如何设计用户权限处理数据库?

时间:2021-12-19 01:50:00

We have a little problem in one of our projects, where two investors are architects and... as it usually is in life, they don't really get along with some of the ideas. Both have different experiences with previous projects, and it seems they look down upon the ideas of the other one. Yep, I'm one of them.

我们的一个项目有个小问题,有两个投资者是建筑师。就像生活中经常发生的那样,他们并不能很好地接受某些想法。两个人在之前的项目中都有不同的经历,似乎他们都看不起对方的想法。是的,我就是其中之一。

We have an argument over how to define user permission handling in one our project.

关于如何在我们的一个项目中定义用户权限处理,我们有一个争论。

One idea is to have table with permissions, roles which gather sets of permissions and then users who have a role defined.

一个想法是有权限的表,角色集合了权限集,然后是定义了角色的用户。

User
user_id
role_id

Role
role_id
permission_id

Permission
permission_id

The other side would like to propose to do it using a table with columns defining permissions:

另一方则建议使用列定义权限的表:

User
user_id
role_id

Role
role_id
can_do_something
can_do_something_else
can_do_something_even_different

My take on the first option is that it's far cheaper to maintain: adding a single permission means it's just one insert + handling of the permission in the code.

我对第一个选项的看法是,维护它要便宜得多:添加一个单独的权限意味着它只是一个插入+处理代码中的权限。

In case of the other (to me) it means that you have to alter the database, alter the code handling the database and on top of that, add code to handle the permission.

对于另一个(对我来说),这意味着您必须修改数据库,修改处理数据库的代码,除此之外,还要添加处理权限的代码。

But maybe I'm just wrong, and I don't see some possible benefits of the other solution.

但也许我错了,我没有看到其他解决方案可能带来的好处。

I always thought the former is the standard to handle it, but I'm told that it's subjective and that making a change in the database is a matter of just running a script (where for me it means that the script has to be added to the deployment, has to be run on every database and in case of migration has to be "remembered" etc.)

我一直认为前者是标准来处理它,但我被告知这是主观的,做一个改变数据库的问题只是运行一个脚本(脚本,对我来说,这意味着必须添加到部署,必须在每个数据库上运行,如果迁移必须“记得”等。)

I know the question could be opinion based, but I'm kind of hoping, this really is a matter of standards and good practice, rather then subjective opinion.

我知道这个问题可能是基于意见的,但我希望,这真的是一个标准和好的实践,而不是主观的意见。

1 个解决方案

#1


2  

I posted some other questions as comments to your original question.

我贴了一些其他的问题作为你最初问题的评论。

Even if you had a completely flat role setup I cannot think of a reason to go for the second proposal. As you argue changing something will require modifying code and data structure.

即使你的角色设置非常单调,我也想不出第二个提议的理由。正如您所主张的,更改某些内容将需要修改代码和数据结构。

What your colleague is proposing is a sort of denormalization which is only defensible in case you need to optimize for speed in handling large quantities of data. Which is not usually the case when dealing with roles.

你的同事提出的是一种非规范化,只有在你需要优化处理大量数据的速度时才有可能实现。在处理角色时通常不是这样的。

(As an example, LDAP or other general-purpose single-sign-on models adopt something closer to your first solution, because even in a large organization the number of USERS is always larger than the number of ROLES by at least one order of magnitude).

(例如,LDAP或其他通用的单点登录模型采用了类似于您的第一个解决方案的东西,因为即使在大型组织中,用户的数量总是比角色的数量大至少一个数量级)。

Even if you were designing a Facebook replacement (where you may have billions of users) it is really improbable that you will need more than a handful of roles so this would be a case of premature optimization (and - most probably - made worse by optimizing the wrong part).

即使你正在设计一个Facebook替代品(在那里你可能有数十亿的用户),你也不太可能需要超过几个角色,所以这将是一个过早优化的例子(而且很可能是优化错误的部分使情况变得更糟)。


In a more general sense I strongly suggest to read the RBAC Wikipedia article for what is considered the standard approach to this kind of problems.

#1


2  

I posted some other questions as comments to your original question.

我贴了一些其他的问题作为你最初问题的评论。

Even if you had a completely flat role setup I cannot think of a reason to go for the second proposal. As you argue changing something will require modifying code and data structure.

即使你的角色设置非常单调,我也想不出第二个提议的理由。正如您所主张的,更改某些内容将需要修改代码和数据结构。

What your colleague is proposing is a sort of denormalization which is only defensible in case you need to optimize for speed in handling large quantities of data. Which is not usually the case when dealing with roles.

你的同事提出的是一种非规范化,只有在你需要优化处理大量数据的速度时才有可能实现。在处理角色时通常不是这样的。

(As an example, LDAP or other general-purpose single-sign-on models adopt something closer to your first solution, because even in a large organization the number of USERS is always larger than the number of ROLES by at least one order of magnitude).

(例如,LDAP或其他通用的单点登录模型采用了类似于您的第一个解决方案的东西,因为即使在大型组织中,用户的数量总是比角色的数量大至少一个数量级)。

Even if you were designing a Facebook replacement (where you may have billions of users) it is really improbable that you will need more than a handful of roles so this would be a case of premature optimization (and - most probably - made worse by optimizing the wrong part).

即使你正在设计一个Facebook替代品(在那里你可能有数十亿的用户),你也不太可能需要超过几个角色,所以这将是一个过早优化的例子(而且很可能是优化错误的部分使情况变得更糟)。


In a more general sense I strongly suggest to read the RBAC Wikipedia article for what is considered the standard approach to this kind of problems.