jeudi 29 janvier 2015

Where to place autorisation code

I have a PHP MVC application. The business logic is implemented in a service layer and a domain model. My question is, where should I implement authorisation checks? In the service layer? Or the domain model?


In a discussion on the service layer pattern, http://ift.tt/tSAesn, Martin Fowler prefers to separate 'application logic' from 'business logic'. The former goes in the service layer, the latter in the domain objects.


Some of my authorisation rules are complex. Authorisation can depend on the current user, their roles, the state of many otherwise unrelated objects, etc. These seem to belong in the domain objects, or in some cases the factories for these objects.


But in other cases, the rules are quite simple. For example, "only a supervisor can approve a new noticeboard post". In these cases I am tempted to check authorisation in the service layer. It obviates the security requirements, and by putting them in a (mock-able) service layer listener, my code becomes easier to test.


So, the question is should I put simple authorisation checks in the service layer, and more complex ones in the domain objects? Or am I asking for trouble by splitting it across two layers?


Aucun commentaire:

Enregistrer un commentaire