How to build a data model for an access control list (ACL)

后端未结

关注

 2  1554

走了就别回头了 2021-02-06 18:13

It\'s fairly obvious how to model a database table that would act as an access control list (ACL) when you\'re just dealing with discrete users who have some level of access to

2条回答

谎友^ (楼主)

2021-02-06 18:56

Are you using a DB with support for connect by, or something similar? In oracle, I've implemented the following.

Table Group //Just the parent groups
{
    groupCode varchar
    groupDesc
}

Table groupMap //associates groups with other groups
{
    parentGroup
    childGroup
}

table userGroup //can assign user to more than one group
{
    userId
    groupCode
}

then use connect by to get all child groups for user

SELECT rm.CHILDGroup as roleCode
FROM groupMap rm
CONNECT BY PRIOR rm.CHILDGroup = rm.PARENTGroup
START WITH rm.CHILDGroup in
  (SELECT ur.groupCode
   FROM userGroup ur
   WHERE ur.userId = &userId);

This query will get all the groups that were assigned to the user in userGroup and all the child groups assigned to the groups that the user belongs to.

0 讨论(0)

查看其它2个回答