Best practice for Permission database structure in a 3 Level Menu


I need to create a Menu with 3 level in my web application and I want to be able to manage permission for every item in any level.

Can someone tell how should I build my database structure and queries to do so.

Ex :

      |_ Menu1_1
      |_ Menu1_2
      |_ Menu2_1
      |_ Menu2_2
                 |_ Menu2_2_1

I want user1 to have access to everything in Menu1 but only Menu2_1 of the menu 2
I want user2 to have access to Menu2_2_1 in Menu2_2 but not Menu1 and Menu2_1

Who is Participating?
QPRConnect With a Mentor Commented:
sounds complicated. Will the user with no permissions still be able to see the forbidden menu items?
If not then you could have all the menu items in a table and a column within that table that has a security level.
A separate user table could also have a column that notes their security level.
Inner join these tables on security level and you have your menu item.
Then you have to work out how to build your page around the menu items that may or may not be in your SQL results.

If you show the menu items regardless of the current users permission then you could put the permitted items in an array along with their URLs and give the permitted menu items an <a href> tag.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.