0

I have got an architectural question. Where should I check user permissions for certain operations?

For example:

1) In a controller, I get parameters from view and start a process in the intermediate model.

2) Intermediate model decide which parameter should be converted and transformed in any way and modify or create data through Models

3) Model communicate directly with DataBase

Where do You think is the right place in that "architecture" to check privileges to for example save sth to database?

enter image description here

Dominik
  • 1,233
  • 2
  • 14
  • 29

1 Answers1

1

I would actually put the authorization check before the controller is being called, kinda like described here (I really need to update that old post). Preferably as a decorator around the controller instance, which would give you a fine-grained control over what operation user is permitted to do, based on controller+method pair.

Another point where you might think about is "authorization lookup" helper function for use in your templates, because you might need to show or hide some UI elements from users, who should not be able to perform the associated operations. The controller+method check, before execution would still work as the actual safeguard then, but it tends to be a quality-of-life improvement.

You should not put the authorization checks inside the each controller or (even worse) model layer, because that tends to promote an excessive amount of copy-paste, which in turn can cause mistakes and becomes a huge problem, when you want to alter the mechanics of your authorization system.

tereško
  • 58,060
  • 25
  • 98
  • 150