Answer the question
In order to leave comments, you need to log in
How to correctly check the ownership of an entity?
Hello, there is such a structure: the user creates a catalog, it contains a product, it contains some unique pictures for this product, parameters, etc. The depth of this chain can grow.
Only the catalog is associated with the user (it has the user_id field), the products are already linked to the catalog, pictures to the product, etc.
Question: how, when editing, for example, a product parameter, check whether it belongs to the desired user?
The project is on Laravel and now I just created a middleware that chains up to the directory and checks the user. The problem is that you need to get to the directory in different ways, depending on what is being edited. For example, to check a product, you need to get its catalog, and get the user from the catalog, and to check a parameter, you need to get the product -> catalog -> user.
It turns out an if-else sheet, which needs to be added every time if something is added. For example, if parameters are added to the product parameters, then one more condition will be needed.
There would be no such problem if I specified the user_id field for all entities, but this approach seems wrong to me.
How in Laravel or how in general is validation carried out in such cases?
Thank you.
Answer the question
In order to leave comments, you need to log in
if I specified the user_id field for all entities, but this approach seems wrong to me
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question