--
Hector
On Wed, Dec 30, 2009 at 6:13 AM, Andreas Möller <localheinz@l8m.de> wrote:
Ok, so you start with a request object, and likely, you have a plugin that retrieves the role of the requesting client and compares the requested resource against a set of rules.You can use the flash messenger to record the request_uri, redirect to a
login form, and then check for it on valid login. If it exists,
redirect. Otherwise, serve the default protected screen.
Hence, when the user has a certain role (e.g., "guest") he may not be granted access to a certain resource as it's not listed in the ACL.
So, maybe that resource exists, maybe it doesn't. How would you know?
Best regards,
Andreas
没有评论:
发表评论