?
Solved

Adding a User Account Security System of tables

Posted on 2008-11-12
3
Medium Priority
?
215 Views
Last Modified: 2012-05-05
Not sure if this was the correct thread to ask this question, but i figured it was good as anywhere
I am drawing up some preliminary dessigns of a user account security system for an application.

I will explain what I have and what I want, and someone can explain what I should need.

I was thinking I would like a User Account Security System for an application (not yet developed).

The Idea would be to have users, who belong to groups, which have x number of rights.
The administrative user would of course belong to all user groups and having all rights.

The rights would then be used to give access to users to certain functionality of the application.

I have built some preliminary tables.  See attached image of tables.
There are additional fields to be added to Users table which i have left out for simplicity.

Any ideas, suggestions, or help with the tables would be appreciative

thanks

USERS
-----------
Id
User_Name
Password
Last
First


USER_GROUPS
------------------------
Id
Group_Name
Description


USER_RIGHTS
----------------------
Id
Right_Name
Description

tables.jpg
0
Comment
Question by:geocoins-software
  • 2
3 Comments
 

Author Comment

by:geocoins-software
ID: 22946022
Sorry, I forgot to mention......i am not sure how i would implment the User Groups belonging to the Users

and/or implement the User Group Rights belonging to the User Groups

see my rework of the tables below

USERS
-----------
Id
User_Name
Password
Last
First
User_Groups (Example: 1, 3, 4, 5, 9,etc)

USER_GROUPS
------------------------
Id
Group_Name
Description
User_Group_Rights (Example: 3, 9, 21, 31)

USER_RIGHTS
----------------------
Id
Right_Name
Description


thanks  again
0
 
LVL 15

Accepted Solution

by:
mikelittlewood earned 2000 total points
ID: 22948296
I pretty much use this system geocoins-software.

I have

userLogin
-----------
userLoginID
windowsLoginName
forename
surname
userPassword
accessLevel
enabled
lastAccess
expiryDate
prevPasswords

userRoles
------------
accessLevel
description
userRoleID

userAccessRight
---------------------
userAccessRightID
functionID
description
accessRights


The user role table can have up to a maximum of 32 job roles as I use the accessLevel field to store a value that is a multiple of 2 (for bitwise operations later).
A single job role value is stored against each of the user logins.
Then the user access right table holds individual functions names with the accessRights field being a sum of all the jobs roles that can be associated with things llike pushing a button, or performing a task.

If there were 3 job roles, access level values 1, 2, 4,
then we have a function called PERFORM1 with access level 6, this means that by bitwise operations, roles 2 and 3 would be able to perform the task but not role 1

Hope this makes sense.
0
 
LVL 15

Expert Comment

by:mikelittlewood
ID: 22948685
O and if you don't want to write your own, TMS have one based on the same sort of principle which looks nice.
http://www.tmssoftware.com/site/tss.asp
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question