[FLOW3-general] Question related to content security
David Sporer
david.sporer at gmail.com
Wed Sep 26 08:09:13 CEST 2012
Hey guys,
I have a question regarding the content security.
I managed to create rules in the Policy.yaml for entities which work
(partially). One thing that does not work is the following:
This works fine in my controller:
// get the customer of the logged in user
$customer = $this->securityContext->getAccount()->getParty()->getCustomer();
But this doesn't work in the Policy.yaml:
entities:
My_Package_Domain_Model_Pass:
My_Package_Passes_All: 'ANY'
My_Package_Passes_Own: current.securityContext.account.party.customer
== this.customer && this.customer != NULL
I saw that in the documentation the patterns are quoted but this didn't work
either and in this video they aren't quoted too:
<http://media.netlogix.de/plattformen/flow3/podcasts>
http://media.netlogix.de/plattformen/flow3/podcasts
If I deny My_Package_Passes_All I can't access any resources.
What am I missing?
Best regards
David
More information about the FLOW3-general
mailing list