Complex Schemas for Authentication?

19 views

ObjectIdmodelrefs

Skip to first unread message

Nejc Vukovic

unread,

Dec 22, 2015, 9:26:39 AM12/22/15

to Mongoose Node.JS ODM

Hi there to the whole group!

I have a simple (for you l33t mongoose developers ) question I would like to get some help with.

The whole picture looks like this:

I have 5 collections (USER , GROUPS , SECTIONS , ROLES , RIGTHS )in MongoDB and I need to interconnect them in a way that complex authentification is possible.

USER: to this collection a document - user can be added and this is the main document I would like to authenticate then

GROUPS: documents consist of one or more sections - a group has one or more SECTION bind to the "GROUP name" property

SECTIONS: sections of the site that can be seen

ROLES: like "admin" , "user",...

RIGHTS: are the rights that are allowed ( I would like to make them read only )

So what I want to do is: create a user that is a part of a group that has 2 or more SECTIONs added ( user can see section blog and section contact) to them and then set different ROLES for the SECTIONS.

In one SECTIONS he/she would be a "admin" and the other only "user". NOTE: the user can also be a part of 1 or more GROUPS and for the different GROUPS different SECTIONS and ROLES apply.

I'm not asking for any solutions on the spot, but some help how to start.

In fact any light on the topic or referral would help a ton.

Regards from Austria,

nVVEBd

Richard Bateman

unread,

Dec 22, 2015, 11:50:15 AM12/22/15

to mongoo...@googlegroups.com

At first glance, it looks very much to me like you are trying to design for a SQL database and then shove it into a mongoose database, rather than trying to design something that is actually appropriate for a mongodb database.

First let me start by saying that there is no reason that what you're describing couldn't work as you explain it, it just won't be particularly efficient and it won't scale very well. If you ever find yourself building a mongodb database which could be described using terms like "3rd normal form" (https://en.wikipedia.org/wiki/Third_normal_form) then you are most likely Doing It Wrong. Mongodb schemas by necessity tend to be denormalized in order to reduce complexity of "joins". That's not to say that there isn't a place for what you might term a "foreign key", but it should be avoided except when there is a really good reason.

Knowing very little about your actual use cases and implementation, my first gut reaction would be to suggest something like this:

User contains an array of GROUP names and an array of SECTION names, both of which are indexed. Any time you add a section to a group, you also execute a query to add that section to all USER documents which belong to that group. This paradigm may break down when you have to start tracking what happens when you remove sections from a group which might belong to other groups that the user also belongs to... but it's the right general idea.

ROLES would probably just be an array on USERS. Similarly RIGHTS.

If you find yourself needing to do a lot of queries in order to get the info you need you should probably rethink your design; also, if you find that the more you rethink it the more you find you can't do it any other way, you might want to consider using a SQL database.

Finally, and this is just my opinion, I wouldn't consider this the best forum for a discussion like this; this group is specific to mongoose, and your question is actually nothing directly to do with mongoose except that it involves using mongodb and mongoose is a tool for using mongodb. I'd probably see if you can find a place where mongodb users discuss such things. That's just a recommendation -- I have no official standing to make any kind of policy decisions on this group, so I'm certainly not telling you you can't ask it here -- but I suggest you'd be more likely to get useful responses.

This article seems to have a lot of the relevant information that might help you:

http://blog.mongodb.org/post/87200945828/6-rules-of-thumb-for-mongodb-schema-design-part-1

Good luck,

Richard

GradeCam

--
Documentation - http://mongoosejs.com/
Plugins - http://plugins.mongoosejs.com/
Bug Reports - http://github.com/learnboost/mongoose
Production Examples - http://mongoosejs.tumblr.com/
StackOverflow - http://stackoverflow.com/questions/tagged/mongoose
Google Groups - https://groups.google.com/forum/?fromgroups#!forum/mongoose-orm
Twitter - https://twitter.com/mongoosejs
IRC - #mongoosejs
---
You received this message because you are subscribed to the Google Groups "Mongoose Node.JS ODM" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongoose-orm...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all

Reply to author

Forward

0 new messages