在2个数据库之间共享用户 [英] Sharing users between 2 databases
问题描述
管理区域有自己的数据库。面向客户的网站也有自己的数据库。
在管理数据库中,我有一个用户表,我也计划实施RBAC,以便用户可以拥有角色,权限等等。
面向客户的网站还允许客户注册并存储在客户网站数据库中的用户表中。
我需要的是能够让员工在客户网站登录。他们还需要有权限来控制他们可以修改的客户网站的哪些部分,以及客户网站数据库中哪些行可以更改。
什么是最好的实现方法这个?
干杯:)
在可能的情况下合并处理相同概念的表(用户在这里)。
这里的问题是数据访问安全性,无论你的数据被存储(一个或两个表,一个或两个数据库)。
使用MySQL(和许多其他常见的DBMS)可以:
-
创建一个只能访问某些表的MySQL帐户,只对其进行一些操作(例如只有SELECT),只访问一些列等。 / p>
-
从MySQL帐户中隐藏表格,只允许访问此表上的视图(过滤列/表结果)。
无论您的数据结构如何,您都需要检查一些员工数据(登录名,密码,权限等等),代码必须使用MySQL帐户拥有足够的权限。
所以我建议你把你的用户放在一个表中,添加表来描述角色(员工,客户等)并且明智地代码。
请记住单独处理数据库设计和数据访问安全性问题。数据访问安全性不应导致您在数据库设计中出现不合逻辑的选择。
I am developing this application in PHP. The application will consist of an adminstration area which will also contain employee functions. The other part of the application is the customer facing website.
The administration area has its own database. The customer facing website also has its own database.
In the administration database, I have a table with users and I also plan to implement RBAC so that users can have roles, permissions and so on.
The customer facing website also allows customers to register and that's stored in a user table in customer website database.
What I need is to be able to have employees logging on at the customer website. They also need to have permissions which controls which parts of the customer website they can modify and which rows in the customer website database they can change.
What's the best way to implement this?
Cheers :)
I would recommend to always merge, when possible, tables handling the same concept (Users here).
The problem here is the data access security, no matter how your data is stored (one or two tables, one or two databases).
With MySQL (and many other common DBMS), you can :
Create a MySQL account which will have only access to some tables, do only some operations on it (e.g. only SELECT), access only some columns etc.
Hide a table from a MySQL account and give only access to a view on this table (filtering columns/table results).
Whatever is your data structure, you will need to check some employee data (login, password, permissions etc.) and your code will have to use a MySQL account with enough privileges for that.
So I would advise you to keep your users in one table, add tables to describe roles (employee, customer, etc.), and code wisely.
Keep in mind to address separately database design and data access security issues. Data access security should not lead you to illogical choices in database design.
这篇关于在2个数据库之间共享用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
