance()->getUser
()->getId()) {
return false;
}
}
return $object;
}
}
Is it worth to include into sfPropelActAsSignableBehaviorPlugin?
On Apr 12, 2:09 am, naholyr <naho...@gmail.com> wrote:
> Sorry to auto-promote my work here, but you should take a look at
> sfPropelActAsSignableBehaviorPlugin, which is less limited than the
> one you quoted : supports create_by, updated_by, deleted_by which
> relies on Paranoid behavior, and does not require it to be a foreign
> key as users can be deleted in some environments.
>
> If you get inspired from a plugin to do your own, take care to have
> that kind of considerations to be the most generic possible ;)
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
