I usually make
- One
User
table for User metadata - Some of other tables have
userID
(i.e. user specific) - Some of others have
userID[]
or pivot table / m2m (i.e. shared between only some users) - Others doesn't have
userID
at all (shared between all users)
But is this a good or even a secured way in the first place?
How does User management system work in this case; when there are thousands of similar users with very low privileges?
Top comments (3)
To give the briefest and high-levelest of fly-bys: there are two basic steps, authentication and authorization.
Let's have
users
andchirps
. A "chirp" can be sent to a single user or sent publicly. To represent that let's make thechirps
table have just a few things:from_user_id
(the one who wrote it),content
(aka the "chirp"), andto_user_id
(if empty it is public, if not it's a direct message).If I ask to see chirp 42, the authorization step needs to answer whether I'm allowed to view that chirp or not. It would probably follow just a few rules:
to_user_id
is empty)current_user_id
that I've authenticated myself as having is equal to this chirp'sto_user_id
means that I'm authorized to see this chirp)current_user_id
equalsfrom_user_id
)If any of those things are true, then I am authorized to view the chirp and the app can continue with rendering it all nicely. We can think of similar rules for any other action a user might take: attempting to edit chirp 42, are you
from_user_id
; attempting to send chirps, have I been blocked or banned; etc.Often it can be helpful to think of authorization in two steps:
Thanks. I think I somewhat understand how table schema would work.
But is it possible to do all, or most of the things in PL/SQL or at the database level; just for extra security?
Maybe something like,
ALTER TABLE CREATE CHECK CONSTRAINT
orCREATE TRIGGER
?In my experience, most of what @kallmanation described always happens at the code level above SQL
You may be able to do something with check constraints or triggers, but I think it would be unusual and it might lead to headaches down the road. Right now the focus is on how to secure this data from other users, but eventually, you may need reports, admin tools, etc. that require different people who wouldn't normally have access to be able to access this data.
This could be a constant battle of updating things in the database and trying to ensure each constraint or trigger is still properly locked down while allowing exceptions for some pages, users, etc. that the database may not even be aware of. I'm honestly not sure if this approach would be possible long-term and for most of the needs, I have needed in user management and permission systems before.
I would recommend looking up authorization best practices, packages, and tips for the language and/or framework you are working in. Luckily this type of user management is needed in most apps so there are plenty of packages and guides to help figure out the best thing to do.