Approach to adapt a smarty template according to specified flags

Question

I am developing a small application which administers some data in a database. I am using the Smarty template engine to have everything working in MVC style and try to keep the code clean and structured as possible with the PHP scripts acting as the controllers and the smarty template as the view.

Now I wish to introduce the concept of permissions. For example one user can have rights to view and edit some of the data, while another could have other rights to view or edit different parts of the same data.

I am doing the checking in 2 places: 1. The controller itself, which checks whether the user has rights before performing the action. 2. The view (smarty template), which checks whether the user has permissions and disables or changes to read only the respective control.

The latter part however is becoming a bit too verbose for my liking.

<textarea id="description" name="description" rows="3" 
{if !$user->can(Permissions::EDIT_DESCRIPTION)}readonly{/if}>{$item['description']|default:''}</textarea>     

Is there any better approach to this that is a bit more declarative or concise using Smarty to achieve the same result?

Answer 1

How about rather than leaking the whole of $user and its methods and constants into Smarty, make a custom modifier or two that checks a permission and does something useful based on it, e.g.:

A check_access modifier with the access type on the left (first param) and the true and false output on the right (second and third params):

<textarea id="description" name="description" rows="3" {'EDIT_DESCRIPTION'|check_access:'':'readonly'}>{$item['description']|default:''}</textarea>

Or even more specific, one which outputs the readonly attribute if it's necessary; I can't think of a good name though:

<textarea id="description" name="description" rows="3" {'EDIT_DESCRIPTION'|readonly_if_no_access}>{$item['description']|default:''}</textarea>