Where it is best to keep code, that verifies, that user model’s being changed or deleted is not belonging to currently logged in user (don’t allow current user to delete himself or manipulate own entry in users table)?
Normally, I would put that as another model’s validator. But validators are not executed (AFAIK) when model is deleted.
I don’t want to double code. What is the best approach to avoid that in such situation? Should I put it as validator and manually call it when deleting user (or force model validation before any user deletion)? Or should I build external helper-like function, that would be called by both model’s validator (automatically, when updating user) and by me (manually, when deleting user)?