We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

Business logic in fetch, save models, business model in forms

What will be the best practice to implement in phalcon, rules related to save/fetch data from models, based on status, type user, for example, in the system we have 3 type of the users:

  • Admin
  • User
  • Public

And in the system we have Model (Houses), with column status with options (new,ready,process,checked,finish,archive)

And i want to make rules, for example:

  • update House, can be made by User only if House is in state, new,ready and process
  • Public can update only fields name and address in House model
  • User can update all fields, except field admin_check

So, question is how to implement good solution, to make that kind of business rules, on model level.

Same problem with forms, different users in different states have different forms, for example:

  • Public user in state new, see only fields address, name
  • User in state new, and ready, see also fields to upload documents)
  • Admin in all state see full form to update everything

WHat will be best aproach to make that kind of rules, related to forms.

hi, i beliave that for the best logic here is to use ACL (access control list) and events from 'Phalcon\Mvc\Model;'

ACL to give permissions for the user to see the pages to add/edit/delete and the events to deny an insert or update (Phalcon\Mvc\Model::beforeSave()) and give custom messages

check: https://docs.phalcon.io/pt/latest/reference/acl.html