- Define actions like:
- configure system
- manage products
- create quotes
- delete quotes
- create invoices
- delete invoices
- Assign these actions to roles
- These actions are then passed as some datastructure to the ``userdata`` of the logged in user.
- Methods ( Controllers, Views) could check if the currently logged in user has the necessary action.
Are there decorators in PHP? Then we could easily implement this with a decorator, that checks if the user has the necessary allowed action. This would heavily reduce the necessary code.
Yes, there obviously are. But honestly they look extremely complicated to implement. :-/