-
-
Notifications
You must be signed in to change notification settings - Fork 6.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Decouple biz rules from auth items #499
Comments
Both are good. How about option?
And illiminate old approach, right? Or decoupling is an option?
I think we can introduce |
Did not see any problems for using biz rules as Closures that stored in files for DB as option. |
How will you save a Closure as a string in DB? |
We did not save it to DB when it (as option) will be stored in file.
Manually, this is why i say about various store options. |
@qiangxue Ok, i'll explain more:
We can use Closures or php statement for biz rules.
Only php statements allowed. |
I think we can start simple first by only supporting one mode: use a single PHP file to keep all biz rules and each rule is represented as a Closure. We should have a new class possibly named
|
Does it need to be one data source for all bizRules? I really don't want to over-complicate things, but I could imagine a solution where part of the bizRules comes from a single PHP file (static bizRules, defined as callables) and another part of the bizRules comes from some other data source, maybe but not necessarily a DB table (used for bizRules created by admins).
$_ruleSources = array(
0 => array(
'class' => 'Rule\Source\Static'
'file' => '@data/rules.php'
),
1 => array(
'class' => 'Rule\Source\Db'
'table' => 'yii_biz_rules'
),
); The order of |
I think about this too yesterday. Something like one rules from file, other rules from db, but after some time i'm realize that this is really overcoding since there is no practice useage to support this. Moreover this is something what lead away us from goal. |
In my opinion the bizRules may have a form of classes with common interface |
SuperClosure is a great thing, but it uses eval() itself to unserialize the closure. No real improvement in this situation. |
Well, yeah :) There's no way to store code in DB w/o sort of eval be it PHP or our own dialect. |
yeah, right :) |
I agree with @alphard-code. Storing BizRules as classes would allow for more flexible custom RBAC implementation. I'd be interested in writing a custom DbBizRule that would take an ActiveQuery along with parameters that could run in the Database instead of PHP. Namespaced Classnames of the BizRule could be stored in the DB, as could serialized parameters to initialize the class. |
@qiangxue are we going to do something about this one for beta? |
I will handle it. |
Currently in RBAC, we store a biz rule directly with its associated auth item. This has several drawbacks.
eval()
.To overcome the above drawbacks, we may consider decoupling biz rules from auth items by introducing a list of named biz rules called biz rule map. The map contains a list of biz rules, each having a unique name. If a biz rule needs to be associated with an auth item, we store the biz rule name instead of the biz rule itself in the auth item.
The biz rule map can be stored as a PHP file, or multiple PHP files (one for each biz rule). Or we may consider storing biz rule map as a DB table.
If we use PHP files to store biz rule map, we may support using anonymous functions as biz rules. If DB table, perhaps our only choice is to use PHP statements as biz rules.
Related discussion: #471
The text was updated successfully, but these errors were encountered: