overall code organization: helper, library, core, or model? |
(01-05-2015, 06:01 PM)sneakyimp Wrote: I'm sort of torn here. It certainly seems clear that a given page view or action should be intercepted by a controller if a user is not sufficiently privileged. Viewing admin dashboard, for instance, should not be accessible except by admin. On the other hand, other actions may depend on a lot of conditions that seem squarely in the Model camp: existence of records in a particular database, values from a database, etc. The rules for access to a particular action could be quite elaborate. I've heard discussion of using Interceptor Pattern in this context, but can't yet formulate a proper vision of code and data structures. In particular, creating three base controller classes: If you would like, you can look at my authentication library to see how I did a simple ACL and am using a post-controller-constructor for authentication rather than multiple base controller classes: http://forum.codeigniter.com/thread-264.html It may give you some ideas. It does not have complex permissions though, like what you were talking about where a permission would need to be determined by multiple attributes. Whether you would accomplish something like this in a library or a model... you could go either way. For entity level permissions, I usually use model functions in the entity's model. |
Welcome Guest, Not a member yet? Register Sign In |