Lets assume we have following two roles for a given application: User and Admin
User has following permissions: ReadUser, UpdateUser Admin has following permissions: ReadUser, UpdateUser, CreateUser, DeleteUser
Most of the applications I have worked upon persists both the roles and permissions to the db as follows:
Role (RoleID, RoleName) (1, User) (2, Admin)
Permission (PermissionID, PermissionName) (1, CreateUser) (2, ReadUser) (3, UpdateUser) (4, DeleteUser)
RolePermission (ID, RoleID, PermissionID) (1, 1, 2) (2, 1, 3) (3, 2, 1) (4, 2, 2) (5, 2, 3) (6, 2, 4)
My question is what is the benefit around persisting permissions to the db compared to having map of roles with permissions in the code to handle permissions?
I would appreciate if you can elaborate the pros and cons.
Aucun commentaire:
Enregistrer un commentaire