0

I've been tasked to work out a model which will introduce restrictions or levels in an existing webapplication. The application is not consequently build to easily implement this feature. Serverside is PHP, clientside is jQuery.

These restrictions are associated with plans or subscriptions a user has bought.

I've come up with a model where:

  • Functions are mapped with actions.
  • An Action is a meaningful definition of an act a user can do on the application.
  • A plan is a list of actions with a meaningful restrictive value.

A real world example

  • requestIntroduction() is mapped with 'requesting' <-> 'introduction'
  • The action is a 'request' of an 'introduction'
  • Current plan allows user to request 5 introductions
  • Do the check

I'm looking for a generic way to control restrictions as much as possible in one place in the code because:

  • Plans will be added, removed and adjusted frequently
  • Restrictions will be added, removed and adjusted frequently (to a plan)
  • Adjusting restrictions and plans will be a feature in an admin console in the future.

My question is : Is there a better way to achieve the same generic approach to handle restrictions and to minimize coding future changes to plans and/or restrictions ?

4

1 回答 1

0

想象一下,您在控制器上定义了诸如“emptyBinAction”、“gothereAction”之类的 Actions 方法(承认您使用的是 MVC 或类似的设计模式)

您可以根据方法名称轻松检查权限:

例子:

protected function emptyBinAction($params) {
    $this->checkAccess();

    ...
}

例如,您可以使用checkAccess()检查登录 + 是否用户有权执行此操作:

protected function checkAccess() {  
     // Check login 
     if ($this->myModel->checkLogin()) {
         // Query DB for permission (pass user id and func name)
         if (!$this->myModel->checkPerm($usrId,$this->getCallerName()) ) {
             return false;
         }
     }
 ...
}

返回调用者姓名的示例方法(在这种情况下将返回“emptyBinAction”):

public function getCallerName() {
    $e = new Exception();
    $trace = $e->getTrace();
    return $trace[2]['function'];
}

就 checkPerm() 查询和数据库结构而言,您可以按照自己的意愿进行操作,将权限分配给用户组或每个用户,或两者兼而有之。

于 2013-10-11T11:08:11.437 回答