473,324 Members | 2,196 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Suggestions for database setup

Hi - I want to provide a secure (ASP) based file browser - based on a
parent/child table of files/images etc - stored in a directory on a
server.

I want to be able to have individuals, who belong to groups, to be able
to access various folders - no problem -assign a group to the folder,
and check that that person belongs to one of the groups of the folder
before displaying it.

However, I want to go one further - rather than just 'can view/can't
view' for each individual/group for each folder, I'd like to grant
additional rights to the person to be able to modify/add/delete from
folders - but for those privileges to be set for individual folders, not
for the user as a whole. Similar to the way in which Windows Explorer
secures files and directories.

Can anyone suggest a database schema which could tackle this?

Thanks for any pointers,

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #1
3 1492
I've done something similar (not quite as complex though) with the Admin
section of my site. My solution would rely on the following database
tables:

tblUsers - provides information about the users on your system
UserID (autoincrementing primary key) - an individual User ID for each
user on your system
GroupID (one-to-many relationship from tblGroups.GroupID) - the ID of the
group the user belongs to
Username, password etc... - as neccessary for the rest of the site

tblGroups - provides information about the groups on your system
GroupID (autoincrementing primary key) - an individual Group ID for each
group you create
Group Name etc... - as neccessary for the rest of the site

tblFolders - provides information about the folders on your site
FolderID (autoincrementing primary key) - an individual Folder ID for each
folder on your system
Foldername etc... - as neccessary for the rest of the site

tblPermissions
GroupID (one-to-many relationship from tblGroups.GroupID) - the ID of the
group the permission is for
FolderID (one-to-many relationship from tblFolders.FolderID) - the ID of
the folder the permission is for
Read (Boolean) - if the group has read permission for this folder
Modify (Boolean) - if the group has modify permission for this folder
Add (Boolean) - if the group has add permission for this folder
Delete (Boolean) - if the group has delete permission for this folder

When you add a group, you'd add all neccessary information in tblGroups,
and specify the permissions for each existing folder in the tblFolders
table. If you added a new folder, then I guess you'd set a generic set of
permissions for all existing groups, and then modify them on a case-by-case
basis.

Then as an ASP file included on each page:
Since you'd have the UserID passed to each page as part of the login, you'd
be able to retrieve the ID number of the group they belong to from
tblGroups. You'd also have the ID number of the current folder. You'd then
request the Read, Modify, Add and Delete permissions from tblPermissions,
and set them to boolean variables, which you could then use to evaluate
whether or not the selected action is allowed.

If you wanted, you could also set default permissions in tblFolders. Then,
if there is no entry in tblPermissions, use the default folder permissions.

Hope this helps,
Blair

Mark <an*******@devdex.com> wrote in article
<ez**************@TK2MSFTNGP09.phx.gbl>...
Hi - I want to provide a secure (ASP) based file browser - based on a
parent/child table of files/images etc - stored in a directory on a
server.

I want to be able to have individuals, who belong to groups, to be able
to access various folders - no problem -assign a group to the folder,
and check that that person belongs to one of the groups of the folder
before displaying it.

However, I want to go one further - rather than just 'can view/can't
view' for each individual/group for each folder, I'd like to grant
additional rights to the person to be able to modify/add/delete from
folders - but for those privileges to be set for individual folders, not
for the user as a whole. Similar to the way in which Windows Explorer
secures files and directories.

Can anyone suggest a database schema which could tackle this?

Thanks for any pointers,

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Jul 19 '05 #2
It does Blair - thank you very much,

Mark

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #3
Glad to be of use.
Jul 19 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: lkrubner | last post by:
I have a webserver through Rackspace. I create a domain. I create an FTP user. I upload some files. I create a database called testOfSetupScript and then I create a database user named setup. I...
16
by: Paul Rubin | last post by:
As what must be penance for something or other, I'm needing to release a Python app for use under Windows XP. Please be gentle with me since I'm a Un*x weenie and the only thing I've had much...
3
by: Alexey Aksyonenko | last post by:
I got a server that has a RAID-5 array partitioned into C: and D: drives (OS Win2K Adv. Server installed on C:). The server also has a mapping to a NAS device using the latest protocols that trick...
2
by: Rosy Moss | last post by:
I am in the process of cleaning up a database that our company uses to track jobs, time and expense, and customer information. We are running Windows 2000 Server with approximately 20 terminals...
1
by: npverni | last post by:
I have a navigation bar user control that is very expensive to create from the database. This toolbar will only change when the user navigates to a different section (there are three in total). ...
9
by: Nemisis | last post by:
Hi everyone, hope your all looking forward to xmas. I am setting up a Sql2005 database on a Windows Server, running Windows Server 2003. The database is going to be accessed via users using an...
2
by: Aussie Rules | last post by:
Hi, I have a vb.net application that uses a SQL Express database. The end user already has SQL Express setup on there server, but they have no skills at using it. Is there a way I can have my...
3
by: =?Utf-8?B?ZGF2aWQ=?= | last post by:
Last week I asked a question about connection to database from client machine (developer machine). I have changed the database security setup for "SQL Server and Windows" under (local)Windows NT...
0
by: imusion | last post by:
Hi, I have 2 servers each running AIX and both have a DB2 database setup on them. I'm building a news management application and in our setup we need to have a staging and production setup. So...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.