Hi everyone, just wanted everyone's opinion on one of our process. We have multiple categories for which we have different set of user roles.
They are stored in DB like category 1 -> category 1 roles with their users. And the count of rows is roughly 4000 in production.
Role are 1 till Role 11.
Categories are like 100+ and there can be multiple users for a role.
Also, we have few user groups for few of our oversight roles so whenever there is change we add or remove users from group.
So the thing is for Role 1 - Role 6 we are checking throughout application by querying the record with a batch size of 1 and with a single field, if it returns we believe the user has that set of access and we show the screen accordingly.
For the rest we use if they are part of user groups and show the content accordingly.My question is what would be a better approach for this? To have groups for all roles and then whenever there is a change add/remove in all user groups? Won't the process be heavy for adding and removing for all roles type, there are total 11 and we have to query based on group and add or remove by checking difference db and groups? Or we can disband all user groups and just use query from record alone to check this?
isUserMemberOfGroup - gives me less than 1ms
query from record is variable in the range of 20ms - 60 ms.
Discussion posts and replies are publicly visible
Going for records will be better in this case. You can have all the users in the table along with the role and category they belong to. And in your application you can do query record to have the security checks. Additionally if there is any change add/remove, you need to just modify the table and sync the record.
In future if categories or roles are added then also it will be easier to manage without going back to groups and updating the code everywhere.