We all know the model-controller-paradigm: I have a model “News” which
has a corresponding CRUD-controller “NewsController”.
But now I’m quite unsure about the following…
Guess we have normal visitors that visit our site www.??.com/news and we
have administrators that create and modify news items.
The admin should see an “Edit” link and a “Destroy” link corresponding
to every news item, but visitors should not see them. So we mix some
admin functions into the views.
Further on we need some methods like www.??.com/news/edit/:id that
should only be callable by an admin; we can easily secure this using a
before_filter or so.
So far so good. But the more complex our model becomes, the more we have
to mix admin logic with visitor logic.
So I guess it would be cleaner if we created not only one corresponding
controller, but two of them: a NewsController that is an interface
between data and visitors and a NewsAdminController that handles all the
CRUD-and-more stuff an admin can do.
Is this a good solution? I could then create a route that sends URL
calls like www.??.com/news to the NewsController and URL calls like
www.??.com/admin/news to the NewsAdminController…
Please tell me what you think about this. Are there better solutions for
separating user logic and admin logic?
alot of ppl are torn by this very issue. Personally, i find it easier
to give the extra namespace by adding afolder called admins/ in the app
directory and put all the admin functionality in there. It just looks
nicer.
Im sure there are plenty of reasons this is wrong (REST and stuff like
that), but i really dont care. It just ‘feels’ easier.
peace
–jake
Joshua M. wrote:
Hi all
We all know the model-controller-paradigm: I have a model “News” which
has a corresponding CRUD-controller “NewsController”.
But now I’m quite unsure about the following…
Guess we have normal visitors that visit our site www.??.com/news and we
have administrators that create and modify news items.
The admin should see an “Edit” link and a “Destroy” link corresponding
to every news item, but visitors should not see them. So we mix some
admin functions into the views.
Further on we need some methods like www.??.com/news/edit/:id that
should only be callable by an admin; we can easily secure this using a
before_filter or so.
So far so good. But the more complex our model becomes, the more we have
to mix admin logic with visitor logic.
So I guess it would be cleaner if we created not only one corresponding
controller, but two of them: a NewsController that is an interface
between data and visitors and a NewsAdminController that handles all the
CRUD-and-more stuff an admin can do.
Is this a good solution? I could then create a route that sends URL
calls like www.??.com/news to the NewsController and URL calls like
www.??.com/admin/news to the NewsAdminController…
Please tell me what you think about this. Are there better solutions for
separating user logic and admin logic?
alot of ppl are torn by this very issue. Personally, i find it easier
to give the extra namespace by adding afolder called admins/ in the app
directory and put all the admin functionality in there. It just looks
nicer.
Im sure there are plenty of reasons this is wrong (REST and stuff like
that), but i really dont care. It just ‘feels’ easier.
What exactly do you mean with REST? And are the controllers all found in
this subfolder, or do you have to add it to the path?
alot of ppl are torn by this very issue. Personally, i find it easier
to give the extra namespace by adding afolder called admins/ in the app
directory and put all the admin functionality in there. It just looks
nicer.
Im sure there are plenty of reasons this is wrong (REST and stuff like
that), but i really dont care. It just ‘feels’ easier.
What exactly do you mean with REST? And are the controllers all found in
this subfolder, or do you have to add it to the path?