Repository Pattern and layering. Where do I apply security?

Question

I am doing my best to design my web app with good separation between the layers. I am using the repository pattern and as such have a SQLObjectRepository which is called by my ObjectService which is called by my Web front end.

In my object model, the user is associated with one or more regions which should filter the objects they should have access to. My question is, when I am querying for objects, do I put the code in the service to set the permissions on the objects, or should that code be in the repository? If the user is a member of 2 regions, should I pass the user as a parameter to the service, or should I pass the user's regions to the service?

Answer 1

I would:

• Write the security check in such a way that it can be applied in any place you like. This way you can refactor as requirements change.

• If the security check really will always apply, place it in the repository layer (or better, in an aspect if your language supports it) so that multiple services will all share common security if they use the same repository. Otherwise place it in the service (or an aspect acting on the service).

• pass the entire user object to the security checking mechanism:

  • if the security check later becomes more complex (depends on other properties of the user) the API won't change;
  • it makes more semantic sense - you're checking the user has permission to do something, not that a list of countries does.