Answer the question
In order to leave comments, you need to log in
Where to put the data validation logic before writing?
Hello!
There is an entity - a product, it has the property "display on the site".
There is a user entity, users have different rights (admin, manager, moderator, senior manager, etc.)
The product must be moderated before publication, and an ordinary user / manager cannot set visibility to true. And the admin/moder can. But any user who has permission to edit can turn off the display of the product.
And there are 2 types of product updates - single (within CRUD) and multiple (selected several products with checkboxes and clicked update).
Actually, the question is: where is it customary in Symphony to put the logic of such a check (controller, validator, repository, etc.)? Thanks in advance for your replies!
Answer the question
In order to leave comments, you need to log in
For moderation / editing, I would make an EditController in which restrictions on roles would be set by IsGranted. And a separate controller for turning off the display for users.
But in general the system is very strange. Why give users the ability to unpublish products? Any enraged user will be able to fuck the work of all moderators.
Access control - if possible, take it to the controller, using Voters for example.
Data validation - I recommend doing it in every public and protected method. Yes, it's kind of like a hassle, but this approach saves a lot of time on debugging. Directly in Entity validation in setters.
https://github.com/index0h/php-conventions
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question