Hi,

I've created a function 'validateEdit' to block users from editing records that they don't own. It successfully returns true/false according to above criteria. However, the edit form is still shown:

Mar 14 11:29:42 symfony [info] {sfRequest} request parameters array (  'module' => 'staff',  'action' => 'edit',  'id' => '6',)
[...]
Mar 14 11:29:42 symfony [info] {sfFilter} executing filter "sfExecutionFilter"
Mar 14 11:29:42 symfony [info] {sfFilter} action validation failed
Mar 14 11:29:42 symfony [info] {sfCreole} prepareStatement() [...]
Mar 14 11:29:42 symfony [info] {sfView} initialize view for "staff/edit"

I guess the only reason for it went through even "action validation failed" is because how handleErrorEdit is designed:

  public function handleErrorEdit()
  {
    $this->preExecute();
    $this->staff = $this->getStaffOrCreate();
    $this->updateStaffFromRequest();

    $this->labels = $this->getLabels();

    return sfView::SUCCESS;
  }

Why it is designed to allow any failure to fall through? How can I fix it?

thanks