architecture - What are some architectural best practices to consider when designing a point-based permissions system like uses?

-

stack overflow has points-based permissions system determines lot of things on site, such can edit , ability add new tags system.

what advice, regards architectural implementation, give designing such system? store permissions? how use these permissions determine fields appear editable in view? there open-source code examples study from?

with regards ownership or sharing of object model such question or document, pros/cons of storing reference owner on object's model versus storing reference object in account model? e.g.

document = { id:          21234,              owner_id:    4d3ca9f1c067,              shared_with: [a50d1e000138, 4d3ca9f1c067a, 50d1e000138] }

vs.

user = { id:              4d3ca9f1c067,          documents_owned: [21234, 31452, 12312],          collaborates_on: [23432, 43642, 12314, 23453] }

store permission in separate model permission-required points pairs.

in view, determine whether logged-in user has sufficient permissions per item display, referring permissions model described above.

model options: i'd prefer former since (1) has simpler, flatter structure, no nested loops through user table when listing questions, , (2) deleting document not entail updating user object. (unless score drops when doc deleted or such.)


Comments

Post a Comment

Popular posts from this blog

Javascript line number mapping -

-
magically formatted comments change reported line number of javascript errors in browsers; this: //@line n "f" n line number , f file name. unfortunately, //@line appears ungoogleable. know there documentation on feature, , browsers support it? (i found references here , here .) from can find available in mozilla based browsers. it using js_setoptions command can turn these options on or off depending on values passed. https://developer.mozilla.org/en/js_setoptions
Read more

c# - Is it possible to remove an existing registration from Autofac container builder? -

-
something along lines: builder.registertype<mytype>().as<itype>(); builder.registertype<mytype2>().as<itype>(); builder.deregistertype<mytype>().as<itype>() var container = builder.build(); var types = container.resolve<ienumerable<itype>>(); assert.istrue(types.count == 1); assert.istrue(types[0].gettype == typeof(mytype2)); scenario: go through bunch of assemblies , go register types want make sure have 1 implementation of given type. need before create container. track on own nice if autofac me bit. this cannot done directly using containerbuilder , unless start on new one. mind you, having first built container should able construct new container filtering away unwanted types , reusing registrations first container. this: ... var container = builder.build(); builder = new containerbuilder(); var components = container.componentregistry.registrations .where(cr => cr.activator.limittype != typ...
Read more

php - Mysql PK and FK char(36) vs int(10) -

-
i have read mysql can handle indexes , searches better if tables keys integers rather char(36) uuid's. is worth converting int(10)? note: use 1 server , have have plans use multiple databases concurrently therefore removing 1 of big reasons using uuid. our tables innodb if makes difference. thanks in advance. usually rdbms can handle integer keys pk more efficient, other datatypes. reason how build index column, yes: long dont require string (or other typed) keys, should use integers. however: char(36) , int(10) far away being equal, because int(10) much smaller, char(36). dont know, if require many different keys, should keep in mind. update, complete last paragraph: int(10) 32-bit, char(36) 36 - ^byte^ (= 288-bit). not mean, int consumes less space, means, char(36) has 4 times more different keys.
Read more