I've written an API in Phalcon and used the ORM and PHQL to fetch data. I've been stuck on adding a feature, namely Object level or Record level security througout the entire API. In particular, I'm looking for a way to add fitering rules that enforce business logic even when using low level Phalcon classes like
Robots::find(); .... // how do i enforce filters here for all developers? $robot = Robots::findFirst(); // how do i enforce filters here for all developers? $robotsParts = $robot->robotsParts;
Is there a way I can transparently apply business logic in the form of filtering rules to functions like find() and findFirst()?
The only way I can see to do that is to create a wraper function like...
// apply my own filtering? $robot = Robots::myFind(); $robot = Robots::myFindFirst(); // custom function to apply extra filtering? $robotsParts = $robot->myGetRelated('robotsParts');
Where I can insert filtering rules on a Model? I've seen some talk in that directly years back over here: https://forum.phalcon.io/discussion/499/beforefetch-
I have some developer friends that use Django and they are teasing that they can do something like this with Django's ORM and I'm a sad Phalcon users :(