How to manage user access and user permissions
https://stackoverflow.com/questions/8812766
-
26-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am working on an application with PHP + MySql. In my application I have a table for users, a table for relationships (friends, following, subscribed) and a table for posts. The main actions for users are:
- A user has friends
- A user can make post entries
- A user can see the friends entries
- And finally a user can block entries viewing for specific friends
If user A is friends with user B, then user A can see all entries from user B. But user B can restrict access to only a few friends for example. Now the query is: how can I manage these permissions? I was thinking of a table that stores each user that is blocked for viewing an specific entry, but this would't be a good idea once a single user can have several friends. So, how can I solve this? Can someone show me how to start? Maybe the right terms for searching on Google or a link for something similar.
Solution
You are on the right track. You are going to want to use linked tables. You would start with a table users. Each user has an id. Then create a table users_friends. This table would consist of two ids, user_id and friend_id. The last table would be users_restricted which would also consist of two ids, user_id and restricted_id.
For example
users
user_id name
1 user1
2 user2
3 user3
users_friends
friend1_id friend2_id
1 2
2 3
This says user 1 and 2 are friends and users 2 and 3 are friends. (This assumes that if user 1 is friends with user 2 then user 2 is also friends with user 1)
users_restricted
user_id restricted_id
1 2
Now even though user 1 and user 2 are friends, user 2 is in the restricted list meaning don't allow user 2 to view user 1's entries.
You can see that tables are linked via ids and all the ids come from the users table. This can be expanded to relate to entries as well. Just refer to entries by their id.
To have users blocked for specific entries you would have the following tables.
entries
entry_id user_id ... other columns holding entry information
1 1
2 1
3 2
4 2
Now user 1 has made 2 entries (entry 1 and entry 2) and user 2 has made 2 entries (entry 3 and entry 4). Another table would hold the restrictions.
entries_restricted
entry_id restricted_user_id
1 2
This would say user 2 cannot view entry 1.
To get the entries visible to user 2 your statement would look something like this.
SELECT e.*, er.entry_id FROM entries e JOIN entries_restricted er ON e.entry_id=er.entry_id WHERE er.restricted_user_id != 2;
The statement selects all the entry information excluding entries restricted to user 2.
OTHER TIPS
You can start using following tables. The first table is users table (as Jason.Wolfsmith suggested)
users
u_user_id u_name
1 user1
2 user2
3 user3
The second table can be like this.
friends_permissions
f_user_id f_friend_id permission entries
1 2 1 entry1
2 3 0
1 3 1 entry3
This table will contain permission and name of entries that should be allow for view. 1 - restrict some entries; 0 - allow all.
In the column permission data type might be set as SET('1','0') and data type in entries NULL.
Thus, user1 don't allow to view entry1 to user2. (entry1 and entry3 are from entries table).
