Hi All, I want to implement an object, useragent, permission based access control system but I was wondering where is the best place to do the check for access.
Obviously I need to get the id of the object from the url and I also need the current user id and whatever permission is being tested. It seems like I would need to test this in each action method unless it was needed for all actions in which case I could put it in preexecute but is there a better way? Is this what filters are for - I'm in the dark about that side of symfony. AND, where would I put this checking method, in the user class would seem sensible to me - anyone any thoughts on this. Thanks, Paul -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
