Timeline for Implementing DDD: users and permissions
Current License: CC BY-SA 3.0
15 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 16, 2020 at 10:01 | history | edited | CommunityBot |
Commonmark migration
|
|
| Apr 7, 2020 at 16:36 | history | protected | gnat | ||
| Apr 7, 2020 at 15:22 | answer | added | Qortex | timeline score: 18 | |
| Mar 15, 2018 at 11:39 | vote | accept | LittlePilgrim | ||
| Mar 15, 2018 at 8:44 | answer | added | guillaume31 | timeline score: 8 | |
| Mar 15, 2018 at 8:10 | comment | added | guillaume31 |
Of course it should be in application services... I thought it was clear from parts of the code like UserService @AccessControlList[inf3rno] in the answer I linked to.
|
|
| Mar 14, 2018 at 19:54 | history | tweeted | twitter.com/StackSoftEng/status/974010818953203712 | ||
| Mar 14, 2018 at 16:49 | comment | added | LittlePilgrim |
My problem is not with the implementation of the security model itself, I can't see how should I map these more complicated rules into the domain. How should the User -> Author mapping change if it is not a simple role based model on the security side? Passing resource IDs to the other context might work, like HasPermissionToEdit(userId, resourceId) but I doesn't feel right to contaminate the domain logic with these calls. Probably I should check these in the application service methods, before invoking the domain logic?
|
|
| Mar 14, 2018 at 16:30 | comment | added | guillaume31 | Don't the code samples in the link at least answer to "I can't see how could I adapt this to a more complex security model"? | |
| Mar 14, 2018 at 16:27 | history | edited | LittlePilgrim | CC BY-SA 3.0 |
formatting
|
| Mar 14, 2018 at 16:15 | answer | added | Ewan | timeline score: 16 | |
| Mar 14, 2018 at 16:05 | comment | added | LittlePilgrim | Thanks, I've seen that post earlier, my problem is exactly what the edit says at the end: I would like to move access control out of my core domain but I feel I've hit a wall with my implementation. However, your suggestion about the resource ID makes sense: as I don't use the concept of User or Role in the core domain but concrete roles, maybe I could use the concept of Resource in the security BC and map them to the related concrete domain concept. Worth a try, thanks! | |
| Mar 14, 2018 at 15:53 | comment | added | guillaume31 | Maybe you can find what you need here : stackoverflow.com/a/23485141/329660 Also, just because the Access Control context knows about a resource ID doesn't mean it has domain knowledge about what kind of entity that resource is or what it does. | |
| Mar 14, 2018 at 15:30 | review | First posts | |||
| Mar 14, 2018 at 18:56 | |||||
| Mar 14, 2018 at 15:26 | history | asked | LittlePilgrim | CC BY-SA 3.0 |