Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>You may want a simple solution but it's not a simple question.</p> <p>At one end you could have individual permissions for each page for each user. That gives you a lot of flexibility but it would be an administrative nightmare. At the other end you could give users access or not to the whole site. Not very flexible but very easy to administer and code for.</p> <p>The first is fine-grained. The second is coarse-grained. The whole point of finding an authorization scheme is to define one that is as fine or coarse grained as you <em>need</em> to balance flexibility and administration/development.</p> <p>Two common schemes that may be of interest to you:</p> <ol> <li>Give each user a type in the database. When they log in put that type (eg User, Admin, Moderator) in the session and check that on each relevant page;</li> <li>Give each user one or more roles (so someone could, say, be both an Admin and a Moderator or just one of them or neither). This requires a separate table (users and userroles) and putting probably an array in the session to indicate roles but is more flexible than (1). Role-based authorization is very common.</li> </ol> <p>There are many, many variations upon these two and just as many alternatives. Various schemes can be combined.</p> <p>This is why generic authorization libraries for me fall short because they have contrary needs of being broad enough to cover a large number of use cases and being coarse-grained enough to be useful for the individual user.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload