tags:

views:

91

answers:

2
+4  Q: 

put login and password in one table or in multiple tables for each type of user ?

I have different 3 types of users and each type of user can have columns and relationships with tables that another type doesn't, but all of them have login(Unique) and password,
how would you do:

  • create a table for each type or
  • create one table for all of them or
  • create a table for all of them only for login and password and separate for all the other things and bind them with a FK
  • something else
+10  A: 

Number 3 is the best of the options you suggested (updated slightly for clarification):

  • create a table for all of them for login and password and anything else that is shared and a separate table for all the other things that are not shared and bind them with a FK

Except don't store the password, store a hashed version of a salted password.

An alternative might be to assign groups and/or roles to your users. This might be more flexible than a fixed table structure, allowing you to add new roles dynamically. But it depends on your needs whether this is useful for you or not.

As Aaronaught pointed out, in the main table you need an AccountType to ensure that a user can only have one of the roles. You must remember to check the value of this column when joining the tables to ensure that a user has only one role active.

A unique constraint on the foreign key ensures that a user can only have a role once.

Mark Byers  2010-02-17 21:02:54
one thing with this option is that there is no constraint to stop two rows from 2 different user types tables to reference the same row in in the "login_password" table
Omu  2010-02-17 21:12:03
@Omu: Put a `UNIQUE` constraint on that column in each FK table, and use a discriminator column (`AccountType`) in the main table. You should have the discriminator anyway, it's critical for efficiency (and Mark, I think you should add this).
Aaronaught  2010-02-17 21:16:38
@Aaronaught: Good point. When I originally posted my answer wasn't clear that each user could only have one role, but I can see that now from Omu's comments.
Mark Byers  2010-02-17 21:23:27
@Aaronaught could you explain that, if i have this schema: Account(AccountID, login, password, UserType(this is char cuz i need to know the usertype for this account)) UserType1(id, AccountID, ...) UserType2(id, AccountID,...) how do you do what you said ?
Omu  2010-02-17 21:27:14
how is the AccountType in the main table going to prevent a user from having multiple roles ? this doesn't create a constraint
Omu  2010-02-17 21:43:00
@Omu: Excellent question! The answer is perhaps not obvious, so I'll put this into my post: When you join, check the account type as part of the join condition. Don't just check if the user exists in the table.
Mark Byers  2010-02-17 21:45:18
so the Unique key constraint on each column AccountID FK from the UserTypes Tables ensures that a UserType can reference one Account and the join condition will help to obtain zero rows from the UserTypes table which is not of the specified AccountType, but it is still possible to insert ONE row in each UserType table that is going to reference same row in Account table, although if we write the join with the AccountType condition we aren't going to get the bad data from the DB
Omu  2010-02-17 21:59:34
Omu: Yes, you can insert the row but it will never be fetched if the AccountType is incorrect.
Mark Byers  2010-02-17 22:02:59
I did it like this: http://consultingblogs.emc.com/davidportas/archive/2007/01/08/Distributed-Keys-and-Disjoint-Subtypes.aspx
Omu  2010-02-18 12:20:19
+2  A: 

I had this exact question when building a recent system. Here's a thread that was super-helpful for me: http://stackoverflow.com/questions/600684/object-oriented-like-structures-in-relational-databases.

I went with the disjoint subtypes solution, described well here: http://stackoverflow.com/questions/561576/polymorphism-in-sql-database-tables/561960#561960

Alex  2010-02-18 05:23:30
I see, that solution, is the perfect one from the constraints point of view, but I think it's going to be slower and I'm going to have more trouble with all those compound FK
Omu  2010-02-18 09:19:33
noup :), it's actually better, I need my DB consistent
Omu  2010-02-18 11:10:20

related questions

What language do you use for Postgresql triggers and stored procedures?
Are Multiple DataContext classes ever appropriate?
Which tools do people use to create Data Dictionaries?
Any experiences with Protocol Buffers?
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
How do I index a database field
How does database indexing work?
How do I connect to a database and loop over a recordset in C#?
Editing database records by multiple users
Object Oriented vs Relational Databases
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
Embedded Database for .net that can run off a network
Connect PHP to an AS/400
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
.NET Migrations Engine
Is there a version control system for database structure changes?
SQLite and XSD
How do I version my MS SQL database in SVN?
XSD DataSets and ignoring foreign keys
Flat File Databases in PHP
Throw Error In MySQL Trigger
Binary Data in MySQL