I've built a management platform for a small business and actually working on a v2 with Laravel 5.4.
The context is the following:
- Main managed entity is as Mandate.
- It has several items that may be managed(CRUD)
- Users can be invited to this Mandate and have different roles: Responsible, main broker, sub broker.
- Some users with "global" rights may have access to all mandates, like secretary or the ceo.
- And the part tricky part, access rights change depending on the Mandate status.
Regarding the global access rights, I've got it all covered with activity/role based access.
Mandate access rights are stored in a dedicated table storing the following :
mandate_status_id
role_identifier
action_identifier
is_authorized
The way I'm handling access right on the main entity is bugging me and I would like to refactor it. What's bothering me is that on every access check I have to determine the current user role regarding mandate being "touched". The mandate acces rights table is loaded into a singleton on every request.
I went at first for a caching approach of the rights/role but it showed its limit when rights did not change after mandate status did.
I was thinking something like building the mandate access or a mandate context when instanciating the mandate model. It would prepare the users having access and their rights.
I'm open to suggestion, if you think I'm approaching it the wrong way please do tell
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire