Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 309
  • Last Modified:

Best practice for Permission database structure in a 3 Level Menu


I need to create a Menu with 3 level in my web application and I want to be able to manage permission for every item in any level.

Can someone tell how should I build my database structure and queries to do so.

Ex :

      |_ Menu1_1
      |_ Menu1_2
      |_ Menu2_1
      |_ Menu2_2
                 |_ Menu2_2_1

I want user1 to have access to everything in Menu1 but only Menu2_1 of the menu 2
I want user2 to have access to Menu2_2_1 in Menu2_2 but not Menu1 and Menu2_1

1 Solution
sounds complicated. Will the user with no permissions still be able to see the forbidden menu items?
If not then you could have all the menu items in a table and a column within that table that has a security level.
A separate user table could also have a column that notes their security level.
Inner join these tables on security level and you have your menu item.
Then you have to work out how to build your page around the menu items that may or may not be in your SQL results.

If you show the menu items regardless of the current users permission then you could put the permitted items in an array along with their URLs and give the permitted menu items an <a href> tag.

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now