|
|
|
|
|
|
by CiPHPerCoder
2853 days ago
|
|
|
It sounds like you're arguing from a very specific mental model of an ACL workflow. In my CMS, I had support for granular permissions. So you could do this: if ($user->can('update')) {
if ($postData) {
$this->processUpdate($postData);
}
// display edit form
} elseif ($user->can('read')) {
// read-only
} else {
return error_403_condition();
}
JWT wouldn't have helped much. |
|
|