samedi 27 février 2016

How to manage access based role-users without method checking ways using laravel 5.2

My actual project needs to implement an ACL for the diferent roles in my users.

For now, I have like 4 roles defined by the client (Administrator, Head of Departament, Secretary and Teachers) but he wants to create more roles whenever he needs it.

Knowing this the clue is I want to know if is there any way to control the system access without checking the access in each method of my system. Laravel provides my the Authorization services but is not enough for the desing of my system, but I think is a deprecated way checking every method.

My idea is implement something before enrouting any request and check if the user has access depending on his roles, in this way I won't need to check it in every method as the actual solution that laravel Authorization services, laravel-acl of Kodeine or similars offers me.

If someone has an idea to set forth this Idea please answer this.

Also I want to know if this could affect the system security and how and how I can handle that.

Thanks in advance.



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire