dewyze
Reputation: 979
Using Arrays for Permissions
I am using Ruby on Rails, but I think this question could be applied to any database design. I am trying to develop my own permissions system.
Is it poor design to have an array of what a user can edit? i.e. a User has a column of can_edit with a value of [Articles, Events, Costs] or a User can_view with a value of [All].
And then I can just run a check on what is being edited. Or is this poor design?
Upvotes: 0
Views: 365
Answers (1)
Justin Cave
Reputation: 231671
In general, your database design ought to be properly normalized. That would mean that you shouldn't store multiple values in a single row. You'll likely be much better served by a design that has three tables
Permissionhas columnspermission_idandpermission_typeand lists the valid permissionsUserhas auser_idcolumn and lists the value usersUser_Permissionis a mapping table between the two. It has columnspermission_idanduser_idboth of which are defined as foreign keys to thePermissionandUsertables respectively
Upvotes: 2
Related Questions
- Best Practice for Designing User Roles and Permission System?
- Storing application permissions in a database
- Better way to represent user roles in a database
- What is the efficient way to make a permission system?
- relate complex user permissions to one table
- Storing relations between users with specific viewing permissions
- Schema for user roles/permissions
- Designing a multiple level user permission system
- What is the most efficient way to specify user permissions in a database?
- Saving modular user permissions in a database