什么是管理Web应用程序的权限的最佳方法 - 位掩码或数据库表? [英] What is the best way to manage permissions for a web application - bitmask or database table?
问题描述
我正在考虑为adminWeb应用程序设计权限系统的最佳方式。该应用程序可能有很多用户,每个用户可能被分配一定的角色;这些用户中的一些可能被允许在角色之外执行特定的任务。
I'm considering the best way to design a permissions system for an "admin" web application. The application is likely to have many users, each of whom could be assigned a certain role; some of these users could be permitted to perform specific tasks outside the role.
我可以想到两种设计方式:一种是使用权限表每个用户的行,以及布尔列,每个任务一个,分配他们执行这些任务的权限。像这样:
I can think of two ways to design this: one, with a "permissions" table with a row for every user, and boolean columns, one for each task, that assign them permissions to perform those tasks. Like this:
User ID Manage Users Manage Products Manage Promotions Manage Orders
1 true true true true
2 false true true true
3 false false false true
我想到的另一种方法是使用位掩码来存储这些用户权限。这将限制32位有符号整数可以管理的任务数量为31,但实际上我们不太可能有超过31个用户可以执行的特定任务。这样,数据库模式就会变得更简单,每次我们添加一个需要访问控制的新任务时,我们不必更改表结构。像这样:
Another way I thought of was to use a bit mask to store these user permissions. This would limit the number of tasks that could be managed to 31 for a 32-bit signed integer, but in practice we're unlikely to have more than 31 specific tasks that a user could perform. This way, the database schema would be simpler, and we wouldn't have to change the table structure every time we added a new task that would need access control. Like this:
User ID Permissions (8-bit mask), would be ints in table
1 00001111
2 00000111
3 00000001
这里通常使用哪些机制,为什么?
What mechanisms have people here typically used, and why?
谢谢!
推荐答案
我认为这是一个普遍的经验法则,远离编码宇宙的意义。
I think it's a general rule of thumb to stay away from mystical bitstrings that encode the meaning of the universe.
虽然也许是笨蛋,拥有可能的权限表,用户表和它们之间的链接表是组织最好和最清晰的方式这个。它也使您的查询和维护(特别是对于新人)更容易。
While perhaps clunkier, having a table of possible permissions, a table of users, and a link table between them is the best and clearest way to organize this. It also makes your queries and maintenance (especially for the new guy) a lot easier.
这篇关于什么是管理Web应用程序的权限的最佳方法 - 位掩码或数据库表?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!