How can I allow interaction between user-only modules & admin-only modules without polluting with privilege checks?

Important note: This is PHP (5.3+). PHP is stateless and everything you do dies when the request is over unless saved to a persistent storage.

My system right now can register a module and set its usage permissions, e.g: who can access this module’s functionality based on a pre-defined set of rules, but generally, most of the time we’ll just be looking for whether the requester is an user or an administrator.

Thing is though, I realized this late that there’s a potentially big problem: if I register a module as admin-level, the permissions are then set at the moment that module initializes, there’s virtually no way for my user-level modules, or really anyone without promer permissions to interact with them, even if these unprivileged parties have a real reason for it, as such, a few points up until now:

Point 1: Well, maybe if an u-level module has to interact with an a-level, then that a-level really shouldn’t be an a-level module. As it stands right now, when the user logs in and the modules are loaded, this is how it looks: enter image description here

The user can’t even find the module, because it’s not there.

Resolve: Create a new hierarchy where my modules have sub-modules or partitions and if one of them deviates from the inherited parent-module’s permissions, you have to write that by hand, it’d look like this:

enter image description here

So, now, the big module has no permissions set, but the sub-modules do and they’re being checked every single time the user accesses them.

This seems to solve the issue, but only at a surface level because it lands me back to the issue of me having to check every time I access a resource:

enter image description here

Point 2: This is both I/O so I need to make everything available.


I came up with “data residuums”. Basically, if the user-level module is interested in the inner-workings / output of the admin-level modules, that admin-level module can spit out “registries” of data that it updates whenever it has to and whoever is interested in these can just check them. This way, it’s ensured that, no matter what it happens, I can still access the admin-level module’s data if I need, but I won’t be able to interact with its inner-workings. I’ll be able to see (some) of them, but this way, I can ensure that low-privileged users can’t suddenly make admin-level changes on my site:

enter image description here

So, the a-level module does its things and at the end of it all, it saves that output to an in-memory storage that anyone interested in can access.

But this means that I can’t really call everything that I’d want because once the a-level module is done running its internals, it’s over.

This also means that I’d need my a-level modules to run first, just to ensure that the u-level modules actually have data to work with. This is incompatible with what I currently have.

Given all these issues, what is a pattern or a solution that I can use or rather, how should I think about things when writing my modules?

I was thinking that, even if I believe PHP doesn’t allow it, maybe “attach credentials” to every important call that’s made:

enter image description here

But then again, this still requires me to do a check on every call.

I guess, really, I’m looking for a way to establish identity and it being handled automatically when making calls.

I know this is already extremely long, but an example would be an a-level module that deals with generating suggestions based on the application’s ever-changing state with possibly sensitive data, let’s call this SuggestionsModule. Now, if I allow everyone to have access to SuggestionsModule\Register\addSuggestion, I give everyone the possibility to add suggestions, **unless I add a check for this exactly addSuggestion and here the problem becomes even worse: at times, these sub-module’s functions will have checks on their own. What if a sub-module is fine to load for user-level, then I hit a function that’s very sensitive?

How to deal with user interaction in event based microservices?

I’m trying to get into using microservices, extracting functionality from a monolith into it’s own (multitenant) service. However, one of the things i can’t figure out how to deal with is this:

What if a microservice (triggered by an event) needs user interaction?

As an example, at the moment we have the following flow (simplified):

We have a donation module where someone can make a donation. The user enters the information (amount, payment method etc). The data gets saved in a database and a call to an external api (payment provider) will be made. The api returns a url where the user can finish the actual payment. We redirect the user to that url and when the payment has been completed, the user will be redirected back to us. We then, in case of success, activate the donation, send a confirmation email and show a message whether it succeeded or not.


There is a number of problems with this that i would like to get rid of:

  1. Tight coupling: The donation knows about the payment and the payment knows about the donation
  2. We can’t easily switch payment providers because different providers need different parameters (I.E. provider a supports different payment methods than provider b)
  3. Fixing bugs is really hard because we need to roll out the fix to many different customers.

So what i think should happen is splitting this functionality into two seperate services:

When a user enters their information, an event ‘donation-created’ is beeing fired.

Donation service

The donation service creates the donation (of course in it’s own data store etc) en then fires a ‘payment-requested’ event with the amount that needs to be payed. It also subscribes to ‘payment-succeeded’ and ‘payment-failed’ (and handles logic accordingly).

Payment service

The payment service subscribes to ‘payment_requested’, calls the external api, saves the data needed to complete the payment (I.E. url, external id etc). When the payment has been finished (let’s keep the actual logic out of scope) it fires the ‘payment-succeeded’ or ‘payment-failed’ event.

This decouples the donation and payment implementations, however, because this is asynchronous, i have no idea how to redirect the user to the payment service in order to complete the process.

Solution 1

One of the solutions could be that the client is waiting for an event through long-polling or websockets but having possibly thousands of these concurrently might not be such a great idea.

Solution 2

Another one might be to forget about event based and use synchronous calls to these services but that means that the performance of the donation service is depending on the payment service which is in turn depending on the external api.

Tools/techniques/options to allow remote interaction with physical tabletop?

Part of our in-person tabletop group moved six hours away mid-campaign. We’ve been dealing with the distance by having multiple laptops set up, one with the players on the screen and the camera pointed at the DM; another with a webcam pointed at the grid board. However, this is awkward and results in a lot of “I move three squares left. No, the other left. No, one more square that way,” or “Can you move the webcam so we can see?”, etc.

We’d like to find a way for our remote players to reliably see the entire table at once, and to be able to point to specific squares on the board.

We’re aware of online/virtual tabletops like Roll20, but we don’t want to use them for various reasons. For the purposes of this question, we are only looking for real-world, meatspace solutions.

How can we allow our remote players to have:

  1. A top-down, or otherwise all-encompassing, view of a physical tabletop combat grid, such as one drawn on dry-erase dungeon tiles;
  2. The ability to indicate individual squares or other features on the grid?

Note: While my question is similar to this question, that one accepts virtual tabletop solutions and does not solve our problem.

How do you document your interaction flows?

For many years I’ve been using an evolved version of Jesse James Garrett’s Visvocab diagramming style for documenting information architecture and interaction design concepts.

interaction flow for a a moderately complex feature

Today though we’re doing a lot more in-page transformations in lieu of navigating to individual pages: things like accordion views, light-boxes, overlays, AJAX inclusions on demand, etc. JJG’s Visvocab is coming up to being 10 years old, and thus wasn’t designed to cater to all the new interaction modes we have today.

What diagramming style or notation do you use to map out your interaction flows?

Drawing and sheathing weapons as one item interaction

In PHB, page 190, it explains about the free item interaction:

You can also interact with one object or feature of the environment for free, during either your move or your action. For example, you could open a door during your move as you stride toward a foe, or you could draw your weapon as part of the same action you use to attack.

At the top of the list of “Interacting with Objects Around You” it lists:

draw or sheathe a sword

It is generally understood (reading the various answers on this site) that if you want to switch weapon and attack on the same turn (let’s say you are a fighter with a sword, bow and the Extra Attack class feature; you kill the enemy in front of you with your sword, then want to switch to your bow and shoot another enemy that you otherwise can’t reach this turn) then you have to do this strange sequence of moves where you “drop” your sword so that you don’t waste that precious free item interaction that you need to draw your bow. Then you have to pick it up again later (assuming someone else, friend or foe, doesn’t do so before you).

Basically I think this sequence is a bit daft and think that it breaks the suspension of disbelief when the fighter suddenly drops his main weapon just so that he can use his bow this turn. I was thinking of just houseruling that you can draw and sheath a weapon as one item interaction, let’s call it the “switch weapon” item interaction as opposed to the “draw weapon” and “sheathe weapon” item interactions (I’m just making up these terms to emphasise my houserule).

Now, I know that one gameplay-related concern might be the Dual Wielder feat, since they can draw and sheathe two weapons at once; as so not to weaken this feat, I’d still say that you need that feat to draw or sheathe two weapons at once, regardless of drawing and sheathing. So let’s say this fighter actually has two swords drawn at the start of that scenario, I would houserule that it’s only possible to sheathe one of those swords without the feat, similarly for sheathing the bow and drawing the swords again later; you’d only be able to draw one sword at a time without the feat, regardless of whether you are sheathing something or not.

So hopefully that still makes that aspect of the Dual Wielder feat useful, despite my houserule. So my question, finally, is what are the impacts of my houserule on combat tactics? Obviously this question isn’t asking for approval to use this houserule or anything like that, since anyone can houserule whatever they like; this question is just about understanding the impacts of doing so with this particular houserule.

The answers below question my assertion that dropping a weapon doesn’t make sense. On reflection, I agree with them and not my past-self. It’s not dropping a weapon that’s “daft”, it’s my lack of imagination for not being able to see why that would make sense and why it can create a more interesting battle. This is largely due to expecting everybody to do the “video game weapon switch”, which I believe is actually the problem here. I need to unlearn video games’ lesson that everyone can juggle weapons and re-learn that notion that IRL that’s a bit more difficult and time consuming. And if ever someone can imagine a way that a certain character would totally be able to juggle weapons around, it can always be a homebrew feat, which is much better for balance than a houserule that lets everyone do this for free. Thanks to all who answered.

local environment development and HTTPS: interaction with Chrome requirement of CT logs

The commonly suggested wisdom for local development environments with HTTPS is to use a self-created Root CA and use certificates issued from that CA. However, Chrome requires Certificate Transparancy since about a year now, with a warning for sites that don’t have their certificate logged. How does this interact with self-created CAs and certificates issued from that CA that obviously aren’t logged in CT logs? And if it shows a warning, is there a way to avoid it?

What’s the interaction between darkvision and the Eagle Aspect of the beast, if you have Darkvision past 100 feet?

Directly based off of the question, What’s the interaction between darkvision and the Eagle Aspect of the beast?, what happens if your Darkvision extends past 100 feet?

This question is focused around fact that the Eagle totem features states “You can see up to 1 mile away with no difficulty, able to discern even fine details as though looking at something no more than 100 feet away from you.”

In Unity, how do I wait until the player has reached the gameObject to perform the interaction?

So, if the player clicks an object to move the player sprite to the object and interact with it, how do I wait until the player has reached the gameObject to perform the interaction?

I have the interaction hooked up okay, but it is executing as soon as the click occurs. I would like the order instead to be (player clicks on object) (player walks to object) (once player is close enough to object the interaction occurs). But if the player moves away before reaching the object then the interaction is cancelled.

I’m not sure if I should use the object’s onTrigger? But my question is if I use onTriggerEnter for the gameObject, and then the player cancels the interaction before reaching it, how do I cancel the ontrigger? Is there a better way? Also, I cannot always use an onTriggerEnter because sometimes it is clicking on an empty tile and I want to wait until the player has reached the tile.

I am using c sharp.