/
More intuitive way to specify event permissions

More intuitive way to specify event permissions

Owned by Alex
Last updated: Apr 29, 2013Version comment

In-Portal is event-based framework. This means, that to perform something you need to emit an event and In-Portal would handle it.

Each event, that can be emitted from outside (e.g. by visiting http://www.website.tld/?events[prefix]=OnEventName) must have an associated permission. This way In-Portal ensures, that only users, who have that permission can run the event. When creating new event you need to:

  1. create event method in event handler
  2. specify permissions to use in mapPermissions method

As a developer, I create new events every day and find it counterproductive to scroll up to mapPermissions method (and create it if it's missing) each time, I create a new event.

/**
 * Allows to override standard permission mapping
 *
 * @return void
 * @access protected
 * @see kEventHandler::$permMapping
 */
protected function mapPermissions()
{
	parent::mapPermissions();

	$permissions = Array (
		'OnRefreshStatistics' => Array ('self' => 'view'),
	);

	$this->permMapping = array_merge($this->permMapping, $permissions);
}

/**
 * Refreshes statistics
 *
 * @param kEvent $event
 * @return void
 * @access protected
 */
protected function OnRefreshStatistics(kEvent $event)
{

} 

Instead I propose to use annotations to specify permissions of event right in it's PHP-DOC comment:

 /**
 * Refreshes statistics
 *
 * @param kEvent $event
 * @return void
 * @access protected
 * @permissions('self' => 'view')
 */
protected function OnRefreshStatistics(kEvent $event)
{

}

Notice @permissions annotation.