SQL Server:存储分层ACL数据
[英]SQL Server : Storing Hierarchical ACL Data
问题描述
I would like implement a database containing hierarchical acl data 
我想实现一个包含分层acl数据的数据库
My tables 我的桌子
-
USERS: idUser,username,...USERS:idUser,username,... -
GROUPS: idGroups,name...GROUPS:idGroups,名称... -
GROUPSENTITIES: idGroup, idChild, childType (1 for users, 2 from groups)GROUPSENTITIES:idGroup,idChild,childType(用户1个,组2个) -
ROLES: idRole,name...ROLES:idRole,名称... ROLESENTITIES: idRole, IsDeny, idChild, childType (1 for users, 2 from groups)ROLESENTITIES:idRole,IsDeny,idChild,childType(1个用于用户,2个来自组)Every user can belong to 0 or more groups
每个用户可以属于0个或多个组 - Every group can belong to 0 or more groups 每个组可以属于0个或更多组
- Every user and every group can belong to 0 or more roles and roles can be allowed or denied 每个用户和每个组可以属于0个或多个角色,并且可以允许或拒绝角色
- If an explicit deny is found, role is denied 如果找到明确的拒绝,则拒绝角色
How can I store this kind of data? 如何存储此类数据? Is my design correct? 我的设计正确吗?
Is it possible retrieve a list of users with all allowed roles? 是否可以检索具有所有允许角色的用户列表?
Can you please write me a query (T-SQL based) for extract this information from db 您能给我写一个查询(基于T-SQL)从数据库中提取此信息吗?
thanks in advance 提前致谢
1 个解决方案
解决方案1
0 2013-08-17 22:52:57
You can write the tables as you would expect. 您可以按预期编写表。 For instance, to get all the users in a group, when there are hierarchical groups, you would use a recursive CTE. 例如,要获得一个组中的所有用户,当存在分层组时,可以使用递归CTE。 Assume the group table is set up as: 假设组表设置为:
create table groups (
groupid int,
member_userId int,
member_groupid int,
check (member_userId is NULL or member_groupid is null)
);
with usergroups as (
select groupid, member_userid, 1 as level
from groups
union all
select g.groupid, users.member_userid, 1+level
from users u join
groups g
on u.member_groupid = g.groupid
)
select *
from usergroups;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.