0

I am trying to set up a small database to organize permissions. I am using those four tables:

  • User, columns: UserID, Name
  • UserGroup, columns: UserGroupID, Name
  • UserGroupUsers, columns: UserID, UserGroupID
  • Permission, columns: PermissionID, UserID, UserType, Permission, PermissionValue

Rules:

  • One User can be in multiple groups
  • One Group can have multiple users
  • A permission can be part of an user but also of an usergroup.

Now I am trying to set up a constraint, whenever I delete an user or a userGroup, I also want to delete the Permission rows with a database constraint.

The relation of user and userGroup are as following:

One row of User can have multiple rows in Permissions but with the extra condition: UserType = 1.

Sames for the groups:

One row of UserGroup can have multiple rows in Permissions but with the extra condition UserType = 2.

Examples:

Table: Permissions:

PermissionID   |   UserID   | UserType | Permission | PermissionValue
---------------------------------------------------------------------
1                  1          1          MainMenu      15
2                  1          2          MainMenu      2

Row 1 representing an user-Permission of the user with userID = 1

Row 2 representing an userGroup-permission of the usergroup with usergroupID = 1.

What I tried so far:

ALTER TABLE dbo.permissions 
  ADD CONSTRAINT fk_permissionsAccounts 
  FOREIGN KEY(userID) 
  REFERENCES dbo.users(userID) 
    ON UPDATE CASCADE 
    ON DELETE CASCADE

but this one is actually wrong, since it should only happen to UserType=1

The next thing I tried, was adding a column UserType to both tables Users and Groups, including the type, but there I get the message:

the field is not part of a key.

Source on this try:

ALTER TABLE dbo.permissions 
   ADD CONSTRAINT fk_permissionsAccounts 
   FOREIGN KEY(userID, accountType)
   REFERENCES dbo.users(userID, accountType) 
       ON UPDATE CASCADE 
       ON DELETE CASCADE

I am using SQL Server 2008

I'd be happy with any suggestions. thanks in advance.

Edit for Solution:

i've edited the table:

Permission, columns: PermissionID, UserID, UserGroupID, Permission, PermissionValue.

i have set null-allowed attribute on both: UserID and UserGroupID but added a check constraint which only allows one of both fields to be filled, other has to be null:

ALTER TABLE dbo.permissions
WITH CHECK ADD  
CONSTRAINT chk_permissions
CHECK  (
       ([AccountID] IS NULL AND [AccountGroupID] IS NOT NULL) OR 
       ([AccountID] IS NOT NULL AND [AccountGroupID] IS NULL)
        )

now i was able to add my default constraints:

ALTER TABLE dbo.permissions 
  ADD CONSTRAINT fk_permissionsUsers
  FOREIGN KEY(userID) 
  REFERENCES dbo.users(userID) 
    ON UPDATE CASCADE 
    ON DELETE CASCADE

and:

ALTER TABLE dbo.permissions 
  ADD CONSTRAINT fk_permissionsUserGroups
  FOREIGN KEY(userGroupID) 
  REFERENCES dbo.usergroups(userGroupID) 
    ON UPDATE CASCADE 
    ON DELETE CASCADE
Improve this question
3
  • So if UserType is 2, is in fact UserID meant to contain a UserGroupID from the UserGroup table rather than an actual UserID from the User table? If not, I'm not sure I understand this structure Commented Jan 23, 2015 at 14:05
  • yes, correct. i will add an example to the question. Commented Jan 23, 2015 at 14:07
  • Then I'd strongly recommend the two column approach advocated by Rhys or a) Give it a name that clearly indicates it will be either a user or a group ID, or b) Give it a name that is strictly neutral on what type of ID it contains. Commented Jan 23, 2015 at 14:33

1 Answer 1

Reset to default
2

Can you change the table design a little? If you add UserGroupId to the Permission table then this becomes much simpler. There is no need for the UserType column (unless you want it of course). Rows in the Permission table would have either a UserId or a UserGroupId, but not both (a check constraint can enforce this).

Also, as noted by @Damien_The_Unbeliever, using a column called UserId to hold either a UserId or a UserGroupId is not ideal. If you have to do this then change the name of the column to prevent confusion.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

thanks for the suggestion, i will try to solve this via check constraint. but mainly the database table design was a team descision, in the first, (without the constraints) this was an easier understanding somehow. i will give feedback on monday. i really appreciate this. thanks.
i tried the it this way and it worked out. i have edited the question. thanks again.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.