Hi,
I want to design a usergroup with authority system.
e.g. I have 3 modules in which each module has 4 functions: View, Create, Edit and Delete.
If the user is registered under that usergroup, and this usergroup has the rights to perform above 4 functions in one module, he can execute those 4 functions in that module, but not other 2 modules except his group can obtain proper rights.
Here are my DB schema:
User table
Userid int PK
Username nvarchar
Usergroupid int
Usergroup table
Usergroupid int PK
Usergroupname nvarchar
Parentgroupid int // one group may under other group
FunctionRightID int // FK of the function name and action
FunctionRight table
FunctionRightID int PK
FunctionName nvarchar
View bit // 0 is allowed to view; 1 is not allowed to view
Create bit
Edit bit
Delete bit
So, the function code will check the user permission by checking the usergroup and functionright tables.
I want to have a log table to record the action of user.
Log table
logid int
userid int
username nvarchar
usergroupname nvarchar
funtionname nvarchar
actionname nvarchar // View/Create/Edit/Delete
result bit //0 is sucess; 1 is fail
My questions are
- Any better way to do the user authority? How should I improve the 3 tables schema?
- How to do coding to check right of each action View/Create/Edit/Delete when the user execute them?
- I do not know how to deal with the actionname of the log table. Because it is a setting of bit of the 4 funtions in FunctionRight table. But, I just want to show whether the action of that function is success or not.
Thanks for help
