Hi All,

I,m currently redesigning a student information management system and need to include RBAC functionality. The roles that have been identified are registrar, student, customer, seller (salesperson), teacher, and management. Some of these will be internal users (who work for the company), such as teacher, seller, and registrar, and, therefore, will not require the recording of addresses and so on, whereas the external users will.

My initial thought was to create a generic users table that contains username and password, and then use specialisation to store the additional attributes for those users that have additional data stored.

I was wondering if anyone could recommend any books or websites that could give me some insight into creating an RBAC system. My only experience with creating databases is from university and we simply did not cover this type of model.


Any help would be greatly appreciated.

Mick

Does anyone know if it is possible to create a union view that would allow for the records to be updated. I have a database design where I'm going to have to put the usernames and passwords into various tables e.g. studnts in the student table, teachers in the teachers table etc., but I would also like to have a view that includes all usernames and passwords. It would be ideal if I could also use this view to allow passwords to be changed, but I do not know if this is possible.

Again, any help would be greatly appreciated.

Mick

Why not just use a single centralized user/principal table, and just have a usertype column to differentiate between teacher and student?

-A

Or supertype\ subtype.

Depnding on the RDBMS you can update UNIONS. In SQL Server you would use an instead of trigger.

pootle flump ur codings are working excelent.