Do roles need groups for roles?

B

BonBon Slick2018-02-09 10:01:08

Software design

BonBon Slick, 2018-02-09 10:01:08

Is it worth doing in a large project that will be broken into microservices in the future, groups for user roles, or is it better to leave the connection directly User->Role?
An example would be:
User->RoleGroups->Roles The
user belongs to the administrators and moderators groups, for example there will be forum moderators and chat moderators, like moderators, but different, but the group is one, moderator .

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

S

Sergey Zimoglyadov, 2018-02-11
@BonBonSlick

It is better to lay initially such an opportunity, you can look towards RBAC.
In my opinion, this User->RoleGroups->Roles is not a very good implementation.
Better to do something like User->Role->Permission, ie:
User - user
Role - role (administrator, moderator)
Permission - access level (editing, deleting, etc.).
But the Role must be in a hierarchy, for example admin -> moderator -> user -> guest, where:
- Guest view posts
- User can create, edit his post
- Moderator can create, edit all posts
- Admin can create, edit and delete all posts

B

bullock, 2018-02-09
@bullock

It makes no sense to produce extra entities until it is necessary.