Search
Search

Model design for a user who can have roles at multiple organizations

Roy Prins Published at Dev
23
Roy Prins

I need a Django model where a User can have a Function with any number of Organisations. His permissions (change, view, delete) with the organization are determined by his Role. I am pretty sure I only need an "admin" and a "member" role.

This would require row-level permissions, so I decided to go with django-guardian. I am having trouble choosing the proper model design. These are the alternatives

enter image description here

The first one would have the advantage of creating new roles, but I don't think I need that. Also I can enforce unique_together so that a User can only have 1 function at every company. Would I set the can_change permission at the Role and infer the row level permission based on the relation between User and Organization? The would mean I do not even need django-guardian, right?

The second one looks much simpler, but maybe that is deceptive. The permissions would have to be set as soon as a User is added to an Organization and are definitely row-level.

What is the right strategy here?

To clarify: in both cases a user can be an admin of one organization and simply a member of another organization.

Neil McGuigan

Use the Party Model.

A user is not a person, it's a user. Person and organization are parties. A party hasOne (or no) user.

A person hasMany (many2many) relationships with an organization:

Individual -< Relationship >- Organization

Organizations can have relationships with each other too.

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at
0

Comments

0 comments
Login to comment

Related

Users in Multiple Organizations with Different Roles

Multiple roles in 'User.IsInRole'

Chef: can a node be shared across multiple organizations?

Database Design when Admin and Employee have similar roles except Admin can see all the other Employees Data

Multiple Roles for a User belonging to multiple Organizations

MVC design - Can I have domain model validation in the Controller class?

How can I ensure that all organizations have signed the chaincode to install?

Can a github repository be part of multiple organizations?

Hyperledger Fabric: How can a user be expected to have ca certificates of other organizations when trying to invoke chaincode?

Generating a Django Model that can have multiple values in one field

User with multiple roles and multiple teams database design

How to have a user who can 'su' to another user but not allowed to 'su' root

Can a user who doesn't have permission to read a directory still read files inside it?

Why can user have lower permissions than group or other? Who can change them?

Can't retrieve user roles

Multiple User Roles in Authorize

Can a Linux user have multiple primary user groups?

How can I get the uid who have the same set of friends of one user? (SQL)

Can a single Gherkin scenario have multiple user roles?

Can i know email id's of user who have installed my app from playstore

User roles and what they can see

Kubernetes ServiceAccount have roles and rolesbinding permissions can't create roles

How can a model have multiple keys with the same type of models as values?

In django how to model an invoice which can have multiple items?

Displaying users who fit multiple roles discord.js

Laravel 8.x - Filtering users based on roles when a user have multiple roles

How can I have multiple instance of a Class/Model in SwiftUI?

Can in a relational data model, a single column have multiple data types?

Can't give multiple roles with dropdown roles

TOP Ranking

  1. 1

    pump.io port in URL

  2. 2

    Loopback Error: connect ECONNREFUSED 127.0.0.1:3306 (MAMP)

  3. 3

    Can't pre-populate phone number and message body in SMS link on iPhones when SMS app is not running in the background

  4. 4

    How to import an asset in swift using Bundle.main.path() in a react-native native module

  5. 5

    Failed to listen on localhost:8000 (reason: Cannot assign requested address)

  6. 6

    Spring Boot JPA PostgreSQL Web App - Internal Authentication Error

  7. 7

    ngClass error (Can't bind ngClass since it isn't a known property of div) in Angular 11.0.3

  8. 8

    Using Response.Redirect with Friendly URLS in ASP.NET

  9. 9

    Can a 32-bit antivirus program protect you from 64-bit threats

  10. 10

    Double spacing in rmarkdown pdf

  11. 11

    How to fix "pickle_module.load(f, **pickle_load_args) _pickle.UnpicklingError: invalid load key, '<'" using YOLOv3?

  12. 12

    3D Touch Peek Swipe Like Mail

  13. 13

    Bootstrap 5 Static Modal Still Closes when I Click Outside

  14. 14

    Assembly definition can't resolve namespaces from external packages

  15. 15

    Vector input in shiny R and then use it

  16. 16

    Emulator wrong screen resolution in Android Studio 1.3

  17. 17

    Svchost high CPU from Microsoft.BingWeather app errors

  18. 18

    Graphics Context misaligned on first paint

  19. 19

    Python connect to firebird docker database

  20. 20

    Is this docker-for-mac password dialog legit?

  21. 21

    How to save models trained locally in Amazon SageMaker?

HotTag

Archive