0

I'm designing a database that holds the information for users of three diferentes apps that share the access to the data trough an API. For every user i'm storing credentials, profile and roles.

What I'm looking forward to have should accomplish the following requirement:

Some users need to have access to more than one app. The user will have diferent roles or permissions to access certain resources or protected views in every app. The user should be able to login into every app using a unique set of username/password credentials.

This is the schema I've come up with so far: enter image description here

Let me give a brief explanation of it:

  • Every user has access to a certain apps trough the app_access table
  • Every app is composed by a set of resources
  • A user may have one or more roles
  • Every role is composed by a set of permissions
  • Every permission specifies the actions available for that role over a resource of a specific app.

I want to know if this schema is good to accomplish what I need? Are there any know patterns for this requirement? What could be improved in my design?

Francisco Hanna
  • 109

0 Answers0