DDD 中有域安全之类的东西吗?
我阅读了以下问题的答案:域驱动设计和安全,但我不是'对答案不满意。
访问方法或命令很简单,您可能只需限制角色或类似的东西即可。一个简化的示例,其中如果 x x x x ,则该命令对角色 A 或 B 中的用户都有效。 100,但仅当 x >= 100 时对用户 B 有效,其中 x 是命令中的参数。这张支票应该去哪里?应用程序是否应该在执行命令之前检查参数,或者域是否应该了解角色等?
我说清楚了吗?
I read the answer to the following question: Domain Driven Design and Security but I wasn't satisfied with the answer.
Access to methods or commands is simple, that you could probably just restrict on role or something similar. A simplified example where the command is valid for both a user in role A or B if x < 100, but only valid for user B if x >= 100, where x is a parameter in the command. Where should that check go? Should the application check the parameters before executing the command or should the domain be aware of roles and such?
Do I make myself clear?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是指挥部关心的问题吗?我的意思是安全检查自然适合该域吗?当一个命令在整个有界上下文中具有相同的意图时,那么我认为相应的聚合根应该确保其在特定上下文中的有效性。
您提到的场景对我来说听起来像是业务规则,而不是简单的权限检查。因此,我会将检查作为 AR 的一部分放在域级别。
我也会在基础设施层内检查用户是否可以执行该命令,但这是为了优雅地处理拒绝。像这样的东西
当然,这是对一个模糊问题的非常模糊的解决方案。它很大程度上取决于领域的复杂性,我想唯一有效的答案是:“这取决于”。
事实上,直接回答标题,DDD 中的安全性被表示为一个有效的模型。
Is this a concern of the command? I mean does the security check fit naturally within the domain? When a command has the same intention all over the bounded context, then I think the corresponding aggregate root should ensure its validity in a specific context.
The scenario you've mentioned sounds to me like business rules and not a simple check for rights. So I'd place the check at the domain level as part of the AR.
I'd check within the infrastructure layer as well, if a user can perform the command, but that's to handle gracefully a rejection. Something like this
Of course this is a very vague solution to a vague problem. It depends so much on the complexity of the domain, that I guess the only valid answer is: 'it depends'.
In fact, to anwser directly to the title, the security in DDD is expressed as a valid model.