Security Model
Now that I have users, I can have the notion of ownership, and once granted ownership users will want to play with visibility and share with limited groups. This all gets very excited.
So what is the correct data model?
This post is just a mental note to self, of my current reasoning. I’d like to sleep on it before implementing.
Keep It Simple
Flat table, user_id, kount_id, permission_type, all ints.
It is a simple lookup to see if someone has the right permission. If the types of permissions permutates then I can do that without DB changes.
The open question is; Does this model scale? and how far?
I am a long way from needing to scale, and a simple, flat table should be relatively easy to migrate should a better, more scalable model, present itself.
I will ask one smart person about this before implementing. (This is a promise to all my future users who will not suffer from the capacity type problems plaguing Twitter)
Stay tuned, I’ll write more about this topic, soon.
Leave a comment