Jump to content

Recommended Posts

they are, but when dealing with user permissions, I'd say it's one of the best options. takes up something like 4 bytes and this way user perms don't have to be stored in a separate table, I can have them right in the users table.

I entirely disagree -- use a BIT field if you really want to save space.

well, considering my permissions rarely change, what's the real harm?

 

This way every user is given the same access to the permissions.

 

Before i switched to using SET, i had to have three tables, users, link, permissions

 

The link table, had two columns, user_id and permission_id.

 

When you added up all three tables, they not only took up more disk space, but in order to get a user's permission along with permission name, I'd have to join all three tables, which is significantly slower than just selection the permission from the users table if it were a SET.

 

The only downside i've found with SET, is when you need to change or delete a permission type, it's requires updating the whole table, as well I'm limited to 64 permission types (not really that bad).

I'd agree with you, but think about it like this.

 

I always want all permissions for a given user, i never index or sort by permissions, nor do i select individual permissions, I need each and every one for a given user. a set does that perfectly and it takes up the bare minimum amount of space. Using 3 tables would take up at least four times as much space.

Well, keeping in mind, my site has a user authentication process whereby every page load checks the user's credentials before anything else, and in the process, selects all of it's access permissions and stores them in a global variable for any part of the site to use/access.

 

When you have a situation like this, I would never need to go digging into the table again to find out what permissions that user has, unless I'm actually modding the user's permissions.. in that case I'm still grabbing them all, not going one by one.

 

If I did want to have a page that shows all users with a given set of permissions, I could do that, but the number of times that page gets accessed vs. the user going through an auth process is tiny and not worth worrying about speed issues due to lack of indexing or whatever..

well, what would be your suggested means?

 

here's the table as I currently have it

 

+---------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------+-----+---------+----------------+
| Field               | Type                                                                                                                                                                      | Null | Key | Default | Extra          |
+---------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------+-----+---------+----------------+
| id                  | mediumint( unsigned                                                                                                                                                     | NO   | PRI | NULL    | auto_increment |
| permissions         | set('admin','root','statistics','emulate','stealth','user_editor','ban','control')                                                                                        | YES  |     | NULL    |                |
| username            | varchar(32)                                                                                                                                                               | NO   | UNI |         |                |
| email               | varchar(100)                                                                                                                                                              | NO   | UNI |         |                |
| password            | varchar(255)                                                                                                                                                              | NO   |     |         |                |
| hash_type           | varchar(64)                                                                                                                                                               | NO   |     |         |                |
| salt                | varchar(255)                                                                                                                                                              | NO   |     |         |                |
| status              | enum('banned','deactivated','active','notice','pending','user_deactivated','user_deleted','deleted')                                                                      | NO   |     | active  |                |
| created_on          | datetime                                                                                                                                                                  | NO   | MUL |         |                |
| email_expires_on    | datetime                                                                                                                                                                  | NO   |     |         |                |
| password_expires_on | datetime                                                                                                                                                                  | NO   |     |         |                |
+---------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------+-----+---------+----------------+

 

I also have a permissions table with some additional info for the admins that matches the name.

 

Keeping in mind that I select all permissions for a given user on every page load, how would you do it?

That's actually how I had it until a few days ago..

 

I think having it as a SET is better, mainly cause I have 3 less queries in my security.php file and I still have all the same functionality, the only difference is, now I have a 64 permission limit.

 

My main concern is what happens when I get 1,000,000 users. If each of those users have a permission, that permissions link table will be very very large, both in row count, and in size.

That might be, but I'm building a general framework. I want to limit the number of bottlenecks that I can run in to down the line.

The most "general" is to have full control over the permission records -- which requries them to be records.

Well what it comes down to is application.

 

I'll never join the permissions table while using set, not because i can't, but because i don't need to.

Because you don't need to *yet*... what if you want to temporary grant a permission?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.