Interested in the question about the concept of MVC.

There are users and roles. Imagine that there are comments in VIEW. There are user and admin roles.

If the role is user, then just show the comments, if the role of the user is admin - then show the icon for each comment "edit".

Is it true to do a VIEW check for example:

<div class="comments-block"> ... if($role == "admin") { echo "<a href="/edit/comment/>edit</a>"; } ... </div>

Or do you need to bring this logic to the controller? But if the controller, it turns out that we are part of the VIEW take out into it, and this also violates MVC.

    1 answer 1

    It's all a bit more interesting. This code should not be entirely in the view, or in the controller, or in the model. The controller in one way or another should get the user object - using a model or simply from an external service - and stuff it into the view context. The controller itself does not participate in the process of creating and processing a user, but simply transfers it. In the view, the user object's method is already called - for example, isAdmin() , which allows you to determine the current status of the user, without resorting to direct comparison, will bring the logic out, and for presentation it will exist only as a true / false flag. Of course, it doesn’t scale well, so with an increase in the number of roles, you can either create separate templates (because you still can’t store many branches in one), or create an AccessManager that has a single method hasAccessTo($user, $resourceKey) (or analog), inside which is hidden all the logic of finding access rights. Usually, however, they try to simplify everything so that by the time of rendering all the data are already known, but if such validation functionality is run in the presentation code, it is not a problem.