Rights management for user generated files

Question

I'm currently working on a Website, which should enable users to host files like pictures and documents. I got a groups and user based Rightsmanagement in Place, but it does not quite fit this concept of groups and users.

For example:

A User uploads a file which should be collaborated on by a small group of 2-3 users. This group is dynamic and they should only get access to this one File. Another Group called Staff should be able to view it but not able to edit or delete it.

Another User, different from the First, also uploads the File, but only wants Staff to edit it and make it accessible to all users.

Effectively I would end up with many thousands of groups with many redundant rights. Is there any better approach to this?

Thanks

Answer 1

I think you can use something like "group leader" - first registered user for specyfic group. You can use his ID as Group ID (to reduce table count and avoid mess in table with groups without users).

If you want information about best approach - read about file rights management in Unix (standard or ACL, if you need multiple groups on user).

Answer 2

It would be better if you more specify what sort of file you are talking about. Isn't it better to keep content of file in database and grant right privileges for each user? Or do you want physically file to be stored on machine?