C
C#2y ago
JUK_Karol

✅ Permission best practices

hey, whats better practice? -Create new table with type of permission and make relation with user -Storage permission in user table as enum
26 Replies
phaseshift
phaseshift2y ago
A good question for #database . Personally I'd separate them
JUK_Karol
JUK_KarolOP2y ago
so there isnt better practice?
phaseshift
phaseshift2y ago
Idk. Not my area tbh
JUK_Karol
JUK_KarolOP2y ago
okay, thanks for answer : P
HtmlCompiler
HtmlCompiler2y ago
authentication and authorization could sit in an entirely different db with a separate set of services
jcotton42
jcotton422y ago
why an entirely different database?
JakenVeina
JakenVeina2y ago
uhh, meaning a 1-to-many mapping or a 1-to-1 mapping? that's not a "best practice" question that's a "two functionally different things" question so, the question for you is which of those two functionalities is the functionality you want?
JUK_Karol
JUK_KarolOP2y ago
1-to-many relation, functionality is same - storage users permission
JakenVeina
JakenVeina2y ago
huh? so, you want a 1-to-many relationship? users can have many permissions? what does "functionality is same" mean? same as what?
JUK_Karol
JUK_KarolOP2y ago
I mean there would be for example table with 2 permissions admin(id: 2) and user(id: 1), then table user has colum with permission (relation to permission id)
HtmlCompiler
HtmlCompiler2y ago
because of security concerns, and because sometimes this require a different engine than your data db, and also it can happen to have enough tables that you want them in a separate domain
JakenVeina
JakenVeina2y ago
yeah, that's a 1-to-1 mapping not a 1-to-many mapping which do you want?
JUK_Karol
JUK_KarolOP2y ago
am I that dumb? xD many users have one permission thats why imo its 1-to-many
phaseshift
phaseshift2y ago
er, if you do that then you're basically saying permissions is a pre-populated read-only list of all permission permutations. And when a user has their perms changed, it's not their perm that's updated, but rather their perm id is just changed to a different entry in the read-only perms table. I would have thought it would be simpler to have a perm row for each user, ie 1-to-1
JUK_Karol
JUK_KarolOP2y ago
okey, I understand but whats about use enums? isn't that more optimalized for database if when you trigger any endpoint u didnt have to trigger another query to ask for permission?
phaseshift
phaseshift2y ago
i dont get what youre asking
JUK_Karol
JUK_KarolOP2y ago
I mean set permission like this:
phaseshift
phaseshift2y ago
so your question is 'is one db query better than two'?
JUK_Karol
JUK_KarolOP2y ago
im pretty sure is one query better, but im not about is case with enum good practice
phaseshift
phaseshift2y ago
enums are just numbers (at the db side)
JUK_Karol
JUK_KarolOP2y ago
I know but its still not answer about better practices I mean maybe better avoid it bcs of security issue
phaseshift
phaseshift2y ago
you keep changing your question everyone is telling yuo to separate it then you ask about 'optimization'
JUK_Karol
JUK_KarolOP2y ago
damn okay, now its clear, thank you
JakenVeina
JakenVeina2y ago
is it possible for a user to have more than one permission? Yes or no?
HtmlCompiler
HtmlCompiler2y ago
what type of permission is this, rbac? dac?
JUK_Karol
JUK_KarolOP2y ago
sorry guys i fucked up in my question cause i didnt know difference between permission and role when i was asking. thank you all for answering i get what i want

Did you find this page helpful?