I've been thinking about the web app I'm about to begin developing and wondering whether my usual approach could be improved.
In my last few apps I've created a table (see below) of roles (such as CREATE POST
, EDIT POST
etc.) which each have a bitfield applied to them so I can simply assign a user certain rights in registration and check them later on (e.g. $user->hasRight(CREATE_POST)
).
I'm wondering if there's a better approach to this. It's certainly confusing when the rights aren't specifically linked to the user (I could have a table where each right is a boolean column but that only sounds like a small improvement) - and what happens if I change some around?
I'm not looking to use standard libraries (the app itself is a learning experience for me: using postgresql, git etc.) although I'm perfectly happy to take inspiration from them to construct my own - so if there's something special you think I should take a look at please say so :)