Remote API - better permissions handling

Discussion in 'General' started by mrtnzlml, Mar 21, 2015.

  1. mrtnzlml

    mrtnzlml New Member

    Hi, I am working with quite old system and I am looking for the better approach. This system is widely working with remote API and there is need for checking user rights. Unfortunately it's not very nice. For example:
    public function handleDelete($id) {
        try {
    $groupid $this->clients->client_get_groupid($this->presenter->user->id);
    $cron $this->sites->sites_cron_get(array("id" => $id));
            if (isset(
    $cron[0]['sys_groupid']) && $cron[0]['sys_groupid'] == $groupid) {
    $this->presenter->flashMessage('CRON úloha byla úspěšně vymazána.''success');
            } else {
        } catch (\
    SoapFault $exc) {
    $this->presenter->flashMessage($exc->getMessage(), 'danger');
    Is there a better way how to handle user permissions? I don't like this one. Maybe it's possible to create remote access for every single user? Thank you for the idea...
  2. mrtnzlml

    mrtnzlml New Member


Share This Page