Comments (2)
maximilienGilet
commented on September 23, 2024
2
Hi @plamenh !
The bundle is intended to be directly usable with a minimal setup. As you said, the provided controller is totally not secured and I encourage you to override it, adding your own security system.
For the ids, I recommend you to use a Uuid system. There is a great tutorial on how to implement it in Symfony : https://medium.com/@galopintitouan/auto-increment-is-the-devil-using-uuids-in-symfony-and-doctrine-71763721b9a9
This issue would be more like adding documentation on how to secure the usage
from notification-bundle.
phtmgt
commented on September 23, 2024
1
Fair enough, I just wanted to make sure I am not missing something.
Regarding the solution - should be relatively easy in my case, as the notifiable entity is my user - just check if the notifiable entity has the same id as the user. If I get around to implementing this, I will create a tutorial. For now, though, I am sticking to an API based solution and disabling the routes.
Regarding the IDs, uuid is great, but it is overhead both in terms of system and development effort. I prefer not to use IDs at all in routes open to the public.
from notification-bundle.
Related Issues (20)
- Seen at and type configs HOT 1
- I have difficulty to make notification system in symfony 4 HOT 15
- How to display the notifications one by one in list HOT 3
- mgilet_notification_render(app.user) gives me an error HOT 1
- make notification as seen on clik on it HOT 4
- Redirect users to a view rather than just returning JsonResponse(true)
- rendered notifications list contains no html HOT 2
- Missing config at installation : "Unknown Entity namespace" error. HOT 3
- Fix deprecation messages HOT 1
- How to use this in Symfony 4.4 HOT 3
- I need to understand how to listen these events with symfony 5 listener. HOT 3
- NotificationManager->removeNotification() does not remove notifications from Database HOT 1
- Hello HOT 3
- Conflict between Doctrine migration bundle and this bundle
- Notifications list contains no html HOT 4
- Upgrade / make compatible with Symfony 5.x HOT 2
- Problem with installed version of Twig 3.0 HOT 3
- Using Bundle
- configuration for "mgilet_notification" HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from notification-bundle.