✅ Permission best practices
hey, whats better practice?
-Create new table with type of permission and make relation with user
-Storage permission in user table as enum
26 Replies
A good question for #database .
Personally I'd separate them
so there isnt better practice?
Idk. Not my area tbh
okay, thanks for answer : P
authentication and authorization could sit in an entirely different db with a separate set of services
why an entirely different database?
uhh, meaning a 1-to-many mapping or a 1-to-1 mapping?
that's not a "best practice" question
that's a "two functionally different things" question
so, the question for you is
which of those two functionalities is the functionality you want?
1-to-many relation, functionality is same - storage users permission
huh?
so, you want a 1-to-many relationship?
users can have many permissions?
what does "functionality is same" mean?
same as what?
I mean there would be for example table with 2 permissions admin(id: 2) and user(id: 1), then table user has colum with permission (relation to permission id)
because of security concerns, and because sometimes this require a different engine than your data db, and also it can happen to have enough tables that you want them in a separate domain
yeah, that's a 1-to-1 mapping
not a 1-to-many mapping
which do you want?
am I that dumb? xD many users have one permission thats why imo its 1-to-many
er, if you do that then you're basically saying permissions is a pre-populated read-only list of all permission permutations. And when a user has their perms changed, it's not their perm that's updated, but rather their perm id is just changed to a different entry in the read-only perms table.
I would have thought it would be simpler to have a perm row for each user, ie 1-to-1
okey, I understand but whats about use enums? isn't that more optimalized for database if when you trigger any endpoint u didnt have to trigger another query to ask for permission?
i dont get what youre asking
I mean set permission like this:
so your question is 'is one db query better than two'?
im pretty sure is one query better, but im not about is case with enum good practice
enums are just numbers
(at the db side)
I know but its still not answer about better practices
I mean maybe better avoid it bcs of security issue
you keep changing your question
everyone is telling yuo to separate it
then you ask about 'optimization'
damn okay, now its clear, thank you
is it possible for a user to have more than one permission? Yes or no?
what type of permission is this, rbac? dac?
sorry guys i fucked up in my question cause i didnt know difference between permission and role when i was asking. thank you all for answering i get what i want