from the Artful MySQL Tips List
ed privilege info in the
database. If your app uses a MySQL database, though, the last thing you want the app to do is directly manipulate that database. In fact, your app should need to hit the
database no more than once—when the app first connects to the MySQL server. But if the app isn't to read user permissions from the
database, where will it find them?
The application database should include ...
(i) a users table with login name, real name, encrypted password and whatever other identifying info the app requires,
(ii) a permissions table to track permissions for app/database functionalities,
(iii) a users_permissions "bridge" table which maps users to permissions.
(iv) optionally, app code that maps [iii] to the
A famous way of implementing app permissions is called role-based-access
. A simple example can be found near the end of www.artfulsoftware.com/mysqlbook/sampler/mysqled1ch05.pdf
Return to the Artful MySQL Tips page