creating permission,entity table
mapping each permission with user table to take out the permission
all the values stored in the table converted to binary and those number decides the permission
Code: Select all
User 1
Value Permission
Entity Read Write Delete
Report 4 1 0 0
Search 7 1 1 1
Upload 2 0 1 0
User 2
Value Permission
Entity Read Write Delete
Report 5 1 0 1
Search 6 1 1 0
Upload 3 0 1 1
and last put the user inside the group
Are there any other concept regarding the kind of security for web application