Trying to find a convenient way of checking permissions/actions that user can perform. I have several options on mind but must say i feel there must be a nicer way.
The problem:
-
There are X actions/operations that user can perform. Each is identified by unique string key like:
list_this,update_that,create_this,delete_that, etc... -
Users have different
Packages assigned and each package allows them to perform certain action(s). For example, having assignedPackage Xallows them to performaction_X. -
Class
Userhave collection ofPackages that user have assigned.
I'd like to have something like User.CanPerformAction(string actionKey) which would return boolean indicating if action is allowed or not. That method, would go through collection of packages and check if actionKey is allowed. What i'd like to avoid is to have manual iteration&check in Users class. Instead, something like Package implement some interface with CanPerformAction(string actionKey).
My first attempt was to use Strategy pattern, but that one seems more suitable running exactly the same method (signature wise) on different implementation classes. Next one was something like Chain of responsibility, but in this case it doesn't make too much sense for packages to be chained.
Its almost like on Users class there should be method AddPackage which would, in turn, fill allowed actions from each package into some private string[] and then User.CanPerformAction(string actionKey) could do something like actionsCollection.Contain(actionKey).
Is there some nicer way to implement this in DDD fashion? Am I missing something?
Aucun commentaire:
Enregistrer un commentaire