Skip to main content

Posts

Showing posts with the label acl

ACL implementation

First question Please, could you explain me how simpliest ACL could be implemented in MVC. Here is the first approach of using Acl in Controller... <?php class MyController extends Controller { public function myMethod() { //It is just abstract code $acl = new Acl(); $acl->setController('MyController'); $acl->setMethod('myMethod'); $acl->getRole(); if (!$acl->allowed()) die("You're not allowed to do it!"); ... } } ?> It is very bad approach, and it's minus is that we have to add Acl piece of code into each controller's method, but we don't need any additional dependencies! Next approach is to make all controller's methods private and add ACL code into controller's __call method. <?php class MyController extends Controller { private function myMethod() { ... } public function __call($name, $params) { //It is just abstract code $acl = new Acl(); ...