Home/ Questions/Q 4346484
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T12:10:46+00:00

I’m currently creating a permissions table which replicated the 777 method used in linux.

  • 0

I’m currently creating a permissions table which replicated the “777” method used in linux.

To do this I wanted to create a table like:

user_id, class1, class2, class3

Where class can be some feature on the website which requires permissions.

Does this seem like a good way to go about it? Are there an problems with this method?

Also, which datatype would best suit this data. I could use INT(3) but I’m assuming there’s no “binary” datatype that replicates this type of thing

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use set('ru', 'rg', ro', 'wu', 'wg', 'wo', 'xu', 'xg', 'xo', 'sgid', 'suid', 't')

    This is bit-optimized.

    However, if you need to filter on individual permissions (like “select all users who can read from here”), you better implement it as a plain many-to-many tables:

    user_permissions (object_id, user_id, permission ENUM ('r', 'w', 'x'))
group_permissions (object_id, group_id, permission ENUM ('r', 'w', 'x'))
other_permissions (object_id, permission ENUM('r', 'w', 'x', 'sgid', 'suid', 't'))

    with each permission in its own record, create the PRIMARY KEY constraints:

    object_id, permission, user_id
object_id, permission, group_id,
object_id, permission

    and query:

    SELECT  u.id
FROM    user_permissions up
JOIN    users u
ON      u.id = up.user_id
WHERE   object_id = $object
        AND permission = 'r'
UNION
SELECT  g.user_id
FROM    group_permissions gp
JOIN    user_groups ug
ON      ug.group_id = gp.group_id
WHERE   object_id = $object
        AND permission = 'r'
UNION
SELECT  u.id
FROM    users u
JOIN    other_permissions op
ON      object_id = $object
        AND permission = 'r'
    • 0