ACL on model level, dynamic ACL and assertion
Notice: This thread is very old.
- Member | 39
I am just starting with Nette. I have done base skeleton and authorization, and now I am thinking about ACL. I have two question:
- Where in the model implement ACL checks? I am using Doctrine and service layer, so I guess, service layer may be the right place for it. How to process it? I have idea to check in service layer and throw some exception on deny, catched in presenter. (?)
- I will need some assertion. In doc is example of how to use it, but if ACL will be dynamic, how can I use 4th param on Permission->allow(…)?
Thanks for your ideas.
- Patrik Votoček
- Member | 2221
- yep first option is service layer and second option is custom AST walker. I think throwing exception and catching in presenter / component / forms is a good idea.