Menu
I want to design a user/role system:
The users have a name and a password and then the user can have several roles like Admin.
For this I created a schema like this:
Users:
CREATE TABLE [dbo].[Users]
(
[id] [int] NOT NULL,
[name] [nvarchar](50) NULL,
[password] [nvarchar](50) NULL,
CONSTRAINT [PK_Users] PRIMARY KEY CLUSTERED ([id] ASC)
)
Roles:
CREATE TABLE [dbo].[Roles]
(
[id] [int] NOT NULL,
[name] [nvarchar](50) NULL,
CONSTRAINT [PK_Roles] PRIMARY KEY CLUSTERED ([id] ASC)
)
user_roles:
CREATE TABLE [dbo].[User_Roles]
(
[id] [int] NOT NULL,
[User_id] [int] NOT NULL,
[Role_id] [int] NOT NULL,
CONSTRAINT [PK_User_Roles] PRIMARY KEY CLUSTERED ([id] ASC)
)
My question is: should I use foreign keys User_Roles.User_id -> User.Id
If yes why?
582
Not quite sure what you mean, but...
User_Roles should have 2 columns only User_id and Role_idUser_Roles User_id is a foreign key to Users.id
Role_id is a foreign key to Roles.id
Edit: Now I understand. Yes, always use foreign keys
Also...
password is nvarchar(50), this implies plain text. This is bad.
name values in Users, how do you know which user is which? Edit after comment after primary key creation...
CREATE TABLE [dbo].[User_Roles]
(
[User_id] [int] NOT NULL,
[Role_id] [int] NOT NULL,
CONSTRAINT [PK_User_Roles] PRIMARY KEY CLUSTERED ([User_id], [Role_id]),
CONSTRAINT [UQ_ReversePK] UNIQUE ([Role_id], [User_id])
)
Spring Security makes this recommendation:
create table users(
username varchar_ignorecase(50) not null primary key,
password varchar_ignorecase(50) not null,
enabled boolean not null
);
create table authorities (
username varchar_ignorecase(50) not null,
authority varchar_ignorecase(50) not null,
constraint fk_authorities_users foreign key(username) references users(username)
);
create unique index ix_auth_username on authorities (username,authority);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
