Reputation: 2007
I have a single page backbone application. It's essentially a list of items with some data associated with each. Right now, it's only visible to admin user and the edit, destroy links are present as well as a bunch of other "admin-only" features.'
If I want to make the page available to non-admin users and let them only see the items and maybe some admin features, would it be preferable to have a different sets of views, models, templates, another app of just hide depending on the user role?
Or maybe just another set of templates?
Upvotes: 0
Views: 202
Reputation: 38888
Another simple approach could be to use the same template (same html) but toggling elements through CSS.
You can add/remove a class to the root DOM element of your template like .admin
and play with CSS:
#my-root-element .admin-element {
display: none;
}
#my-root-element.admin .admin-element {
display: block;
}
Of course the elements will be still there for possible malicious users, but this shouldn't be a security issue because you always should have extra security filters in the server layer.
Upvotes: 1
Reputation: 18597
I would say the easiest and most maintainable solution would be to have a separate template for admin and non-admin users.
You should be able to use the same view, but the template will determine which functionality is enabled.
Again, there are multiple ways to solve this and it depends on the context, and in this context I think different templates is the best way.
Upvotes: 2