Should I pass session data from my controller, or read it in the service layer?

Asked
Active3 hr before
Viewed126 times

5 Answers

90%

From architectural point of view, the session is form of storage. And in PHP it is quite easy to manipulate which type of storage it actually is.,The services in MVC are the part of model layer which handles the application logic. That is - it deals with interaction between domain objects and storage abstraction (that usually are implemented directly or indirectly as data mappers).,I have a fairly typical MVC application in PHP. Quite often I need to grab data from the session but I'm never sure if I should do this in the controller, or in the service., Please explain the behavior of these parameter expansions using IFS?

The services in MVC are the part of model layer which handles the application logic. That is - it deals with interaction between domain objects and storage abstraction (that usually are implemented directly or indirectly as data mappers).

Therefore, you should abstract the $_SESSION accesses (an also initialization) as some sort of SessionMapper, which can handle the storage of domain objects as whole or just storage of specific parameters from those domain objects.

$_SESSION

The services in MVC are the part of model layer which handles the application logic. That is - it deals with interaction between domain objects and storage abstraction (that usually are implemented directly or indirectly as data mappers).

Therefore, you should abstract the $_SESSION accesses (an also initialization) as some sort of SessionMapper, which can handle the storage of domain objects as whole or just storage of specific parameters from those domain objects.

SessionMapper
load more v
88%

I have a fairly typical MVC application in PHP. Quite often I need to grab data from a session, but I'm never really sure if I should be doing this in a controller or in a service.,For example, if the request reaches domain.com/user/edit , my controller can get the current user from the session and pass it to the service, or the service can access the session itself.,Services in MVC are part of the model layer that handles application logic. That is, it deals with the interaction between domain objects and the storage abstraction (which are usually implemented directly or indirectly as data mappers ).,Services use this session (shared via a factory) and the controller doesn't know anything about it.

I have a fairly typical MVC application in PHP. Quite often I need to grab data from a session, but I'm never really sure if I should be doing this in a controller or in a service.

For example, if the request reaches domain.com/user/edit

, my controller can get the current user from the session and pass it to the service, or the service can access the session itself.

domain.com / user / edit
load more v
72%

I suggest do not send a session object to your data layers or other business logic. One of the primary reasons for even separating those things out is so that you can reuse the code in other programs.,You business layer will perform validation, logging etc and then pass myClass to the DAL to be saved. ,Regarding the list itself, when you need to pass the data to the business / data layers send it as a List.,I want to be able to log user actions such as login, logout etc in the database. One way is to update all methods across the BusinessLogic and DataAccess to send Session parameters from the MainWebSite.

I agree that it is not good practice to pass session variables to other layers in your application. If you have a group of related values that you want to pass, you can create a class (custom object) that contains properties for the values and pass that in to your method instead:

public class MyValues {
   public int UserId {
      get;
      set;
   }
   public string Name {
      get;
      set;
   }
}
var myClass = new MyClass();
myClass.UserId = (int) Session["UserId"];
myClass.Name = Session["Name"].ToString();
MyBusinessLayer.DoSomething(myClass);
65%

Will Spring Security take care of all my application security requirements?,How do I know which dependencies to add to my application to work with Spring Security?, Spring Security 2.0.x requires a minimum JDK version of 1.4 and is built against Spring 2.0.x. It should also be compatible with applications using Spring 2.5.x. ,Generally we would recommend applying method security at the service layer rather than on individual web controllers.

This is a debug level message which occurs the first time an anonymous user attempts to access a protected resource.

    DEBUG[ExceptionTranslationFilter] - Access is denied(user is anonymous);
    redirecting to authentication entry point
    org.springframework.security.AccessDeniedException: Access is denied
    at org.springframework.security.vote.AffirmativeBased.decide(AffirmativeBased.java: 68)
    at org.springframework.security.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java: 262)
load more v
75%

You can specify your own JSON string, or you can pass in an Object, which will be serialised by the GsonBuilder.,Here you can specify your own XML string, pass a org.w3c.dom.Document object, or pass a POJO which will be serialised by the XStream serialiser.,If you need more control over the JSON builder when passing an Object to the renderJSON(…) method, you can also pass in GSON serialisers and Type objects to customise the output. ,Alternatively, if you had a more complex object structure, you may wish to build the JSON using the GsonBuilder.

This is a Controller:

package controllers;

import models.Client;
import play.mvc.Controller;

public class Clients extends Controller {

   public static void show(Long id) {
      Client client = Client.findById(id);
      render(client);
   }

   public static void delete(Long id) {
      Client client = Client.findById(id);
      client.delete();
   }

}
load more v

Other "undefined-undefined" queries related to "Should I pass session data from my controller, or read it in the service layer?"