Hi,
this is a bit of a big question, so if anyone can point me to a great tutorial or something else if its too long to answer here that would be great.
I have a MySQL database, and I want to have an ACL system to manage permissions to an object.
E.g
Customer (read | edit | update | delete)
So I was thinking I need the following tables
users
groups
users_groups (users_id, groups_id)
acl (user_id | group_id, item_id)
acl_permission (user_id | group_id, item_id, (read | edit | update | delete))
I built this, and it works, I'm just wondering if this is an OK way to do it, or if it can be simplified / improved..
Some of the queries can involve a lot of joins to say get the list of customers for user x and list all of the permissions, so maybe I'm doing something wrong.
Many thanks for any feedback..