当前位置: 文江博客话题详情

更好的数据库设计?

发布于 2024-11-17 06:01:02 字数 592 浏览 4 评论 0原文

我们有所有者、编辑者、查看者等角色...... 每个角色都有不同的权限,例如下载、共享、编辑、查看等...

我为此功能创建了两个数据库设计。我必须实施哪种数据库设计?

1) Table   -> Roles 
   Columns -> Id
              Name
              isDownload
              isShare
              isView

2) Table   -> Roles
   Column  -> Id
              Name
              Description

   Table   -> Privileges
   Column  -> Id 
              Name
              Description

   Table   -> RolesPrivileges
   Column  -> Id
              RoleId
              PrivilegeId

这些设计的优点和缺点是什么?我必须实施哪一项? 哪个更具可扩展性和可维护性?为什么 ?

原文

We have roles like Owner,Editor,Viewer etc...
And every roles have different privileges like download,share,edit,view ect...

I have created two database design for this functionality. Which database design I have to implement ?

1) Table   -> Roles 
   Columns -> Id
              Name
              isDownload
              isShare
              isView

2) Table   -> Roles
   Column  -> Id
              Name
              Description

   Table   -> Privileges
   Column  -> Id 
              Name
              Description

   Table   -> RolesPrivileges
   Column  -> Id
              RoleId
              PrivilegeId

What is the pron and cons with these designs ? Which one I have to implement ?
Which is more scalable and maintainable ? Why ?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

喜你已久 2024-11-24 06:01:02

第二条路是要走的路。
如果需要创建新角色,则不必修改表结构,只需创建新角色,关联权限等即可。
第一个设计的最大问题是角色/权限的任何更改都需要表结构的更改。

The second one is the way to go.
If you need to create a new role, you don't have to modify the table structures, just create a new role, and associate the privlidges etc.
Biggest problem with the first design is that any changes in roles/privlidges required table strucuture changes.

回复 原文
风吹雪碎 2024-11-24 06:01:02

诸如此类的事情在很大程度上取决于您的数据库的使用方式 - 诸如以下因素:

  1. 灵活性 - 您将来是否可能需要添加额外的角色/权限?如果是这样,请选择#2 中更广泛、更灵活的表结构。
  2. 复杂性 - 如果您的数据库比休闲小型系统大,我建议选择#2。然而,如果它非常小并且非正式地使用,那么您可能值得节省时间来使用更简单的系统。
  3. 性能 - #2 显然更加复杂,并且可能需要更多查询,特别是在您可能需要同时执行多个操作的情况下。然而,通过正确使用数据库索引可以很好地缓解这种情况。

Things like this depend a lot upon how your database is going to be used - factors like:

  1. Flexibility - is it possible you may need to add additional roles/privileges in the future? If so, go for the more expansive and flexible table structure in #2.
  2. Complexity - if your database is any larger than a casual tiny system, I'd recommend going for #2. However, if it is very small and informally used, it may be worth your saved time to go with the simpler system.
  3. Performance - #2 is obviously a touch more complicated and is likely to require more queries, especially if you have any cases where you might have to do many at once. However, this can be well mitigated through proper use of database indexing.
回复 原文
生来就爱笑 2024-11-24 06:01:02

当然,第一个是可行的方法:

Table   -> Roles 
Columns -> Id
           Name
           isDownload
           isShare
           isView
  • 是一个简单的设计
  • ,您可以从同一个表中读取角色和权限,而不需要 JOIN
  • 比第二个替代方案具有更少的空间需求

但是,如果您具有动态权限,并且经常添加或删除权限,您可能会想到方法 2。但除此之外,保留单个表也可以。

Sure, the first one is the way to go for it:

Table   -> Roles 
Columns -> Id
           Name
           isDownload
           isShare
           isView
  • is a simple design
  • you can read roles and privileges from the same table without needing JOINs
  • has lesser space requirements than the second alternative

However if you have dynamic privileges with privileges added or removed frequently, you might think of approach 2. But otherwise keeping a single table is fine.

回复 原文
厌味 2024-11-24 06:01:02
1) Table   -> Roles 
   Columns -> Id
              Name
              Description
              isDownload
              isShare
              isView


2) Table   -> UserRolesPrivileges
   Column  -> Id
              RoleId
              UserId

UserId来自用户注册表。

每个用户都与各自的角色相关联
在角色表中,我想你将有不同的角色,每个角色都是
定义了它可以执行什么操作。

只要用户与角色关联,我就看不到任何权限表的使用

1) Table   -> Roles 
   Columns -> Id
              Name
              Description
              isDownload
              isShare
              isView


2) Table   -> UserRolesPrivileges
   Column  -> Id
              RoleId
              UserId

UserId comes from the User registration table.

Each user is associated with the respective Roles
In roles table I suppose you will have different roles and each role will be
defined what action it can perform.

I dont see any use of Privileges tables, as long as the user is associated with the roles

回复 原文
兰花执着 2024-11-24 06:01:02

我想就选项 1 提出一个可能避免一些批评的建议。不要对每个可能的权限使用布尔值,而是使用位掩码。

首先是一个例子

(responsible_mask INT)

def Roles

    RESPONSIBILITES = [ :switchboard, :content_manager, :network_administrator, :financial_manager, :receives_contact_emails ]

    def responsibilites=(responsibilites)
        self.responsible_mask = ([*responsibilites].map(&:to_sym) & RESPONSIBILITES).map { |r| 2**RESPONSIBILITES.index(r) }.sum
    end

    def responsibilites
        RESPONSIBILITES.reject { |r| ((responsible_mask || 0) & 2**RESPONSIBILITES.index(r)).zero? }
    end

    def responsibilites_symbols
        responsibilites.map(&:to_sym)
    end

    def responsible?(responsibility="none")
        responsibilities_symbols.includes?(responsibility.to_sym)
    end
end

随时添加更多职责很容易。

现在为什么呢?

在我看来,这是更好的做法。我看不出为什么我会创建一个表单来添加另一个职责(或在您的情况下是特权),而不在我的代码中放置挂钩来使用该职责。我只需要此信息来确定是否应该允许功能;它没有其他目的。当然,我仍然希望管理员能够创建角色并向该角色分配职责,但它始终是固定的集合。

它还使 SQL 查询变得更加复杂——添加另一个连接。慢点。更难调试。

当部署到另一台服务器时,记住构建这个静态数据表是一件很痛苦的事情。

I would like to make a suggestion about option 1 that may elude some of its criticism. Instead of using boolean values for every possible permission, use a bit mask instead.

First an example

(responsible_mask INT)

def Roles

    RESPONSIBILITES = [ :switchboard, :content_manager, :network_administrator, :financial_manager, :receives_contact_emails ]

    def responsibilites=(responsibilites)
        self.responsible_mask = ([*responsibilites].map(&:to_sym) & RESPONSIBILITES).map { |r| 2**RESPONSIBILITES.index(r) }.sum
    end

    def responsibilites
        RESPONSIBILITES.reject { |r| ((responsible_mask || 0) & 2**RESPONSIBILITES.index(r)).zero? }
    end

    def responsibilites_symbols
        responsibilites.map(&:to_sym)
    end

    def responsible?(responsibility="none")
        responsibilities_symbols.includes?(responsibility.to_sym)
    end
end

It is easy to add more responsibilities at any time.

And now why?

In my opinion, this is better practice. I can't see a reason why I would create a form to add another responsibility (or privilege in your case) without also placing hooks in my code to use that responsibility. I only need this information to determine if I should allow functionality; it has no other purpose. Of course I still want an admin to be able to create roles and assign responsibilities to that role but it will always be that fixed set.

It also makes SQL queries more complex–adding another join. Slower. Harder to debug.

It is a pain to remember to build this table of static data when deloying to another server.

回复 原文
~没有更多了~

关于作者

迟到的我

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

已经忘了多久

文章 0 评论 0

15867725375

文章 0 评论 0

LonelySnow

文章 0 评论 0

走过海棠暮

文章 0 评论 0

轻许诺言

文章 0 评论 0

信馬由缰

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文