I'm currently writing a web application that have about 6-12 pages. On each one of these pages, I want the user to be able to do some (or all) of the following actions: View, Add, Update, and Delete.
开发者_Python百科The current permission scheme I thought of is having an integer in a database. This integer will correspond to a binary number (e.g.: 26 -> 11010). The resulting binary number acts as a "toggle" and determines what permissions the user has. The definition of what bit represents what permission is stored in another table.
My problem is, if each page has 4 options (view, Add, Edit, Delete), then this way of determining permissions can get out of hand.
Does anyone have any other ideas for a permission scheme that would be as flexible (with respect to configurability) as this, but not as overwhelming (with respect to integer limits)?
Perhaps a better answer, if you really need to go this route, is to have a per-page/per-user row in your database, with a set of permissions, so your table looks like so:
page user create read update delete
===== ===== ====== ==== ====== ======
test.html joe y y y n
test2.html joe n y y n
Alternately, as is usually the case, you're better off having roles, like author, editor, reviewer, admin, and giving your roles the fined-grained permissions, and putting the users into roles.
I would suggest you do not resort to bits. Use separate columns in the DB for each category of permissions and use integers 1 and 0 to indicate whether that permission is granted or not. This would save you from bit manipulations and would be fast as well. The only downside will be a larger number of columns which, by your description, does not seem much of an issue.
精彩评论