On Thu, Feb 06, 2003 at 10:17:15 -0500,
Dinesh Visweswaraiah <dinesh@trailblazingsolutions.com> wrote:
> Hi Oliver,
>
> Actually the story is a little different. I used Invoice and Product
> and Quantity because everybody understands those. Reality is that
> this is a table that has AuthorizationSetId, UserId and Privileges.
> Objects in my application have a set of authorizations with specified
> userid and privileges, specifying who is permitted to do what. The
> Idea is to identify a AuthorizationSetId so that when the set of
> UserId and Privileges change, I can reuse a AuthorizationSetId rather
> than create a new one. In fact without reuse, there is no point
> in having a AuthorizationSetId in the first place.
If you are trying to group commonly associated security rights to simplify
administration, then the normal way to do this is with roles.
You have a table relating users and roles and another table relating
roles and security rights. By joining these two tables you get the
security rights for an individual user.
