What do your CRUD methods return?
Moderator: General Moderators
Re: What do your CRUD methods return?
To relate to database terms - item is a row, attribute is a column. And again you go back to the default values - those can be handled by the model, I never said otherwise. Aside from that, the view should be aware of whether there are some items (rows) , no items, or an error. It's an important distinction in my opinion.
Re: What do your CRUD methods return?
Where would a high security site, such as an online banking site, place permission checking?josh wrote: My model would not be checking permissions. It would return the data, and the controller would decide what to do. Permissions are system level to me.
Re: What do your CRUD methods return?
Good question. I am inexperienced but I can probably offer insight. A bank account might have "system level" security (ex. a customer shouldnt be in the admin panel). That would be purely controller based in my preference.Benjamin wrote:Where would a high security site, such as an online banking site, place permission checking?
But then you have like "account level" security for lack of a better term. In a banking system you'd probably have a "transaction" object, with 2 "legs" (or accounts). One account being debited and one being credited, or a short & long leg in the case of stocks & securities.
In my controller I would probably just have something like
Code: Select all
$this->assertUserCanMakeTransaction( $transaction ) Code: Select all
$transaction->canBeMadeBy($this->user())