Different pages will have different content depending on their level of
access and also some page will require that the user is logged in and some
will not.
In the now deprecated model1 programming I would just have done the check
for permissions and auth at the top of the page and been done with it, but
MVC appears more complex and I find myself wondering where best to put it.
Should I be using a Zend_Controller_Plugin or Zend_Action_Helper or neither?
Should I check acls / auth in each action method or init if I know the whole
controller needs some acl or used must be auth'd OR do I override the
preDispatch method and check which action / module / controller is being
used and centralise all acl and auth checking there?
Any strong opinions eitherway or perhaps I'm way off track and need to be
reeled in so as to avoid my code ending up on worsethanfailure.com :)
Thanks in advance
--
View this message in context: http://www.nabble.com/zend-acl-and-auth-checking-best-practices-tp18842724p18842724.html
Sent from the Zend MVC mailing list archive at Nabble.com.
没有评论:
发表评论