What kind of permission is this? (Groups+Roles)

Posted by Jorge on Programmers See other posts from Programmers or by Jorge
Published on 2012-10-04T14:57:50Z Indexed on 2012/10/04 15:52 UTC
Read the original article Hit count: 209

Filed under:
|
|

I'm starting to need an access control for roles in my app.

I don't know much of this, but I understand how vBulletin works:

I create groups, then give permissions to groups.

I think that what I need is the Role Bases Access Control (RBAC) , but i'm not sure, because I need groups to give permissions instead of single users (Maybe it's not that complicated to achieve).

Example of what I'm thinking:

Given a post:

Editor's Group has permission to view it before it's published.
Editor's Group has permission to edit its content.
Public Group (Default) has not permission to view it before it's published.
Admin Group has permission to delete the post.

So basically I wan't orientation about if RBAC is what I need.

And also, how would it be good to store group membership in a user, for example, would be good to have: ID NAME PASSWORD GROUPS (1, MyName, MyPassword, 1/2/3/4/5) and explode it via PHP or one registry for every Group membership in a table named permissions, example: USERID, USERGROUP values (1, 1), (1, 2)

Maybe should be the second way because of the formal norms but I didn't study yet Databases 1 at college.

© Programmers or respective owner

Related posts about permissions

Related posts about roles