Nodal and route access levels

Question

Nodal and route access levels

fabiomig opened this issue 8 years ago · comments

Fábio Oliveira commented 8 years ago

Hello guys!
@keithwhor congrats for this wonderful project!

Well, i want to know, what is the most efficient way to create role level & controller permissions

Imagine this route
/v1/foo

In this route i would like to:
Admin CRUD
Client only list

Is there any (or planned) generator for this?

Regards
Fábio

Keith Horwood · Answer 1 · Thu May 12 2016 06:02:08 GMT+0800 (China Standard Time)

Closed this because I misunderstood what you were asking for.

My personal recommendation is to have v1/foo for your user / client level CRUD interface and v1/admin/foo for the admin controller, and then write Middleware to do authorization handling. I'll have to write documentation about this soon.

Fábio Oliveira · Answer 2 · Thu May 12 2016 07:31:23 GMT+0800 (China Standard Time)

Right, but i think that both users could use the same controller for that.
What you see that could be a problem?

Keith Horwood · Answer 3 · Sun May 15 2016 00:51:59 GMT+0800 (China Standard Time)

It's just expecting a single controller to do a lot of logic, and gets messy pretty easily. I would separate your concerns between controllers. I would recommend treating a controller as a service for a specific task, and admin tasks are distinctly different from user tasks. :)