Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
You have a website with a user base. You want to allow some users to do more than others. How would you go about designing the DB to support that?
Would it be a horrible idea to use a table like:
users(id, name … can_add_comments, can_edit_comments, can_add_items …)
I’d suggest a table for users, a table for roles, and a table for relating users to roles.
You could have a table of authorizable activities and then a table relating roles to authorized activities, but you could also get away with handling the roles within the application and/or granting/denying specific activities in the roles table.
I imagine for an application with tons of individual permissoins would call for a table relating roles to authorized activities (you wouldn’t want to check off 30+ permissions for each individual user).