Assume I have a schema defined with the 4 following entities:
Users
-> Timeline (fk: userId)
-> Entries (fk: timelineId)
-> Tags (fk: entryId), where fk means foreign key.
Now, let's say I want to check in the web application if a user has permission to delete a particular tag. Right now I use Basic Authentication, check if the user's email // password exist in the database, and if so, grab the userId.
Because of the userId only existing on the Timeline entity, I feel like I'd need to do the following:
DELETE t.* FROM `tags` AS t
INNER JOIN `entries` AS e ON t.entryId = e.id
INNER JOIN `timelines` AS tl ON e.timelineId = tl.id
WHERE
tl.userId = ? AND
t.id = ?
This approach works, but I feel like it would be inefficient. Instead, I could add a userId FK to every single table such as the tags, but that also seems like a maintenance nightmare.
I can't think of any other approaches other than implementing some other type of permission system, such as using an ACL. Any suggestions?
I think you can choose from a few options:
Basically and in general it's a compute / storage tradeoff I think. You either compute permissions every time or store them pre-computed somewhere, which means you need to re-compute them sometimes (but probably not all the time).
The right solution depends on your exact scenario. My experience is that in most cases it's not worth to fix something that is not broken yet (unless of course you know it will not work that way in the scenario you want to use it in).
Check out foreign keys here . You can simply add relationships through MySQL to the other tables, and cascade delete when the parents get removed.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.