| # |
May 2nd 2021, 15:57 |
 kevin.pfeifer |
to be honest currently I would just use cakedc/users instead of building the whole authentication and authroization system myself |
| # |
May 2nd 2021, 15:55 |
kevin.pfeifer |
but thanks for sharing your experience :) |
| # |
May 2nd 2021, 15:55 |
kevin.pfeifer |
if someday i would encounter that problem |
| # |
May 2nd 2021, 15:54 |
kevin.pfeifer |
but in this example i was just curious what the "correct" way would be to handle that |
| # |
May 2nd 2021, 15:54 |
kevin.pfeifer |
to be honest i haven't gotten into any performance issues yet with my app :) |
| # |
May 2nd 2021, 15:53 |
greg138 |
Refactored a bit to cache that object, and it got a LOT better. |
| # |
May 2nd 2021, 15:53 |
kevin.pfeifer |
oh ok |
| # |
May 2nd 2021, 15:53 |
greg138 |
It was mostly that it was creating and destroying the object to check permissions for each entity. |
| # |
May 2nd 2021, 15:52 |
kevin.pfeifer |
i would guess either caching or correctly set indices on the db will help there a lot |
| # |
May 2nd 2021, 15:51 |
kevin.pfeifer |
sure that would be pretty catastrophic |
| # |
May 2nd 2021, 15:44 |
greg138 |
Beware of doing this on something that deals with a lot of entities. Had a situation recently where a long page was timing out because it was doing thousands of permission checks, and each one was about 50ms due to a missed opportunity for caching a key object... |
| # |
May 2nd 2021, 15:43 |
greg138 |
That would be one way to go. |
| # |
May 2nd 2021, 15:42 |
kevin.pfeifer |
so like ndm said create a service/utility class which is called in the controller and handed each entity in this class call each policy function to check that authorization and add a virtual field to that entity |
| # |
May 2nd 2021, 15:41 |
kevin.pfeifer |
mhmm ok |
| # |
May 2nd 2021, 15:35 |
greg138 |
This sounds to me very much like a policy? They have functions like `canEdit` that take in an entity. They're usually used "transparently" by the authorization system, but they're "just" classes, so you could create one of the type you need and call it repeatedly? |
| # |
May 2nd 2021, 15:05 |
kevin.pfeifer |
as ndm already said i expect, that you don't have the file `css/bootstrap.css.map` present inside your webroot folder (or a valid symlink to that file) |
| # |
May 2nd 2021, 14:00 |
ndm |
or that the file actually doesn't exist |
| # |
May 2nd 2021, 13:58 |
ndm |
There's nothing that would indicate that these two things are related, rather such a missing controller error when targeting assets usually indicates that your server's URL rewriting is not working properly. |
| # |
May 2nd 2021, 13:31 |
etibor |
and Request URL: /css/bootstrap.css.map |
| # |
May 2nd 2021, 13:31 |
etibor |
but getting this: Error: [Cake\Routing\Exception\MissingControllerException] Controller class Css could not be found. |
| # |
May 2nd 2021, 13:31 |
etibor |
i load it in the App controller initialize |
| # |
May 2nd 2021, 13:30 |
etibor |
my Flash component does not work |
| # |
May 2nd 2021, 13:30 |
etibor |
hello everyone |
| # |
May 1st 2021, 15:47 |
kevin.pfeifer |
or as you already said with an event listener :) But to be honest i haven't dealt with event listeners that much either so ,:) |
| # |
May 1st 2021, 15:45 |
kevin.pfeifer |
or any other configuration at all to be honest ,:) |
| # |
May 1st 2021, 15:37 |
kevin.pfeifer |
But I can now understand the concept that entites shouldn't deal with authorization directly but rather the part which handles the entites |
| # |
May 1st 2021, 15:33 |
ndm |
Also, boys and girls, quick tip, reconfiguring your database connections in your apps without having the aliasing in mind that takes place in the test environment, will drive you to the edge... guaranteed! |
| # |
May 1st 2021, 15:30 |
kevin.pfeifer |
oh wow ok |
| # |
May 1st 2021, 15:26 |
ndm |
Just recently had the pleasure to work on something where a "base entity" was changing/reconfiguring the application's database connections, oh boy, that was just... no, just no, I've never cursed so much in my whole life :) |
| # |
May 1st 2021, 15:23 |
kevin.pfeifer |
alright, noted :spiral_note_pad: and learned something new :) thx |
| # |
May 1st 2021, 15:22 |
slackebot |
of hell :grimacing: |
| # |
May 1st 2021, 15:22 |
ndm |
I mean, I'm not sure if there are any broadly accepted rules of what utility classes are, for me state was always one of the main indicators, as static method calls make them hard-dependencies, which seems to be one of the main points of contention that people have with them... aaaanyways, I just wanted to say, don't stuff your CakePHP "entities" with logic, I've never seen a project where this doesn't pave the road to the 7 gates |
| # |
May 1st 2021, 15:14 |
kevin.pfeifer |
but i think we get into a bit more deeper software design aspect here :) |
| # |
May 1st 2021, 15:12 |
kevin.pfeifer |
i know that the DI Container always gives you back an instances of that class and therefore you have state in that object |
| # |
May 1st 2021, 15:11 |
kevin.pfeifer |
sure ok, it could be that our definitions/understandings of utility classes are a bit different. For me a utility class is just a plain old class which helps you re-use code in multiple other locations (in my examples most of the time in commands and controllers) For me its not that important if they have a state or if these functions are all called statically and therefore have no state |
| # |
May 1st 2021, 15:08 |
ndm |
As soon as you can obtain them from a container they will be instances, ie not just classes with static methods, so then a big part of what usually makes a utility class a utility class, eg no state, is already gone. It could still be a hot mess of course :upside_down_face: |
| # |
May 1st 2021, 15:02 |
kevin.pfeifer |
and since there is a DI Container now in Cake its even easier to use them |
| # |
May 1st 2021, 15:02 |
kevin.pfeifer |
Utility Classes are just something I am very familiar now when it comes to code refactoring and putting duplicate code into one place |
| # |
May 1st 2021, 15:01 |
kevin.pfeifer |
alright :) |
| # |
May 1st 2021, 15:00 |
martin |
Think I can make a listener for the crud plugin so I can do it in the after paginate, not sure if I need it on more places but Guess that can happen in the future. https://crud.readthedocs.io/en/latest/events.html#modify-the-result |
| # |
May 1st 2021, 14:59 |
ndm |
Don't let the OOP people here you talking about utility classes :) But yeah, as a general concept, a link that knows about authorization as well as entities and puts the two things together, so that they are kept properly separated. |