I want to know if all the logic related to permissions and access control belongs to controllers (Application logic) or models (Business logic).

Currently I have a controller that does something like that:

function delete (resource) {
   if (resource.belongsTo (currentUser) {
       resource.delete ();
   }
   else {
       throw Exception ("you can't do this");
   }
}

Is this kind of logic application logic or business logic?

PS. I already read Where to put business logic in MVC design?, but I still have doubts

Related posts

Recent Viewed