Drafts of the user database schema(info) has been created.

(or go straight for the subverion trunk file drop-create-populate-kplab-db-schema.sql

Over all picture is shown below.

KP-Lab user DB schema draft

If (and when :) the picture is not clear enough here's a short explanation of the tables and their relations.

Tables

  • user - for storing the user login information
  • user_info - for storing the user information like names addresses etc.
  • group - for storing different types of groups (consider these as shared spaces or as classes)
  • role - for storing the different role types
  • role_to_group_to_user - for uniquely link a role for a user in a certain group (this gives him by default the normal user modifying rights)

// TODO : should actually be role_grou_user_to_uri

  • role_group_to_uri - for setting permissions or restrictions to a certain resource (page, portlet or a document)

The main principal is that everything is allowed unless otherwise restricted (explicit allow all to all). These rules (last two tables) should be able to be used with wildcards (*, asterix). See the following table for examples.

UserGroupRoleResource URIModeExplanation
AA normal -- user A belongs to group A and has normal user right to all the resources
AAnormal*allowSame as above
BAadmin--user B has admin rights in group A to all the resources
BBnormal--user B has normal rights to group B on all resources
BBadmindoc1.txtallowIn addition to above user B has admin rights to the resource doc1.txt
AAadmindoc1.txtallowUser A has admin rights to the same document through group A
CBnormal- User C has normal rights in group B
*Badmin*allowAll users has been given admin rights to all the resources in group B
CBnormaldoc2.txtdenyUser C has been restricted the access to the doc2.txt in group B (overrides the above)

Attachments

  Page Info My Prefs Log in
This page (revision-15) last changed on 18:24 25-Mar-2017 by Mikko Wuokko.
 

Referenced by
...nobody

JSPWiki v2.4.102
[RSS]