I'm creating a website with many roles. In my model, user role is an array. So a user can stack more than one role.
Exemple :
user.role = ['artist', 'premium'];
In a user case, the user can create a project and pay at the creation. It's free for premium.
My question is:
What is the best practice for manage the premium role?
I thought about two ways for release this:
Auth.isPremium() === true. But I think it's a very bad practice.I create another route just for premium account. I will check the role during the route provider as :
$routeProvider.when('/project/:type', {
templateUrl: 'app/project/form/form.html',
controller: 'ProjectFormCtrl',
access: {
requiresLogin: true,
requiredPermissions: ['premium']
},
})
Am I wrong?
Thanks for advance !
So I did this :
The user ask a query with his data for create his project. If the server response 402 (Payment require), the user has to pay for the publication.
$http.post('/projects', fd, option)
.then(function (response) {
$location.path('/');
},function (response) {
if (response.status === 402) {
$scope.payment = true;
$scope.error = response.data.message;
$scope.stripe.publishable = ENV.stripePublishable;
}
});
I check the premium account with a middleware
app.route('/projects')
.post(users.requiresLogin, users.hasCredits, //check if premium
multer({ dest: 'uploads/'}), projects.create);
So I create another route for "pay and publish". Pay is a middleware.
app.route('/projects/pay')
.post(users.requiresLogin, projects.pay, users.hasCredits, //pay and check credits
multer({ dest: 'uploads/'}), projects.create); // done