tag:blogger.com,1999:blog-36547168.post3505513224443302968..comments2023-11-25T11:00:42.257+01:00Comments on Invisible to the eye: A NakedPhp walktroughGiorgiohttp://www.blogger.com/profile/03558287012747987157noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-36547168.post-45803461521972350072010-03-25T17:42:45.743+01:002010-03-25T17:42:45.743+01:00For all three points I'd remind you this is al...For all three points I'd remind you this is alpha/unstable software. :) However the intention for 1) and 2) is to port the design choices made by Naked Objects, so:<br />1) ACL on the single methods, plus a optional Facet over methods where the developer wants a finer control; e.g. boolean allowMyMethod($someArguments) to check if the current user can call myMethod().<br />2) There is also the possibility of hiding members via @Hidden annotations, and the Facet methods (such as hideXXX(), choicesXXX(), ...) will be obviously hidden. Don't know if there is finer control in the original Naked Objects framework.<br />For 3), now the controller generates only markup for different segments of content: the three segments for services/session/context, the segment with action list and the current object view (showing the fields). In the layout, which is application specific, the developer can move these segments where he wants and style them with css. The user interaction is *by design* limited to act on objects of the domain model.Giorgiohttps://www.blogger.com/profile/12689416577856305650noreply@blogger.comtag:blogger.com,1999:blog-36547168.post-17132094038759268292010-03-25T14:19:12.784+01:002010-03-25T14:19:12.784+01:00A very interesting concept, and a nice implementat...A very interesting concept, and a nice implementation in PHP. I have three remarks you might want to respond to:<br /><br />1) Security<br />If you are working with ACLs and have to santize user input, how easy can these be regarded by NakedPHP?<br /><br />2) As far as I understand, methods like hideXYZ() are used to hide or expose functions (formerly known as actions). I would prefer to use phpdoc tags to explictly expose methods, since a whitelist is safer and the tags are used by doctrine anyway.<br /><br />3) Design. Is design/appearance completely decoupled from logic? How limited is it, apart from styling with CSS? In many projects designers have to do the UI, and customers have clear demands to it. It were great if nakedPHP could be used in commercial RAD.<br /><br />Tanti saluti<br /><br />Danielbonndanhttps://www.blogger.com/profile/00564049467297951993noreply@blogger.com