Using middleware to implement access control
As the name implies, middleware sits in the middle of a sequence of function or method calls. Accordingly, middleware is well suited for the task of "gate keeper". You can easily implement an Access Control List (ACL) mechanism with a middleware class that reads the ACL, and allows or denies access to the next function or method call in the sequence.
How to do it...
- Probably the most difficult part of the process is determining which factors to include in the ACL. For the purposes of illustration, let's say that our users are all assigned a
status. In this illustration, the level is defined as follows:
'levels' => [0, 'BEG', 'INT', 'ADV']
- The status could indicate how far they are in the membership ...