开发者

How do I inject access control into a service layer of mvc application?

I'm coding a zend framework application using the the standard mvc paradigm with an added service layer to take care of application/business logic. It seems quite popular to put your access control into your services, rather than your modules/controllers/actions, however, I have only seen simple examples with static roles and permissions for those roles.

My application will be using a dynamic acl, allowing the admin user to add roles and set permissions on those roles. I have two questions:

  1. How do you map permissions in user land to that of services and methods in services? I don't believe it should be a 1:1 mappi开发者_JS百科ng. If your application is sufficiently large, you will have many services with many methods, and the permission structure will quickly become confusing for an end user setting permissions for a role.
  2. I have services that are global to the application and not specific to a module. How would you set permissions for those services based on the module that is accessed?

Any help would be greatly appreciated.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜