Best Role-Based Access Control (RBAC) database model

Here is a simple diagram to illustrate Amr Mostafa's excellent answer

enter image description here

To my rather basic knowledge in that area, the basic actors of an RBAC are:

Resources.
Permissions.
Users.
Roles (i.e. Groups).

Resources <- require -> (one or many) Permissions.

Roles <- are collections of -> (one or many) Permissions.

Users <- can have -> (one or many) Roles.

The tables for such a model would be:

permission
role
user
role_permission
user_role

Now you might want to include resources here as well if you want users of your application to be able to configure which permissions a resource need. But I never needed that. Hope that helps.

Best Role-Based Access Control (RBAC) database model

Tags:

Permissions

Ruby On Rails

Roles

Access Control

Rbac

Related

Recent Posts